DATABASE RESOURCES PRICING ABOUT US

{"id": "MACOSX_10_11.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)", "description": "The remote host is running a version of Mac OS X that is 10.6.8 or later but prior to 10.11. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - Address Book\n - AirScan\n - apache_mod_php\n - Apple Online Store Kit\n - AppleEvents\n - Audio\n - bash\n - Certificate Trust Policy\n - CFNetwork Cookies\n - CFNetwork FTPProtocol\n - CFNetwork HTTPProtocol\n - CFNetwork Proxies\n - CFNetwork SSL\n - CoreCrypto\n - CoreText\n - Dev Tools\n - Disk Images\n - dyld\n - EFI\n - Finder\n - Game Center\n - Heimdal\n - ICU\n - Install Framework Legacy\n - Intel Graphics Driver\n - IOAudioFamily\n - IOGraphics\n - IOHIDFamily\n - IOStorageFamily\n - Kernel\n - libc\n - libpthread\n - libxpc\n - Login Window\n - lukemftpd\n - Mail\n - Multipeer Connectivity\n - NetworkExtension\n - Notes\n - OpenSSH\n - OpenSSL\n - procmail\n - remote_cmds\n - removefile\n - Ruby\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - Security\n - SMB\n - SQLite\n - Telephony\n - Terminal\n - tidy\n - Time Machine\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "published": "2015-10-05T00:00:00", "modified": "2019-06-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 10.0}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 2.2, "impactScore": 3.6}, "href": "https://www.tenable.com/plugins/nessus/86270", "reporter": "This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5913", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5862", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5881", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5820", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5865", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5887", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5922", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5879", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5798", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3330", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2305", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5827", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2783", "https://support.apple.com/en-us/HT205267", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5813", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5789", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8090", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5869", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3329", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5888", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5901", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5814", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5896", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5840", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5891", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5765", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5851", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5870", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5914", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5790", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5882", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5864", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788", "http://www.nessus.org/u?76b3b492", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5810", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5806", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5875", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5874", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5807", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5858", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5873", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5823", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5797", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9705", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5815", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5855", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5792", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5816", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5791", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2348", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2301", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7760", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3801", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5767", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5802", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5804", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5819", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5849", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5764", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5889", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5811", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5897", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5831", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5839", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5884", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5523", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5860", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5824", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5854", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5808", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5899", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5821", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5912", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5853", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5902", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5796", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5872", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1351", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5800", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5803", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5795", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5793", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5917", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5847", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5825", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2787", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7761", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5828", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5877", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5903", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5799", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5817", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5830", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5900", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1855", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5863", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3951", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5836", "http://www.nessus.org/u?c7a6ddbd", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5805", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5868", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0273", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3785", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5890", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5893", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5894", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5871", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5915", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5833", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5878", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5812", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5866", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5826", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5841", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9425", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5867", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5885", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8611", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5522", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5883", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5818", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5842", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1352", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5780", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5876"], "cvelist": ["CVE-2013-3951", "CVE-2014-2532", "CVE-2014-3618", "CVE-2014-6277", "CVE-2014-7186", "CVE-2014-7187", "CVE-2014-8080", "CVE-2014-8090", "CVE-2014-8146", "CVE-2014-8147", "CVE-2014-8611", "CVE-2014-9425", "CVE-2014-9427", "CVE-2014-9652", "CVE-2014-9705", "CVE-2014-9709", "CVE-2015-0231", "CVE-2015-0232", "CVE-2015-0235", "CVE-2015-0273", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-1351", "CVE-2015-1352", "CVE-2015-1855", "CVE-2015-2301", "CVE-2015-2305", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3329", "CVE-2015-3330", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3785", "CVE-2015-3801", "CVE-2015-5522", "CVE-2015-5523", "CVE-2015-5764", "CVE-2015-5765", "CVE-2015-5767", "CVE-2015-5780", "CVE-2015-5788", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5798", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5808", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5820", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5824", "CVE-2015-5825", "CVE-2015-5826", "CVE-2015-5827", "CVE-2015-5828", "CVE-2015-5830", "CVE-2015-5831", "CVE-2015-5833", "CVE-2015-5836", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5841", "CVE-2015-5842", "CVE-2015-5847", "CVE-2015-5849", "CVE-2015-5851", "CVE-2015-5853", "CVE-2015-5854", "CVE-2015-5855", "CVE-2015-5858", "CVE-2015-5860", "CVE-2015-5862", "CVE-2015-5863", "CVE-2015-5864", "CVE-2015-5865", "CVE-2015-5866", "CVE-2015-5867", "CVE-2015-5868", "CVE-2015-5869", "CVE-2015-5870", "CVE-2015-5871", "CVE-2015-5872", "CVE-2015-5873", "CVE-2015-5874", "CVE-2015-5875", "CVE-2015-5876", "CVE-2015-5877", "CVE-2015-5878", "CVE-2015-5879", "CVE-2015-5881", "CVE-2015-5882", "CVE-2015-5883", "CVE-2015-5884", "CVE-2015-5885", "CVE-2015-5887", "CVE-2015-5888", "CVE-2015-5889", "CVE-2015-5890", "CVE-2015-5891", "CVE-2015-5893", "CVE-2015-5894", "CVE-2015-5896", "CVE-2015-5897", "CVE-2015-5899", "CVE-2015-5900", "CVE-2015-5901", "CVE-2015-5902", "CVE-2015-5903", "CVE-2015-5912", "CVE-2015-5913", "CVE-2015-5914", "CVE-2015-5915", "CVE-2015-5917", "CVE-2015-5922", "CVE-2015-7760", "CVE-2015-7761"], "immutableFields": [], "lastseen": "2023-01-11T15:03:08", "viewCount": 135, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["OPENSSH_ADVISORY4.ASC", "OPENSSL_ADVISORY13.ASC"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2014-3618"]}, {"type": "altlinux", "idList": ["E210B5D4B7259AFCE092F9D1D5E8FDD0"]}, {"type": "amazon", "idList": ["ALAS-2014-369", "ALAS-2014-408", "ALAS-2014-419", "ALAS-2014-439", "ALAS-2014-441", "ALAS-2014-447", "ALAS-2014-448", "ALAS-2014-449", "ALAS-2015-473", "ALAS-2015-474", "ALAS-2015-475", "ALAS-2015-493", "ALAS-2015-494", "ALAS-2015-498", "ALAS-2015-506", "ALAS-2015-507", "ALAS-2015-508", "ALAS-2015-509", "ALAS-2015-510", "ALAS-2015-511", "ALAS-2015-524", "ALAS-2015-529", "ALAS-2015-530", "ALAS-2015-531", "ALAS-2015-532", "ALAS-2015-533", "ALAS-2015-561", "ALAS-2015-562", "ALAS-2015-563", "ALAS-2015-591"]}, {"type": "apple", "idList": ["APPLE:198F1AB81F91F2CEB090B4B4D49C57AD", "APPLE:9A0B3B0DFCDD94CAF1819BEC271E3754", "APPLE:HT207598", "APPLE:HT207599"]}, {"type": "archlinux", "idList": ["ASA-201411-16", "ASA-201501-17", "ASA-201501-22", "ASA-201501-23", "ASA-201503-16", "ASA-201503-17", "ASA-201503-25", "ASA-201504-13", "ASA-201504-14", "ASA-201505-2"]}, {"type": "attackerkb", "idList": ["AKB:26BDFAC3-8C29-40D1-B3A7-C26249A3B4D7", "AKB:70FA909E-B9D0-4B61-B54F-9639E5A20E3E", "AKB:A066D5C9-115E-4AE8-97BF-BCA2D0A1B897"]}, {"type": "canvas", "idList": ["OSX_RSH_LIBMALLOC"]}, {"type": "centos", "idList": ["CESA-2014:1172", "CESA-2014:1306", "CESA-2014:1552", "CESA-2014:1911", "CESA-2014:1912", "CESA-2015:0090", "CESA-2015:0092", "CESA-2015:0715", "CESA-2015:0716", "CESA-2015:0800", "CESA-2015:1135", "CESA-2015:1218", "CESA-2015:1634", "CESA-2015:1635", "CESA-2015:2155"]}, {"type": "cert", "idList": ["VU:252743", "VU:602540", "VU:967332"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1846", "CPAI-2015-0075", "CPAI-2015-0166", "CPAI-2015-0170", "CPAI-2015-0234", "CPAI-2015-0471", "CPAI-2015-0494", "CPAI-2015-0512", "CPAI-2015-0734", "CPAI-2015-0877"]}, {"type": "checkpoint_security", "idList": ["CPS:SK102673", "CPS:SK104443"]}, {"type": "cisa", "idList": ["CISA:E8C8F007DF2A448F84459142FD8D46F7"]}, {"type": "cisco", "idList": ["CISCO-SA-20140926-BASH", "CISCO-SA-20150128-GHOST", "CISCO-SA-20150320-OPENSSL"]}, {"type": "citrix", "idList": ["CTX200217", "CTX200391", "CTX216642"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:2612C84317452E216670EAF7C553C9D4", "CFOUNDRY:29A67C6EFF8B00905B423AF785FD3E4C", "CFOUNDRY:63DB340A742A21A8EFB20A9452A0EDD2", "CFOUNDRY:C46B0B3FC4C7E34D197F6DC7E602B255", "CFOUNDRY:CAB2CABFDAEDE65A13715F0BD7B209D9"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1605798462"]}, {"type": "cve", "idList": ["CVE-2013-3951", "CVE-2014-2532", "CVE-2014-3618", "CVE-2014-3671", "CVE-2014-6277", "CVE-2014-6278", "CVE-2014-7186", "CVE-2014-7187", "CVE-2014-7227", "CVE-2014-8080", "CVE-2014-8090", "CVE-2014-8146", "CVE-2014-8147", "CVE-2014-8611", "CVE-2014-9425", "CVE-2014-9427", "CVE-2014-9652", "CVE-2014-9705", "CVE-2014-9709", "CVE-2015-0231", "CVE-2015-0232", "CVE-2015-0235", "CVE-2015-0273", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-1351", "CVE-2015-1352", "CVE-2015-1855", "CVE-2015-2301", "CVE-2015-2305", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3329", "CVE-2015-3330", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3785", "CVE-2015-3801", "CVE-2015-4644", "CVE-2015-5522", "CVE-2015-5523", "CVE-2015-5764", "CVE-2015-5765", "CVE-2015-5767", "CVE-2015-5780", "CVE-2015-5788", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5798", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5808", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5820", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5824", "CVE-2015-5825", "CVE-2015-5826", "CVE-2015-5827", "CVE-2015-5828", "CVE-2015-5830", "CVE-2015-5831", "CVE-2015-5833", "CVE-2015-5836", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5841", "CVE-2015-5842", "CVE-2015-5847", "CVE-2015-5849", "CVE-2015-5851", "CVE-2015-5853", "CVE-2015-5854", "CVE-2015-5855", "CVE-2015-5858", "CVE-2015-5860", "CVE-2015-5862", "CVE-2015-5863", "CVE-2015-5864", "CVE-2015-5865", "CVE-2015-5866", "CVE-2015-5867", "CVE-2015-5868", "CVE-2015-5869", "CVE-2015-5870", "CVE-2015-5871", "CVE-2015-5872", "CVE-2015-5873", "CVE-2015-5874", "CVE-2015-5875", "CVE-2015-5876", "CVE-2015-5877", "CVE-2015-5878", "CVE-2015-5879", "CVE-2015-5881", "CVE-2015-5882", "CVE-2015-5883", "CVE-2015-5884", "CVE-2015-5885", "CVE-2015-5887", "CVE-2015-5888", "CVE-2015-5889", "CVE-2015-5890", "CVE-2015-5891", "CVE-2015-5893", "CVE-2015-5894", "CVE-2015-5896", "CVE-2015-5897", "CVE-2015-5899", "CVE-2015-5900", "CVE-2015-5901", "CVE-2015-5902", "CVE-2015-5903", "CVE-2015-5912", "CVE-2015-5913", "CVE-2015-5914", "CVE-2015-5915", "CVE-2015-5917", "CVE-2015-5922", "CVE-2015-7760", "CVE-2015-7761", "CVE-2015-8146", "CVE-2015-8147", "CVE-2017-16844"]}, {"type": "debian", "idList": ["DEBIAN:BSA-095:A5B74", "DEBIAN:DLA-139-1:543FA", "DEBIAN:DLA-139-1:5734D", "DEBIAN:DLA-177-1:BC085", "DEBIAN:DLA-189-1:098BE", "DEBIAN:DLA-200-1:A49C4", "DEBIAN:DLA-212-1:91793", "DEBIAN:DLA-224-1:7FCBA", "DEBIAN:DLA-235-1:FDEBD", "DEBIAN:DLA-273-1:C6B60", "DEBIAN:DLA-444-1:A9010", "DEBIAN:DLA-46-1:4E2EB", "DEBIAN:DLA-88-1:4DC9E", "DEBIAN:DLA-88-1:B6B6B", "DEBIAN:DSA-2894-1:32F10", "DEBIAN:DSA-2894-1:6FCB1", "DEBIAN:DSA-3019-1:2879A", "DEBIAN:DSA-3019-1:55DB9", "DEBIAN:DSA-3142-1:A3964", "DEBIAN:DSA-3157-1:362C4", "DEBIAN:DSA-3159-1:E4038", "DEBIAN:DSA-3195-1:F4707", "DEBIAN:DSA-3197-1:88E12", "DEBIAN:DSA-3197-1:95CA8", "DEBIAN:DSA-3197-2:1B781", "DEBIAN:DSA-3197-2:E7D2C", "DEBIAN:DSA-3198-1:BFCF6", "DEBIAN:DSA-3198-2:3C21A", "DEBIAN:DSA-3198-2:D34B4", "DEBIAN:DSA-3215-1:4BBC9", "DEBIAN:DSA-3215-1:57CF8", "DEBIAN:DSA-3245-1:5F075", "DEBIAN:DSA-3246-1:69EA3", "DEBIAN:DSA-3247-1:74BC9", "DEBIAN:DSA-3252-1:580AD", "DEBIAN:DSA-3252-2:F9016", "DEBIAN:DSA-3280-1:3B96E", "DEBIAN:DSA-3309-1:B1F35", "DEBIAN:DSA-3323-1:B926B"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-2532", "DEBIANCVE:CVE-2014-3618", "DEBIANCVE:CVE-2014-6277", "DEBIANCVE:CVE-2014-6278", "DEBIANCVE:CVE-2014-7186", "DEBIANCVE:CVE-2014-7187", "DEBIANCVE:CVE-2014-8146", "DEBIANCVE:CVE-2014-8147", "DEBIANCVE:CVE-2014-9652", "DEBIANCVE:CVE-2014-9709", "DEBIANCVE:CVE-2015-0235", "DEBIANCVE:CVE-2015-0286", "DEBIANCVE:CVE-2015-0287", "DEBIANCVE:CVE-2015-2305", "DEBIANCVE:CVE-2015-2331", "DEBIANCVE:CVE-2015-3414", "DEBIANCVE:CVE-2015-3415", "DEBIANCVE:CVE-2015-3416", "DEBIANCVE:CVE-2017-16844"]}, {"type": "exploitdb", "idList": ["EDB-ID:36421", "EDB-ID:43887"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:02C4B15E9B71426F2725B0FD5AAE79D0", "EXPLOITPACK:09BAFC0653DB54EBD16EF2C94A327987", "EXPLOITPACK:3677CEA2F5D55BD8516ACA2EC17EB7DE", "EXPLOITPACK:5817D9D83B24D71B417189D58288C717", "EXPLOITPACK:6B7BF45056E8E056621094C0740275CB", "EXPLOITPACK:9199830C2B5794BCE4073DDC29B86CF4", "EXPLOITPACK:9750C06F2886431FD4242B84085D678F", "EXPLOITPACK:99988BAE0A27143CB886C29FF1A9E24F", "EXPLOITPACK:E5E7192CCB33F46D59D3D7F6810A4AD4"]}, {"type": "f5", "idList": ["F5:K15629", "F5:K15780", "F5:K16057", "F5:K16317", "F5:K16831", "F5:K16835", "F5:K16950", "F5:K16976", "F5:K17127", "F5:K17247", "F5:K35012672", "F5:K35239571", "F5:K37236006", "F5:K80285422", "SOL15629", "SOL15780", "SOL16057", "SOL16317", "SOL16318", "SOL16336", "SOL16339", "SOL16486", "SOL16714", "SOL16831", "SOL16835", "SOL16950", "SOL16976", "SOL17127", "SOL17200", "SOL17247", "SOL35012672", "SOL35239571", "SOL37236006", "SOL80285422"]}, {"type": "fedora", "idList": ["FEDORA:09F5C6091601", "FEDORA:13A9D6049716", "FEDORA:13B146087AAB", "FEDORA:13DDA6046AF9", "FEDORA:235CB60918EC", "FEDORA:2A08D6087C06", "FEDORA:2E11F6015E38", "FEDORA:333BF6016168", "FEDORA:3BC436087E40", "FEDORA:3FFBD608DDB3", "FEDORA:4E27520DE7", "FEDORA:4FE4660D05DC", "FEDORA:520AF2251C", "FEDORA:568856077DDB", "FEDORA:5DA1820D71", "FEDORA:70291601FBF4", "FEDORA:727A660499CE", "FEDORA:7B6536093B4C", "FEDORA:82A1D6048FCD", "FEDORA:82CB26079704", "FEDORA:9048F601D35F", "FEDORA:9981A609AE8A", "FEDORA:9E7E560EC260", "FEDORA:AD44C604949F", "FEDORA:AD4AB6087A49", "FEDORA:B542722173", "FEDORA:B936B608A494", "FEDORA:C3B046087CA8", "FEDORA:CA1A06087CE1", "FEDORA:CCBFD6087AA2", "FEDORA:D39826087CB1", "FEDORA:D5ADD2280B", "FEDORA:D8735611BEE5", "FEDORA:DDD696087CE5", "FEDORA:DE9A1605E18A", "FEDORA:E319A6098B3F", "FEDORA:E5F076197BE3", "FEDORA:E9B186051DF8", "FEDORA:EBF24604237F", "FEDORA:ECB566058280"]}, {"type": "fortinet", "idList": ["FG-IR-14-030", "FG-IR-15-001", "FG-IR-15-008"]}, {"type": "freebsd", "idList": ["0765DE84-A6C1-11E4-A0C1-C485083CA99C", "1E232A0C-EB57-11E4-B595-4061861086C1", "264749AE-D565-11E4-B545-00269EE29E57", "3D0428B2-FDFB-11E4-894F-D050996490D0", "4A4E9F88-491C-11E4-AE2C-C80AA9043978", "512D1301-49B9-11E4-AE2C-C80AA9043978", "742563D4-D776-11E4-B595-4061861086C1", "74DED00E-6007-11E6-A6C3-14DAE9D210B8", "81E2B308-4A6C-11E4-B711-6805CA0B3D42", "9D15355B-CE7C-11E4-9DB0-D050992ECDE8", "BD1AB7A5-0E01-11E5-9976-A0F3C100AE18", "D4379F59-3E9B-49EB-933B-61DE4D0B0FDB", "DEC3164F-3121-45EF-AF18-BB113AC5082F", "F7A9E415-BDCA-11E4-970C-000C292EE6B8"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-14:27.STDIO", "FREEBSD_ADVISORY:FREEBSD-SA-15:06.OPENSSL"]}, {"type": "gentoo", "idList": ["GLSA-201405-06", "GLSA-201410-01", "GLSA-201412-27", "GLSA-201503-03", "GLSA-201503-04", "GLSA-201503-11", "GLSA-201507-04", "GLSA-201507-05", "GLSA-201606-10", "GLSA-201607-04", "GLSA-201701-42"]}, {"type": "hackerone", "idList": ["H1:104013", "H1:131452", "H1:73234", "H1:73235", "H1:73237", "H1:73238", "H1:73239"]}, {"type": "htbridge", "idList": ["HTB23252"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20141024-01-BASH", "HUAWEI-SA-20150226-01-GLIBC"]}, {"type": "ibm", "idList": ["0139C39E0ED48888EF6FC334B5A408C62415667035711D7DAE1D3BB2BBBCA3F0", "0327D6322E348CE4D393B14A7F3A3B993755DF0E1581BE7EA7B2EB1703C132DF", "03BFD2D26D76C5E7FD24C265B3AB1C4D658726D972FB7039E562EEE0BD578CC0", "0684E6CA4C2678854DD2AF881EFBA469B9153F9B25226D0E89F7A8E363B90191", "0F73246124CA58D05064BB5D07082DCA6F2A1D48630CAAC82BCFFB4A71F45CA7", "129E5B62D60732128A0EC19397E58D4329EE7F4D46AC1C97DF6F8DFCAEB8C3C7", "12CC2B1AEAB57337E1D36E3D35D006E93F9D019551301EEB68A17B62851521CB", "1525B7B67DA5402BE989F9E37182D44E4D8FAE3BB181A2DBEA5C3A5BAB647E3B", "1552258BC602B501CB144C17FE55DEC12CEDE82B9F4351E9E4F47BE8C7003BA9", "186826DEC64CEF861CABB6400E9E91E4A3DA403061721894238F233211663F6F", "19014976708B59CA6D0D38BD53FC83A65A328CD06A0D3047C00AD7FB2745CD32", "1AB6C87822449F337525790F64ED73FED1F21D5955D5FB57AD3579D521F600BC", "1C6641956F91BACFC5632640A3A0F7C2D3293056B631EF470EE3E313F25B9DCA", "1E8933569F7AACD6AB5F73196F8930386DBFB5F49E264DAFEB5AC02CAFAFCCD1", "1F0A215E22C30EB485B1D487514AF1026F43B577C62A1AE805C2C9DCDDF2A921", "2171324C6B19D0DF9EFFC1DD0369B83F9F3908C6A3D27810A8197FF1F4359802", "221250DD6B489029C97D621490473ABEB793A5150987E9EA8B66A1F61836221E", "257FE3C03DF1EAAF4C91B06A98D64FF55D1CBD8F44963992BA87CE378431E9ED", "26A7BDE71EA4560DCB34E2D71A77E04F6BD6F1464BE7B6966FCB08892C8C99B7", "2A5E5140226F7DD38A791DE1E8EE7913E3512D8FCB1A86411DA5AFF49D8E6F4A", "2CCCFECF7034A5A1D355B5AC5A6B9921B110FA2AC9C433FE292E8D3F30B1DBB1", "38C10729B52D66D506D73699F25550ED954F6FBB1D4528C0F73FB29711CC7852", "3CC341F512B972FA400DC2567F88C930644A1B4BA4DC7920EA85D111D730075C", "3DCABB9EB85B93AD82C8E990F2404897E1E7C51A9CC17BC1229347E080169D9D", "467A4726E3E7AEF66C203B003944DA9B03EEFBD2B1D75CD15AF1455C2AF4B2E8", "494FCFB7068CB9C9CEB3FE685DE60B86133F530BABAFDA1274F0A594D23B03AC", "4EF9332DC41BD9A19557ED28E080D548C37B2564308E9B4AFC6661AE1FF86428", "4F86FCE6A6F4F4C425A9B8B38A5DA84E886B0D17EA3E74948CB4061B7FE23597", "542851630FD5F0CA12E39120280D90B66CBC639D15CC167486A7006068A5563D", "5F468E7095FD7CDC6ACB31C903D40522F03AE2C875C15B90AB7E04C796279517", "60F9C5A6A14BE367913B58DF580EE50C6C7E3396500C99E5420F6C7942C1CCBD", "6234195C7E31959F34FEEB3A01B3AE191F8EB55B62E74A9D49559D08BB9DC38C", "6395629A0E23989CD0E9ED3783BCF74F63DAC89B9CC91AB177C14ED746139287", "66E2077EC744F0C58908B64187C65DB343B9899133C02D3D2AD75F82D3A5771A", "6964DC74D7C00F0076CE970FCDCD238B596005A3E74FD77729ECDADA86E693C4", "6A9D776A5DCA8DC833373833D988E134B60F05259FF378B7B8590B9714CF2ECE", "6BED381F0625A1CEE6FF30731B3F37C8E1BC1D95ED40906A48FF91875BFEA753", "715F6FCB6F0439BFFCBB62E35AA259E82714E1A115B2957FFCD8F27BEB0EDCA6", "76ED8A969B89E917406E6428B20653B4CA4683B94EF0C818185ED8F868517B34", "78A64C39F176939E6FD5A7908A5E672F4858F0C8227A3F04047AC1A3364EDC0B", "7B8C92E9AC4C0844C5F46693E5D64A4DA51AE8805503D286BACEE2AB0D71C389", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7EAF5CB207E5D468583094D39BFEB783DDAF939EF5BB4632C3FB6CBE7F70A7E3", "8C189A4A1E730005F1F6728800F9EEB4D76D43743AEC3B91CE47044F6F13EBE4", "906C6E45A71E8A432DE51C6A94712DDA0BBA3529963A8AFA9DCFE84E05DA7425", "92653814B5AD58699CB141C05798FBA49CD5D97ED94F23B96F6DFAA714EA627D", "9362FDC04C7CF0E7E11E00C238107A825074E1BBD7D4631CDE9FBBBA3D068B3A", "95197CBE86632E54219C0C8A24673D63826A01DE30AD9A4149DAC0247F5B9DBC", "98DF90031B7BA31AA32E8B46921FD9F2DC1C82F868B4E85A245FC2D6CE4B1B9C", "9E6E674EAE28A4A9F5665135860C351D3A9A62A68CB5FA20D33C19E5EB8F053B", "9EAED1F5FB3762874ED935AF686A504F1630ADB20AA5EBFAE97EAEEEA4C0DAF8", "A6544AE2F106D4044D792AEEA71A0CA740A53B749B99628C2699395F9F087031", "A6C5FDEF17751F9D6EC0D701C42B168DAF0AFD9B01217970935FD1F4EB568753", "A8AFB71992370CD8AF9340FB766CB133288126FDA64D60A67D3B25CD154F2C52", "B0A90459D4D8B5BAF4898F53404E42E2AEA4F2105238CC68CC28BCABD00D3FD1", "B0AEB074FFA0854656EFE3CAF612805ED0F2B662B12263D2B3084481427FAB2B", "BADBBFD3B80B37BA80822E3D89F7CE0842CD6F0C0F9476386BC6B381BF85302E", "BFA15D43F646FFC5AFD437B2E4A088CDA943E32237DE20B421F42A372083D616", "C2E1B6F103D16592590804EC21CC266225CDAA4E931E62E62D9FD5256D6D1B8D", "C359E298B12358DC12E6A45A12F75C3BB2B1939DCD44D41BC06D12AB4EFD80F8", "C5F0A3013333B48D4C08CB3D13549994F17CDBB3EA06E50A46D8068D5A06FCAC", "C854D3DFD3F24731F7427D2F122E814A9AFC5BD6245867AB980A6407E71526FE", "CB24DC19BF83B822003CABDD77CA54AAE9629C8F8261C7B16048FFD862AA120B", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D765B0E424B32B58901509C0B37E90B68BD6A9A3ED95D1DE2E1DF2893F546155", "DEC8B1857975B965D873A8BB6F56B19058C4EFA0C242EB808E499279F11EE7B2", "E1A56F82327D8FB00BD84085E673D1401848A384A92C33B13DC0ED642E86946B", "E8CC192D6E15BEBE986983A316004294627ED7683B92C8AA39E3B1075CDDF8ED", "E968D5EDF80FD5A67D3FB4F777F2CF43CB076659D0CBC8ED4BEF3BDE224F50B9", "E9875BEF8E97815B76ED1D0FD7D59E5669EDACF80D617A93E84594F2257B2901", "ECF06138F829B325BA5C57FAF5FB916F90E229CE209E8C4E69FC4ABB87903647", "ED25520B668714457490EC7907530FE368D1DD7120FD7A98A7598F3BBE3A9333", "EDC5715C5D6651CB0B83A7BE2B33995248D5BE35D49BDF0E66B54D332C0E828E", "EE50B1A5AF778319698593697BE11C93BF03E19DEE9CE25FF7BD2F12582783CA", "F3CCE399EBF8E0219B3D30EEF7F522C3290C31BEBAFE8248755CFA8EE7793280", "F3D0670515A02D7CDDE09BF21416666DF78E27F0D06E2A9072A83D9BCBAABEBC", "F517D4971D3B7090FE87DD49D6C7AD2F2DC35A7C2F0FB205EA7ADD9BC7BF68A7", "FA57CDF4BCAE98CCC902592DBB4477489D30E3D19A0CC4F562C86AA81658E38D", "FAFCEEB5E7F282B7B50A41E1E44AFB4EF2A67906EA3B347157464BC9FF982A1C", "FCEEB61FFF0AA043526B3AD29A5AA38A5A5E8F0EBFEBFB7196BA2301B080971B"]}, {"type": "ics", "idList": ["ICSA-15-064-01A", "ICSA-17-094-04"]}, {"type": "intothesymmetry", "idList": ["INTOTHESYMMETRY:8F35CE932305DD8E8F7053B8A1F16EE3"]}, {"type": "jvn", "idList": ["JVN:55667175"]}, {"type": "kaspersky", "idList": ["KLA10479", "KLA10514", "KLA10515", "KLA10565", "KLA10630", "KLA10669"]}, {"type": "kitploit", "idList": ["KITPLOIT:2779031464033627796", "KITPLOIT:4066304721921583015"]}, {"type": "lenovo", "idList": ["LENOVO:PS500043-GNU-C-LIBRARY-GLIBC-__NSS_HOSTNAME_DIGITS_DOTS-FUNCTION-VULNERABLE-TO-BUFFER-OVERFLOW-GHOST-NOSID", "LENOVO:PS500043-NOSID", "LENOVO:PS500044-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2014-0143", "MGASA-2014-0373", "MGASA-2014-0394", "MGASA-2014-0443", "MGASA-2014-0472", "MGASA-2015-0040", "MGASA-2015-0090", "MGASA-2015-0111", "MGASA-2015-0134", "MGASA-2015-0169", "MGASA-2015-0178", "MGASA-2015-0190", "MGASA-2015-0234", "MGASA-2015-0286", "MGASA-2016-0116", "MGASA-2016-0120"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY-SCANNER-HTTP-WORDPRESS_GHOST_SCANNER-", "MSF:EXPLOIT-LINUX-SMTP-EXIM_GETHOSTBYNAME_BOF-"]}, {"type": "myhack58", "idList": ["MYHACK58:62201676632"]}, {"type": "nessus", "idList": ["801937.PRM", "8169.PRM", "8615.PRM", "8661.PRM", "8662.PRM", "8677.PRM", "8681.PRM", "8784.PRM", "8787.PRM", "8801.PRM", "8909.PRM", "8958.PRM", "8976.PRM", "8979.PRM", "8981.PRM", "8982.PRM", "9260.PRM", "9324.PRM", "AIX_OPENSSH_ADVISORY4.NASL", "AIX_OPENSSL_ADVISORY13.NASL", "ALA_ALAS-2014-369.NASL", "ALA_ALAS-2014-408.NASL", "ALA_ALAS-2014-419.NASL", "ALA_ALAS-2014-439.NASL", "ALA_ALAS-2014-441.NASL", "ALA_ALAS-2014-447.NASL", "ALA_ALAS-2014-448.NASL", "ALA_ALAS-2014-449.NASL", "ALA_ALAS-2015-473.NASL", "ALA_ALAS-2015-474.NASL", "ALA_ALAS-2015-475.NASL", "ALA_ALAS-2015-493.NASL", "ALA_ALAS-2015-494.NASL", "ALA_ALAS-2015-498.NASL", "ALA_ALAS-2015-506.NASL", "ALA_ALAS-2015-507.NASL", "ALA_ALAS-2015-508.NASL", "ALA_ALAS-2015-509.NASL", "ALA_ALAS-2015-510.NASL", "ALA_ALAS-2015-511.NASL", "ALA_ALAS-2015-524.NASL", "ALA_ALAS-2015-529.NASL", "ALA_ALAS-2015-530.NASL", "ALA_ALAS-2015-531.NASL", "ALA_ALAS-2015-532.NASL", "ALA_ALAS-2015-533.NASL", "ALA_ALAS-2015-561.NASL", "ALA_ALAS-2015-562.NASL", "ALA_ALAS-2015-563.NASL", "ALA_ALAS-2015-591.NASL", "APPLE_IOS_90_CHECK.NBIN", "BASH_CVE_2014_6278.NASL", "BASH_REMOTE_CODE_EXECUTION2.NASL", "BLUECOAT_PROXY_SG_6_5_7_5.NASL", "CENTOS_RHSA-2014-1172.NASL", "CENTOS_RHSA-2014-1306.NASL", "CENTOS_RHSA-2014-1552.NASL", "CENTOS_RHSA-2014-1911.NASL", "CENTOS_RHSA-2014-1912.NASL", "CENTOS_RHSA-2015-0090.NASL", "CENTOS_RHSA-2015-0092.NASL", "CENTOS_RHSA-2015-0715.NASL", "CENTOS_RHSA-2015-0716.NASL", "CENTOS_RHSA-2015-0800.NASL", "CENTOS_RHSA-2015-1135.NASL", "CENTOS_RHSA-2015-1218.NASL", "CENTOS_RHSA-2015-1634.NASL", "CENTOS_RHSA-2015-1635.NASL", "CENTOS_RHSA-2015-2155.NASL", "CHECK_POINT_GAIA_SK104443.NASL", "CISCO-SA-20140926-BASH-NXOS.NASL", "CISCO-SA-20150128-ACE.NASL", "CISCO-SA-20150128-GHOST-IOSXE_MULTI.NASL", "CISCO-SA-20150128-GHOST-IOSXE_NOVA.NASL", "CISCO-SA-20150128-GHOST-IOSXR_NCS6K.NASL", "CISCO-SA-20150128-GHOST-NXOS.NASL", "CISCO-SA-20150320-OPENSSL-IOS.NASL", "CISCO-SA-20150320-OPENSSL-IOSXE.NASL", "CISCO-SA-CSCUR01959-ASA-CX.NASL", "CISCO-SA-CSCUR01959-PRSM.NASL", "CISCO_CUCM_CSCUS66650-GHOST.NASL", "CISCO_CUPS_CSCUR05454.NASL", "CISCO_CUPS_CSCUS69785.NASL", "CISCO_TELEPRESENCE_CONDUCTOR_CSCUR02103.NASL", "CISCO_TELEPRESENCE_CONDUCTOR_CSCUS69523.NASL", "CISCO_TELEPRESENCE_VCS_CSCUR01461.NASL", "CISCO_TELEPRESENCE_VCS_CSCUS69558.NASL", "CISCO_UCS_DIRECTOR_CSCUR02877.NASL", "CLAMAV_0_98_7.NASL", "DEBIAN_DLA-139.NASL", "DEBIAN_DLA-177.NASL", "DEBIAN_DLA-189.NASL", "DEBIAN_DLA-200.NASL", "DEBIAN_DLA-212.NASL", "DEBIAN_DLA-224.NASL", "DEBIAN_DLA-235.NASL", "DEBIAN_DLA-273.NASL", "DEBIAN_DLA-444.NASL", "DEBIAN_DLA-46.NASL", "DEBIAN_DLA-88.NASL", "DEBIAN_DSA-2894.NASL", "DEBIAN_DSA-3019.NASL", "DEBIAN_DSA-3142.NASL", "DEBIAN_DSA-3157.NASL", "DEBIAN_DSA-3159.NASL", "DEBIAN_DSA-3195.NASL", "DEBIAN_DSA-3197.NASL", "DEBIAN_DSA-3198.NASL", "DEBIAN_DSA-3215.NASL", "DEBIAN_DSA-3245.NASL", "DEBIAN_DSA-3246.NASL", "DEBIAN_DSA-3247.NASL", "DEBIAN_DSA-3252.NASL", "DEBIAN_DSA-3280.NASL", "DEBIAN_DSA-3309.NASL", "DEBIAN_DSA-3323.NASL", "EULEROS_SA-2018-1374.NASL", "EULEROS_SA-2019-1386.NASL", "EULEROS_SA-2019-1418.NASL", "EULEROS_SA-2019-1424.NASL", "EULEROS_SA-2019-1425.NASL", "EULEROS_SA-2019-1428.NASL", "EULEROS_SA-2019-1463.NASL", "EULEROS_SA-2019-1543.NASL", "EULEROS_SA-2019-1544.NASL", "EULEROS_SA-2019-1545.NASL", "EULEROS_SA-2019-1546.NASL", "EULEROS_SA-2019-1548.NASL", "EULEROS_SA-2019-1551.NASL", "EULEROS_SA-2019-2509.NASL", "F5_BIGIP_SOL15629.NASL", "F5_BIGIP_SOL15780.NASL", "F5_BIGIP_SOL16057.NASL", "F5_BIGIP_SOL16317.NASL", "F5_BIGIP_SOL16950.NASL", "F5_BIGIP_SOL17127.NASL", "FEDORA_2014-10142.NASL", "FEDORA_2014-10357.NASL", "FEDORA_2014-10359.NASL", "FEDORA_2014-14096.NASL", "FEDORA_2014-6380.NASL", "FEDORA_2014-6569.NASL", "FEDORA_2015-1058.NASL", "FEDORA_2015-1101.NASL", "FEDORA_2015-2315.NASL", "FEDORA_2015-2328.NASL", "FEDORA_2015-4216.NASL", "FEDORA_2015-4236.NASL", "FEDORA_2015-4255.NASL", "FEDORA_2015-4300.NASL", "FEDORA_2015-4303.NASL", "FEDORA_2015-4320.NASL", "FEDORA_2015-4553.NASL", "FEDORA_2015-4556.NASL", "FEDORA_2015-4559.NASL", "FEDORA_2015-4565.NASL", "FEDORA_2015-4669.NASL", "FEDORA_2015-4699.NASL", "FEDORA_2015-6195.NASL", "FEDORA_2015-6238.NASL", "FEDORA_2015-6377.NASL", "FEDORA_2015-6399.NASL", "FEDORA_2015-6407.NASL", "FEDORA_2015-6855.NASL", "FEDORA_2015-6951.NASL", "FEDORA_2015-7334.NASL", "FEDORA_2015-7346.NASL", "FEDORA_2015-7378.NASL", "FEDORA_2016-1A7F7FFB58.NASL", "FEDORA_2016-5D6D75DBEA.NASL", "FEDORA_2016-9EC1850FFF.NASL", "FEDORA_2016-A4FCB02D6B.NASL", "FEDORA_2016-D132DBB529.NASL", "FEDORA_2016-FDE7FFCB77.NASL", "FREEBSD_PKG_0765DE84A6C111E4A0C1C485083CA99C.NASL", "FREEBSD_PKG_1E232A0CEB5711E4B5954061861086C1.NASL", "FREEBSD_PKG_264749AED56511E4B54500269EE29E57.NASL", "FREEBSD_PKG_3D0428B2FDFB11E4894FD050996490D0.NASL", "FREEBSD_PKG_4A4E9F88491C11E4AE2CC80AA9043978.NASL", "FREEBSD_PKG_512D130149B911E4AE2CC80AA9043978.NASL", "FREEBSD_PKG_742563D4D77611E4B5954061861086C1.NASL", "FREEBSD_PKG_74DED00E600711E6A6C314DAE9D210B8.NASL", "FREEBSD_PKG_81E2B3084A6C11E4B7116805CA0B3D42.NASL", "FREEBSD_PKG_9D15355BCE7C11E49DB0D050992ECDE8.NASL", "FREEBSD_PKG_BD1AB7A50E0111E59976A0F3C100AE18.NASL", "FREEBSD_PKG_D4379F593E9B49EB933B61DE4D0B0FDB.NASL", "FREEBSD_PKG_DEC3164F312145EFAF18BB113AC5082F.NASL", "FREEBSD_PKG_F7A9E415BDCA11E4970C000C292EE6B8.NASL", "GENTOO_GLSA-201405-06.NASL", "GENTOO_GLSA-201410-01.NASL", "GENTOO_GLSA-201412-27.NASL", "GENTOO_GLSA-201503-03.NASL", "GENTOO_GLSA-201503-04.NASL", "GENTOO_GLSA-201503-11.NASL", "GENTOO_GLSA-201507-04.NASL", "GENTOO_GLSA-201507-05.NASL", "GENTOO_GLSA-201606-10.NASL", "GENTOO_GLSA-201607-04.NASL", "GENTOO_GLSA-201701-42.NASL", "HPSMH_7_2_6.NASL", "HPSMH_7_5.NASL", "IBM_STORWIZE_1_5_0_4.NASL", "ITUNES_12_3_0.NASL", "ITUNES_12_3_0_BANNER.NASL", "ITUNES_12_6.NASL", "ITUNES_12_6_BANNER.NASL", "JUNIPER_JSA10804.NASL", "JUNIPER_SPACE_JSA10648.NASL", "MACOSX_10_10_2.NASL", "MACOSX_10_10_4.NASL", "MACOSX_10_10_5.NASL", "MACOSX_10_11_1.NASL", "MACOSX_SAFARI9_0.NASL", "MACOSX_SECUPD2015-005.NASL", "MACOSX_SECUPD2015-006.NASL", "MACOSX_SECUPD2015-007.NASL", "MACOS_ITUNES_12_6.NASL", "MANDRIVA_MDVSA-2014-068.NASL", "MANDRIVA_MDVSA-2014-190.NASL", "MANDRIVA_MDVSA-2014-225.NASL", "MANDRIVA_MDVSA-2015-032.NASL", "MANDRIVA_MDVSA-2015-039.NASL", "MANDRIVA_MDVSA-2015-062.NASL", "MANDRIVA_MDVSA-2015-063.NASL", "MANDRIVA_MDVSA-2015-079.NASL", "MANDRIVA_MDVSA-2015-080.NASL", "MANDRIVA_MDVSA-2015-095.NASL", "MANDRIVA_MDVSA-2015-129.NASL", "MANDRIVA_MDVSA-2015-153.NASL", "MANDRIVA_MDVSA-2015-164.NASL", "MANDRIVA_MDVSA-2015-209.NASL", "MANDRIVA_MDVSA-2015-217.NASL", "MANDRIVA_MDVSA-2015-221.NASL", "MANDRIVA_MDVSA-2015-224.NASL", "MCAFEE_EMAIL_GATEWAY_SB10085.NASL", "MCAFEE_NGFW_SB10085.NASL", "MCAFEE_WEB_GATEWAY_SB10085.NASL", "MYSQL_ENTERPRISE_MONITOR_3_0_23.NASL", "NEWSTART_CGSL_NS-SA-2019-0036_OPENSSH.NASL", "NEWSTART_CGSL_NS-SA-2019-0146_OPENSSH-LATEST.NASL", "OPENSSH_66.NASL", "OPENSSL_0_9_8ZF.NASL", "OPENSSL_1_0_0R.NASL", "OPENSSL_1_0_1M.NASL", "OPENSSL_1_0_2A.NASL", "OPENSUSE-2014-537.NASL", "OPENSUSE-2014-563.NASL", "OPENSUSE-2014-564.NASL", "OPENSUSE-2014-567.NASL", "OPENSUSE-2014-594.NASL", "OPENSUSE-2014-595.NASL", "OPENSUSE-2014-758.NASL", "OPENSUSE-2015-1.NASL", "OPENSUSE-2015-163.NASL", "OPENSUSE-2015-203.NASL", "OPENSUSE-2015-247.NASL", "OPENSUSE-2015-265.NASL", "OPENSUSE-2015-280.NASL", "OPENSUSE-2015-282.NASL", "OPENSUSE-2015-295.NASL", "OPENSUSE-2015-352.NASL", "OPENSUSE-2015-366.NASL", "OPENSUSE-2015-507.NASL", "OPENSUSE-2015-6.NASL", "OPENSUSE-2015-84.NASL", "OPENSUSE-2015-889.NASL", "OPENSUSE-2015-953.NASL", "OPENSUSE-2016-1374.NASL", "OPENSUSE-2016-273.NASL", "OPENSUSE-2016-294.NASL", "OPENSUSE-2016-340.NASL", "OPENSUSE-2016-412.NASL", "OPENSUSE-2017-1011.NASL", "OPENSUSE-2017-527.NASL", "OPENSUSE-2018-517.NASL", "OPENSUSE-2021-1058.NASL", "OPENSUSE-2021-2320.NASL", "ORACLELINUX_ELSA-2014-1172.NASL", "ORACLELINUX_ELSA-2014-1306.NASL", "ORACLELINUX_ELSA-2014-1552.NASL", "ORACLELINUX_ELSA-2014-1911.NASL", "ORACLELINUX_ELSA-2014-1912.NASL", "ORACLELINUX_ELSA-2014-3092.NASL", "ORACLELINUX_ELSA-2014-3093.NASL", "ORACLELINUX_ELSA-2014-3094.NASL", "ORACLELINUX_ELSA-2015-0090.NASL", "ORACLELINUX_ELSA-2015-0092.NASL", "ORACLELINUX_ELSA-2015-0101.NASL", "ORACLELINUX_ELSA-2015-0715.NASL", "ORACLELINUX_ELSA-2015-0716.NASL", "ORACLELINUX_ELSA-2015-0800.NASL", "ORACLELINUX_ELSA-2015-1135.NASL", "ORACLELINUX_ELSA-2015-1218.NASL", "ORACLELINUX_ELSA-2015-1634.NASL", "ORACLELINUX_ELSA-2015-1635.NASL", "ORACLELINUX_ELSA-2015-2155.NASL", "ORACLEVM_OVMSA-2015-0022.NASL", "ORACLEVM_OVMSA-2015-0023.NASL", "ORACLEVM_OVMSA-2015-0024.NASL", "ORACLEVM_OVMSA-2015-0039.NASL", "ORACLEVM_OVMSA-2015-0115.NASL", "ORACLEVM_OVMSA-2016-0013.NASL", "ORACLEVM_OVMSA-2016-0038.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2015_CPU.NASL", "PALO_ALTO_PAN-SA-2015-0002.NASL", "PFSENSE_SA-15_06.NASL", "PHP_5_4_37.NASL", "PHP_5_4_38.NASL", "PHP_5_4_39.NASL", "PHP_5_4_40.NASL", "PHP_5_4_42.NASL", "PHP_5_5_21.NASL", "PHP_5_5_22.NASL", "PHP_5_5_23.NASL", "PHP_5_5_24.NASL", "PHP_5_5_26.NASL", "PHP_5_6_10.NASL", "PHP_5_6_5.NASL", "PHP_5_6_6.NASL", "PHP_5_6_7.NASL", "PHP_5_6_8.NASL", "PHP_7_0_15.NASL", "PUPPET_ENTERPRISE_380.NASL", "REDHAT-RHSA-2014-1172.NASL", "REDHAT-RHSA-2014-1306.NASL", "REDHAT-RHSA-2014-1311.NASL", "REDHAT-RHSA-2014-1354.NASL", "REDHAT-RHSA-2014-1552.NASL", "REDHAT-RHSA-2014-1911.NASL", "REDHAT-RHSA-2014-1912.NASL", "REDHAT-RHSA-2015-0090.NASL", "REDHAT-RHSA-2015-0092.NASL", "REDHAT-RHSA-2015-0099.NASL", "REDHAT-RHSA-2015-0101.NASL", "REDHAT-RHSA-2015-0126.NASL", "REDHAT-RHSA-2015-0715.NASL", "REDHAT-RHSA-2015-0716.NASL", "REDHAT-RHSA-2015-0752.NASL", "REDHAT-RHSA-2015-0800.NASL", "REDHAT-RHSA-2015-1135.NASL", "REDHAT-RHSA-2015-1218.NASL", "REDHAT-RHSA-2015-1634.NASL", "REDHAT-RHSA-2015-1635.NASL", "REDHAT-RHSA-2015-2155.NASL", "SLACKWARE_SSA_2014-086-06.NASL", "SLACKWARE_SSA_2015-028-01.NASL", "SLACKWARE_SSA_2015-111-09.NASL", "SLACKWARE_SSA_2015-111-10.NASL", "SLACKWARE_SSA_2015-198-02.NASL", "SL_20140910_PROCMAIL_ON_SL5_X.NASL", "SL_20141014_OPENSSH_ON_SL6_X.NASL", "SL_20141126_RUBY_ON_SL6_X.NASL", "SL_20141126_RUBY_ON_SL7_X.NASL", "SL_20150127_GLIBC_ON_SL5_X.NASL", "SL_20150127_GLIBC_ON_SL6_X.NASL", "SL_20150324_OPENSSL_ON_SL6_X.NASL", "SL_20150324_OPENSSL_ON_SL7_X.NASL", "SL_20150413_OPENSSL_ON_SL5_X.NASL", "SL_20150623_PHP_ON_SL7_X.NASL", "SL_20150709_PHP_ON_SL6_X.NASL", "SL_20150817_SQLITE_ON_SL6_X.NASL", "SL_20150817_SQLITE_ON_SL7_X.NASL", "SL_20151119_FILE_ON_SL7_X.NASL", "SOLARIS11_BASH_20141031.NASL", "SOLARIS11_BASH_20141031_2.NASL", "SOLARIS11_BASH_2014_10_07.NASL", "SOLARIS11_PROCMAIL_20141014.NASL", "SPLUNK_618.NASL", "STUNNEL_5_12.NASL", "SUSE_11_APACHE2-MOD_PHP53-150212.NASL", "SUSE_11_APACHE2-MOD_PHP53-150226.NASL", "SUSE_11_BASH-140926.NASL", "SUSE_11_CLAMAV-150507.NASL", "SUSE_11_COMPAT-OPENSSL097G-150317.NASL", "SUSE_11_GD-150324.NASL", "SUSE_11_GLIBC-150122.NASL", "SUSE_11_LIBOPENSSL-DEVEL-150317.NASL", "SUSE_11_OPENSSH-140606.NASL", "SUSE_11_OPENSSH-140607.NASL", "SUSE_11_PROCMAIL-140904.NASL", "SUSE_11_RUBY-141230.NASL", "SUSE_GLIBC-9035.NASL", "SUSE_SU-2015-0365-1.NASL", "SUSE_SU-2015-0424-1.NASL", "SUSE_SU-2015-0541-1.NASL", "SUSE_SU-2015-0553-1.NASL", "SUSE_SU-2015-0668-1.NASL", "SUSE_SU-2015-0868-1.NASL", "SUSE_SU-2015-0946-1.NASL", "SUSE_SU-2015-1018-1.NASL", "SUSE_SU-2015-1410-1.NASL", "SUSE_SU-2015-1525-1.NASL", "SUSE_SU-2015-1915-1.NASL", "SUSE_SU-2015-2303-1.NASL", "SUSE_SU-2016-0324-1.NASL", "SUSE_SU-2016-0678-1.NASL", "SUSE_SU-2016-1638-1.NASL", "SUSE_SU-2016-2872-1.NASL", "SUSE_SU-2017-0948-1.NASL", "SUSE_SU-2017-1067-1.NASL", "SUSE_SU-2017-2318-1.NASL", "SUSE_SU-2017-3231-1.NASL", "SUSE_SU-2018-1401-1.NASL", "SUSE_SU-2018-1401-2.NASL", "SUSE_SU-2019-1746-1.NASL", "SUSE_SU-2021-2320-1.NASL", "SUSE_SU-2021-3215-1.NASL", "TOMCAT_6_0_44.NASL", "TOMCAT_7_0_60.NASL", "TOMCAT_8_0_21.NASL", "UBUNTU_USN-2155-1.NASL", "UBUNTU_USN-2340-1.NASL", "UBUNTU_USN-2364-1.NASL", "UBUNTU_USN-2380-1.NASL", "UBUNTU_USN-2397-1.NASL", "UBUNTU_USN-2412-1.NASL", "UBUNTU_USN-2485-1.NASL", "UBUNTU_USN-2501-1.NASL", "UBUNTU_USN-2535-1.NASL", "UBUNTU_USN-2537-1.NASL", "UBUNTU_USN-2572-1.NASL", "UBUNTU_USN-2594-1.NASL", "UBUNTU_USN-2605-1.NASL", "UBUNTU_USN-2695-1.NASL", "UBUNTU_USN-2698-1.NASL", "UBUNTU_USN-2937-1.NASL", "UBUNTU_USN-2987-1.NASL", "UBUNTU_USN-3365-1.NASL", "VCENTER_OPERATIONS_MANAGER_VMSA_2014-0010.NASL", "VMWARE_NSX_VMSA_2014_0010.NASL", "VMWARE_VCENTER_CONVERTER_2014-0010.NASL", "VMWARE_VCENTER_SERVER_APPLIANCE_VMSA-2014-0010.NASL", "VMWARE_VMSA-2014-0010.NASL", "VMWARE_VMSA-2014-0010_REMOTE.NASL", "VMWARE_VSPHERE_REPLICATION_VMSA_2014_0010.NASL", "VMWARE_WORKSPACE_PORTAL_VMSA2014-0010.NASL", "WEB_APPLICATION_SCANNING_98802", "WEB_APPLICATION_SCANNING_98828", "WEB_APPLICATION_SCANNING_98829", "WEB_APPLICATION_SCANNING_98830", "WEB_APPLICATION_SCANNING_98831", "WEB_APPLICATION_SCANNING_98839", "XEROX_XRX15AD_COLORQUBE.NASL", "XEROX_XRX15R.NASL"]}, {"type": "nvidia", "idList": ["NVIDIA:4386"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2015-0286", "OPENSSL:CVE-2015-0287"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105003", "OPENVAS:1361412562310105146", "OPENVAS:1361412562310105156", "OPENVAS:1361412562310105188", "OPENVAS:1361412562310105192", "OPENVAS:1361412562310105249", "OPENVAS:1361412562310105264", "OPENVAS:1361412562310120053", "OPENVAS:1361412562310120056", "OPENVAS:1361412562310120078", "OPENVAS:1361412562310120091", "OPENVAS:1361412562310120105", "OPENVAS:1361412562310120107", "OPENVAS:1361412562310120108", "OPENVAS:1361412562310120164", "OPENVAS:1361412562310120167", "OPENVAS:1361412562310120170", "OPENVAS:1361412562310120226", "OPENVAS:1361412562310120227", "OPENVAS:1361412562310120228", "OPENVAS:1361412562310120229", "OPENVAS:1361412562310120286", "OPENVAS:1361412562310120292", "OPENVAS:1361412562310120293", "OPENVAS:1361412562310120350", "OPENVAS:1361412562310120353", "OPENVAS:1361412562310120364", "OPENVAS:1361412562310120365", "OPENVAS:1361412562310120370", "OPENVAS:1361412562310120371", "OPENVAS:1361412562310120420", "OPENVAS:1361412562310120421", "OPENVAS:1361412562310120424", "OPENVAS:1361412562310120426", "OPENVAS:1361412562310120491", "OPENVAS:1361412562310120535", "OPENVAS:1361412562310120536", "OPENVAS:1361412562310121181", "OPENVAS:1361412562310121274", "OPENVAS:1361412562310121313", "OPENVAS:1361412562310121357", "OPENVAS:1361412562310121358", "OPENVAS:1361412562310121365", "OPENVAS:1361412562310121385", "OPENVAS:1361412562310121386", "OPENVAS:1361412562310122739", "OPENVAS:1361412562310122869", "OPENVAS:1361412562310122871", "OPENVAS:1361412562310122872", "OPENVAS:1361412562310122874", "OPENVAS:1361412562310123027", "OPENVAS:1361412562310123029", "OPENVAS:1361412562310123083", "OPENVAS:1361412562310123097", "OPENVAS:1361412562310123135", "OPENVAS:1361412562310123140", "OPENVAS:1361412562310123153", "OPENVAS:1361412562310123154", "OPENVAS:1361412562310123196", "OPENVAS:1361412562310123197", "OPENVAS:1361412562310123239", "OPENVAS:1361412562310123240", "OPENVAS:1361412562310123242", "OPENVAS:1361412562310123244", "OPENVAS:1361412562310123245", "OPENVAS:1361412562310123284", "OPENVAS:1361412562310123299", "OPENVAS:1361412562310123313", "OPENVAS:1361412562310131278", "OPENVAS:1361412562310131282", "OPENVAS:1361412562310702894", "OPENVAS:1361412562310703019", "OPENVAS:1361412562310703126", "OPENVAS:1361412562310703142", "OPENVAS:1361412562310703157", "OPENVAS:1361412562310703159", "OPENVAS:1361412562310703195", "OPENVAS:1361412562310703197", "OPENVAS:1361412562310703198", "OPENVAS:1361412562310703215", "OPENVAS:1361412562310703245", "OPENVAS:1361412562310703246", "OPENVAS:1361412562310703247", "OPENVAS:1361412562310703252", "OPENVAS:1361412562310703280", "OPENVAS:1361412562310703309", "OPENVAS:1361412562310703323", "OPENVAS:1361412562310802083", "OPENVAS:1361412562310802084", "OPENVAS:1361412562310802085", "OPENVAS:1361412562310802086", "OPENVAS:1361412562310804060", "OPENVAS:1361412562310804889", "OPENVAS:1361412562310805202", "OPENVAS:1361412562310805412", "OPENVAS:1361412562310805414", "OPENVAS:1361412562310805446", "OPENVAS:1361412562310805650", "OPENVAS:1361412562310805651", "OPENVAS:1361412562310805656", "OPENVAS:1361412562310805657", "OPENVAS:1361412562310805658", "OPENVAS:1361412562310805659", "OPENVAS:1361412562310805676", "OPENVAS:1361412562310805685", "OPENVAS:1361412562310805686", "OPENVAS:1361412562310805687", "OPENVAS:1361412562310805689", "OPENVAS:1361412562310805690", "OPENVAS:1361412562310805691", "OPENVAS:1361412562310805989", "OPENVAS:1361412562310806063", "OPENVAS:1361412562310806154", "OPENVAS:1361412562310806731", "OPENVAS:1361412562310806733", "OPENVAS:1361412562310807720", "OPENVAS:1361412562310807724", "OPENVAS:1361412562310807742", "OPENVAS:1361412562310810724", "OPENVAS:1361412562310810725", "OPENVAS:1361412562310813191", "OPENVAS:1361412562310841764", "OPENVAS:1361412562310841960", "OPENVAS:1361412562310841988", "OPENVAS:1361412562310842000", "OPENVAS:1361412562310842020", "OPENVAS:1361412562310842077", "OPENVAS:1361412562310842094", "OPENVAS:1361412562310842135", "OPENVAS:1361412562310842136", "OPENVAS:1361412562310842171", "OPENVAS:1361412562310842198", "OPENVAS:1361412562310842206", "OPENVAS:1361412562310842394", "OPENVAS:1361412562310842395", "OPENVAS:1361412562310842701", "OPENVAS:1361412562310842778", "OPENVAS:1361412562310843256", "OPENVAS:1361412562310850609", "OPENVAS:1361412562310850615", "OPENVAS:1361412562310850616", "OPENVAS:1361412562310850633", "OPENVAS:1361412562310850640", "OPENVAS:1361412562310850658", "OPENVAS:1361412562310850676", "OPENVAS:1361412562310850678", "OPENVAS:1361412562310850758", "OPENVAS:1361412562310850778", "OPENVAS:1361412562310850827", "OPENVAS:1361412562310850830", "OPENVAS:1361412562310850839", "OPENVAS:1361412562310850844", "OPENVAS:1361412562310850890", "OPENVAS:1361412562310850905", "OPENVAS:1361412562310851141", "OPENVAS:1361412562310851223", "OPENVAS:1361412562310851543", "OPENVAS:1361412562310851765", "OPENVAS:1361412562310867817", "OPENVAS:1361412562310867869", "OPENVAS:1361412562310868183", "OPENVAS:1361412562310868198", "OPENVAS:1361412562310868981", "OPENVAS:1361412562310868982", "OPENVAS:1361412562310869039", "OPENVAS:1361412562310869053", "OPENVAS:1361412562310869117", "OPENVAS:1361412562310869125", "OPENVAS:1361412562310869145", "OPENVAS:1361412562310869152", "OPENVAS:1361412562310869180", "OPENVAS:1361412562310869184", "OPENVAS:1361412562310869272", "OPENVAS:1361412562310869274", "OPENVAS:1361412562310869291", "OPENVAS:1361412562310869302", "OPENVAS:1361412562310869307", "OPENVAS:1361412562310869335", "OPENVAS:1361412562310869342", "OPENVAS:1361412562310869365", "OPENVAS:1361412562310869465", "OPENVAS:1361412562310869509", "OPENVAS:1361412562310869544", "OPENVAS:1361412562310869549", "OPENVAS:1361412562310869605", "OPENVAS:1361412562310869616", "OPENVAS:1361412562310869637", "OPENVAS:1361412562310869647", "OPENVAS:1361412562310869719", "OPENVAS:1361412562310869742", "OPENVAS:1361412562310871240", "OPENVAS:1361412562310871266", "OPENVAS:1361412562310871307", "OPENVAS:1361412562310871308", "OPENVAS:1361412562310871339", "OPENVAS:1361412562310871340", "OPENVAS:1361412562310871353", "OPENVAS:1361412562310871379", "OPENVAS:1361412562310871388", "OPENVAS:1361412562310871430", "OPENVAS:1361412562310871431", "OPENVAS:1361412562310871502", "OPENVAS:1361412562310882021", "OPENVAS:1361412562310882022", "OPENVAS:1361412562310882023", "OPENVAS:1361412562310882107", "OPENVAS:1361412562310882108", "OPENVAS:1361412562310882109", "OPENVAS:1361412562310882132", "OPENVAS:1361412562310882147", "OPENVAS:1361412562310882163", "OPENVAS:1361412562310882203", "OPENVAS:1361412562310882219", "OPENVAS:1361412562310882248", "OPENVAS:1361412562310882251", "OPENVAS:1361412562311220181374", "OPENVAS:1361412562311220191386", "OPENVAS:1361412562311220191418", "OPENVAS:1361412562311220191424", "OPENVAS:1361412562311220191425", "OPENVAS:1361412562311220191428", "OPENVAS:1361412562311220191463", "OPENVAS:1361412562311220191543", "OPENVAS:1361412562311220191544", "OPENVAS:1361412562311220191545", "OPENVAS:1361412562311220191546", "OPENVAS:1361412562311220191548", "OPENVAS:1361412562311220191551", "OPENVAS:1361412562311220192509", "OPENVAS:702894", "OPENVAS:703019", "OPENVAS:703126", "OPENVAS:703142", "OPENVAS:703157", "OPENVAS:703159", "OPENVAS:703195", "OPENVAS:703197", "OPENVAS:703198", "OPENVAS:703215", "OPENVAS:703245", "OPENVAS:703246", "OPENVAS:703247", "OPENVAS:703252", "OPENVAS:703280", "OPENVAS:703309", "OPENVAS:703323", "OPENVAS:841764"]}, {"type": "openwrt", "idList": ["OPENWRT-SA-000002"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2015", "ORACLE:CPUAPR2016V3", "ORACLE:CPUAPR2017", "ORACLE:CPUAPR2019", "ORACLE:CPUJAN2016", "ORACLE:CPUJUL2015", "ORACLE:CPUJUL2016", "ORACLE:CPUJUL2017", "ORACLE:CPUJUL2018", "ORACLE:CPUOCT2015", "ORACLE:CPUOCT2016", "ORACLE:CPUOCT2017", "ORACLE:CPUOCT2018"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-1172", "ELSA-2014-1306", "ELSA-2014-1552", "ELSA-2014-1911", "ELSA-2014-1912", "ELSA-2014-1913", "ELSA-2014-3079", "ELSA-2014-3092", "ELSA-2014-3093", "ELSA-2014-3094", "ELSA-2015-0090", "ELSA-2015-0092", "ELSA-2015-0101", "ELSA-2015-0327", "ELSA-2015-0715", "ELSA-2015-0716", "ELSA-2015-0800", "ELSA-2015-1053", "ELSA-2015-1066", "ELSA-2015-1135", "ELSA-2015-1186", "ELSA-2015-1218", "ELSA-2015-1219", "ELSA-2015-1627", "ELSA-2015-1634", "ELSA-2015-1635", "ELSA-2015-2155", "ELSA-2015-2617", "ELSA-2015-3022", "ELSA-2016-3621", "ELSA-2019-4581", "ELSA-2019-4747", "ELSA-2021-9150"]}, {"type": "osv", "idList": ["OSV:DLA-139-1", "OSV:DLA-145-1", "OSV:DLA-177-1", "OSV:DLA-189-1", "OSV:DLA-200-1", "OSV:DLA-212-1", "OSV:DLA-224-1", "OSV:DLA-233-1", "OSV:DLA-235-1", "OSV:DLA-273-1", "OSV:DLA-444-1", "OSV:DLA-46-1", "OSV:DLA-63-1", "OSV:DLA-88-1", "OSV:DSA-2894-1", "OSV:DSA-3019-1", "OSV:DSA-3035-1", "OSV:DSA-3117-1", "OSV:DSA-3121-1", "OSV:DSA-3126-1", "OSV:DSA-3142-1", "OSV:DSA-3157-1", "OSV:DSA-3159-1", "OSV:DSA-3195-1", "OSV:DSA-3197-1", "OSV:DSA-3197-2", "OSV:DSA-3198-1", "OSV:DSA-3198-2", "OSV:DSA-3215-1", "OSV:DSA-3245-1", "OSV:DSA-3246-1", "OSV:DSA-3247-1", "OSV:DSA-3252-1", "OSV:DSA-3252-2", "OSV:DSA-3280-1", "OSV:DSA-3309-1", "OSV:DSA-3323-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:128520", "PACKETSTORM:128535", "PACKETSTORM:128650", "PACKETSTORM:130115", "PACKETSTORM:130171", "PACKETSTORM:130471", "PACKETSTORM:130974", "PACKETSTORM:133826", "PACKETSTORM:134087", "PACKETSTORM:138812", "PACKETSTORM:153278", "PACKETSTORM:164014", "PACKETSTORM:167552"]}, {"type": "paloalto", "idList": ["PAN-SA-2015-0002"]}, {"type": "redhat", "idList": ["RHSA-2014:1172", "RHSA-2014:1306", "RHSA-2014:1311", "RHSA-2014:1312", "RHSA-2014:1354", "RHSA-2014:1552", "RHSA-2014:1865", "RHSA-2014:1911", "RHSA-2014:1912", "RHSA-2014:1913", "RHSA-2014:1914", "RHSA-2015:0090", "RHSA-2015:0092", "RHSA-2015:0099", "RHSA-2015:0101", "RHSA-2015:0126", "RHSA-2015:0715", "RHSA-2015:0716", "RHSA-2015:0752", "RHSA-2015:0800", "RHSA-2015:1053", "RHSA-2015:1066", "RHSA-2015:1135", "RHSA-2015:1186", "RHSA-2015:1187", "RHSA-2015:1218", "RHSA-2015:1634", "RHSA-2015:1635", "RHSA-2015:2155", "RHSA-2016:2957"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2014-8080-113747", "RUBY:RUBY-2014-8090-114641"]}, {"type": "saint", "idList": ["SAINT:501A43136C6B0439024EA8546FF687EA", "SAINT:5A2B8BE492460005E2B67FB7305B1795", "SAINT:A857C5540827855B7B13C1B28EFB9F33", "SAINT:E816893D04BD5260F007B7BE17A201DC"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30389", "SECURITYVULNS:DOC:31083", "SECURITYVULNS:DOC:31129", "SECURITYVULNS:DOC:31131", "SECURITYVULNS:DOC:31147", "SECURITYVULNS:DOC:31328", "SECURITYVULNS:DOC:31390", "SECURITYVULNS:DOC:31484", "SECURITYVULNS:DOC:31664", "SECURITYVULNS:DOC:31672", "SECURITYVULNS:DOC:31679", "SECURITYVULNS:DOC:31712", "SECURITYVULNS:DOC:31728", "SECURITYVULNS:DOC:31790", "SECURITYVULNS:DOC:31802", "SECURITYVULNS:DOC:31811", "SECURITYVULNS:DOC:31876", "SECURITYVULNS:DOC:31959", "SECURITYVULNS:DOC:31961", "SECURITYVULNS:DOC:31989", "SECURITYVULNS:DOC:31997", "SECURITYVULNS:DOC:32019", "SECURITYVULNS:DOC:32196", "SECURITYVULNS:DOC:32267", "SECURITYVULNS:DOC:32347", "SECURITYVULNS:DOC:32390", "SECURITYVULNS:DOC:32493", "SECURITYVULNS:DOC:32494", "SECURITYVULNS:DOC:32514", "SECURITYVULNS:DOC:32517", "SECURITYVULNS:DOC:32518", "SECURITYVULNS:DOC:32519", "SECURITYVULNS:DOC:32522", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:VULN:13632", "SECURITYVULNS:VULN:13966", "SECURITYVULNS:VULN:13977", "SECURITYVULNS:VULN:14099", "SECURITYVULNS:VULN:14141", "SECURITYVULNS:VULN:14240", "SECURITYVULNS:VULN:14245", "SECURITYVULNS:VULN:14261", "SECURITYVULNS:VULN:14314", "SECURITYVULNS:VULN:14325", "SECURITYVULNS:VULN:14333", "SECURITYVULNS:VULN:14349", "SECURITYVULNS:VULN:14389", "SECURITYVULNS:VULN:14393", "SECURITYVULNS:VULN:14425", "SECURITYVULNS:VULN:14427", "SECURITYVULNS:VULN:14443", "SECURITYVULNS:VULN:14455", "SECURITYVULNS:VULN:14562", "SECURITYVULNS:VULN:14600", "SECURITYVULNS:VULN:14601", "SECURITYVULNS:VULN:14630", "SECURITYVULNS:VULN:14696", "SECURITYVULNS:VULN:14698", "SECURITYVULNS:VULN:14699", "SECURITYVULNS:VULN:14700", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:VULN:14755"]}, {"type": "seebug", "idList": ["SSV:61911", "SSV:87313", "SSV:87412", "SSV:88877", "SSV:89237", "SSV:89630"]}, {"type": "slackware", "idList": ["SSA-2014-086-06", "SSA-2015-028-01", "SSA-2015-111-09", "SSA-2015-111-10", "SSA-2015-198-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:1114-1", "OPENSUSE-SU-2014:1229-1", "OPENSUSE-SU-2014:1242-1", "OPENSUSE-SU-2014:1254-1", "OPENSUSE-SU-2015:0162-1", "OPENSUSE-SU-2015:0184-1", "OPENSUSE-SU-2015:0440-1", "OPENSUSE-SU-2015:0855-1", "OPENSUSE-SU-2015:1277-1", "OPENSUSE-SU-2015:2243-1", "OPENSUSE-SU-2016:0640-1", "OPENSUSE-SU-2017:1128-1", "OPENSUSE-SU-2018:1422-1", "OPENSUSE-SU-2021:1058-1", "OPENSUSE-SU-2021:2320-1", "SUSE-SU-2014:1137-1", "SUSE-SU-2014:1247-1", "SUSE-SU-2014:1247-2", "SUSE-SU-2014:1259-1", "SUSE-SU-2014:1287-1", "SUSE-SU-2015:0158-1", "SUSE-SU-2015:0365-1", "SUSE-SU-2015:0424-1", "SUSE-SU-2015:0436-1", "SUSE-SU-2015:0541-1", "SUSE-SU-2015:0553-1", "SUSE-SU-2015:0553-2", "SUSE-SU-2015:0578-1", "SUSE-SU-2015:0868-1", "SUSE-SU-2015:0946-1", "SUSE-SU-2016:0678-1", "SUSE-SU-2016:1638-1", "SUSE-SU-2017:1067-1", "SUSE-SU-2017:2699-1", "SUSE-SU-2017:2700-1"]}, {"type": "symantec", "idList": ["SMNTC-1337"]}, {"type": "thn", "idList": ["THN:3DD8F9ADFFEB290F33825414D41B0F41", "THN:A649F4ABCE9B99052139693A13D95B14", "THN:ACBFC80659E47A5B7C81B99570749679"]}, {"type": "threatpost", "idList": ["THREATPOST:019A95FF13781937122ADFB4410E4311", "THREATPOST:21C84911FABE072264B0D4CA5BD42C30", "THREATPOST:3A858BD40E6943BD3F4553301036091D", "THREATPOST:8B5C2D5280CC957CA9A4CB0C697F96D8", "THREATPOST:CEF6153468FA321976709C304E37C5B2", "THREATPOST:DBB88263397DE4DA6604A2D6517DC194", "THREATPOST:F6AE4A5AF20D9E9C8BE6663E8FC80848"]}, {"type": "ubuntu", "idList": ["USN-2155-1", "USN-2340-1", "USN-2364-1", "USN-2380-1", "USN-2397-1", "USN-2412-1", "USN-2485-1", "USN-2501-1", "USN-2535-1", "USN-2537-1", "USN-2572-1", "USN-2594-1", "USN-2605-1", "USN-2695-1", "USN-2698-1", "USN-2937-1", "USN-2987-1", "USN-3365-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-2532", "UB:CVE-2014-3618", "UB:CVE-2014-6277", "UB:CVE-2014-6278", "UB:CVE-2014-7186", "UB:CVE-2014-7187", "UB:CVE-2014-8080", "UB:CVE-2014-8090", "UB:CVE-2014-8142", "UB:CVE-2014-8146", "UB:CVE-2014-8147", "UB:CVE-2014-9425", "UB:CVE-2014-9427", "UB:CVE-2014-9652", "UB:CVE-2014-9705", "UB:CVE-2014-9709", "UB:CVE-2015-0231", "UB:CVE-2015-0232", "UB:CVE-2015-0235", "UB:CVE-2015-0273", "UB:CVE-2015-0286", "UB:CVE-2015-0287", "UB:CVE-2015-1351", "UB:CVE-2015-1352", "UB:CVE-2015-1855", "UB:CVE-2015-2301", "UB:CVE-2015-2305", "UB:CVE-2015-2331", "UB:CVE-2015-2348", "UB:CVE-2015-2783", "UB:CVE-2015-2787", "UB:CVE-2015-3307", "UB:CVE-2015-3329", "UB:CVE-2015-3330", "UB:CVE-2015-3414", "UB:CVE-2015-3415", "UB:CVE-2015-3416", "UB:CVE-2015-3801", "UB:CVE-2015-4644", "UB:CVE-2015-5522", "UB:CVE-2015-5523", "UB:CVE-2015-5788", "UB:CVE-2015-5789", "UB:CVE-2015-5790", "UB:CVE-2015-5791", "UB:CVE-2015-5792", "UB:CVE-2015-5793", "UB:CVE-2015-5794", "UB:CVE-2015-5795", "UB:CVE-2015-5796", "UB:CVE-2015-5797", "UB:CVE-2015-5798", "UB:CVE-2015-5799", "UB:CVE-2015-5800", "UB:CVE-2015-5801", "UB:CVE-2015-5802", "UB:CVE-2015-5803", "UB:CVE-2015-5804", "UB:CVE-2015-5805", "UB:CVE-2015-5806", "UB:CVE-2015-5807", "UB:CVE-2015-5808", "UB:CVE-2015-5809", "UB:CVE-2015-5810", "UB:CVE-2015-5811", "UB:CVE-2015-5812", "UB:CVE-2015-5813", "UB:CVE-2015-5814", "UB:CVE-2015-5815", "UB:CVE-2015-5816", "UB:CVE-2015-5817", "UB:CVE-2015-5818", "UB:CVE-2015-5819", "UB:CVE-2015-5820", "UB:CVE-2015-5821", "UB:CVE-2015-5822", "UB:CVE-2015-5823", "UB:CVE-2015-5825", "UB:CVE-2015-5826", "UB:CVE-2015-5827", "UB:CVE-2015-5828", "UB:CVE-2015-5913", "UB:CVE-2015-5922", "UB:CVE-2015-6607", "UB:CVE-2017-16844"]}, {"type": "veracode", "idList": ["VERACODE:26914"]}, {"type": "vmware", "idList": ["VMSA-2014-0010", "VMSA-2014-0010.13"]}, {"type": "vulnerlab", "idList": ["VULNERABLE:1430", "VULNERLAB:1430"]}, {"type": "zdt", "idList": ["1337DAY-ID-22754", "1337DAY-ID-23215", "1337DAY-ID-23316", "1337DAY-ID-23392", "1337DAY-ID-24331", "1337DAY-ID-24349", "1337DAY-ID-24447", "1337DAY-ID-36699", "1337DAY-ID-37806"]}]}, "score": {"value": 0.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["OPENSSH_ADVISORY4.ASC"]}, {"type": "amazon", "idList": ["ALAS-2014-447", "ALAS-2014-449", "ALAS-2015-508", "ALAS-2015-510", "ALAS-2015-529"]}, {"type": "apple", "idList": ["APPLE:9A0B3B0DFCDD94CAF1819BEC271E3754"]}, {"type": "archlinux", "idList": ["ASA-201504-13"]}, {"type": "attackerkb", "idList": ["AKB:A066D5C9-115E-4AE8-97BF-BCA2D0A1B897"]}, {"type": "centos", "idList": ["CESA-2014:1172", "CESA-2014:1306", "CESA-2014:1911", "CESA-2014:1912", "CESA-2015:0090", "CESA-2015:0092", "CESA-2015:0715", "CESA-2015:0716", "CESA-2015:0800", "CESA-2015:1135", "CESA-2015:1218", "CESA-2015:1634", "CESA-2015:1635"]}, {"type": "cert", "idList": ["VU:967332"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2015-0166", "CPAI-2015-0234", "CPAI-2015-0734"]}, {"type": "checkpoint_security", "idList": ["CPS:SK102673", "CPS:SK104443"]}, {"type": "cisa", "idList": ["CISA:E8C8F007DF2A448F84459142FD8D46F7"]}, {"type": "cisco", "idList": ["CISCO-SA-20150320-OPENSSL"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:2612C84317452E216670EAF7C553C9D4"]}, {"type": "cve", "idList": ["CVE-2013-3951", "CVE-2015-5912", "CVE-2015-5913", "CVE-2015-5915", "CVE-2015-5917", "CVE-2015-5922", "CVE-2015-7760", "CVE-2015-7761"]}, {"type": "debian", "idList": ["DEBIAN:DLA-88-1:4DC9E", "DEBIAN:DSA-3195-1:F4707", "DEBIAN:DSA-3198-2:D34B4", "DEBIAN:DSA-3215-1:4BBC9", "DEBIAN:DSA-3252-1:580AD", "DEBIAN:DSA-3252-2:F9016", "DEBIAN:DSA-3309-1:B1F35"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-3618", "DEBIANCVE:CVE-2014-7186", "DEBIANCVE:CVE-2014-9709", "DEBIANCVE:CVE-2015-2305"]}, {"type": "exploitdb", "idList": ["EDB-ID:38371"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:09BAFC0653DB54EBD16EF2C94A327987"]}, {"type": "f5", "idList": ["F5:K16835", "F5:K16976", "F5:K17127", "F5:K35239571", "F5:K37236006", "SOL16317", "SOL16318", "SOL16339", "SOL16976"]}, {"type": "fedora", "idList": ["FEDORA:09F5C6091601", "FEDORA:2E11F6015E38", "FEDORA:3BC436087E40", "FEDORA:4E27520DE7", "FEDORA:9E7E560EC260", "FEDORA:AD4AB6087A49"]}, {"type": "freebsd", "idList": ["1E232A0C-EB57-11E4-B595-4061861086C1", "512D1301-49B9-11E4-AE2C-C80AA9043978", "742563D4-D776-11E4-B595-4061861086C1", "D4379F59-3E9B-49EB-933B-61DE4D0B0FDB"]}, {"type": "gentoo", "idList": ["GLSA-201503-03"]}, {"type": "hackerone", "idList": ["H1:131452"]}, {"type": "htbridge", "idList": ["HTB23252"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20150226-01-GLIBC"]}, {"type": "ibm", "idList": ["1525B7B67DA5402BE989F9E37182D44E4D8FAE3BB181A2DBEA5C3A5BAB647E3B", "2A5E5140226F7DD38A791DE1E8EE7913E3512D8FCB1A86411DA5AFF49D8E6F4A", "467A4726E3E7AEF66C203B003944DA9B03EEFBD2B1D75CD15AF1455C2AF4B2E8", "5F468E7095FD7CDC6ACB31C903D40522F03AE2C875C15B90AB7E04C796279517", "60F9C5A6A14BE367913B58DF580EE50C6C7E3396500C99E5420F6C7942C1CCBD", "6234195C7E31959F34FEEB3A01B3AE191F8EB55B62E74A9D49559D08BB9DC38C", "C5F0A3013333B48D4C08CB3D13549994F17CDBB3EA06E50A46D8068D5A06FCAC", "FCEEB61FFF0AA043526B3AD29A5AA38A5A5E8F0EBFEBFB7196BA2301B080971B"]}, {"type": "ics", "idList": ["ICSA-17-094-04"]}, {"type": "intothesymmetry", "idList": ["INTOTHESYMMETRY:8F35CE932305DD8E8F7053B8A1F16EE3"]}, {"type": "jvn", "idList": ["JVN:55667175"]}, {"type": "kaspersky", "idList": ["KLA10514", "KLA10565", "KLA10669"]}, {"type": "kitploit", "idList": ["KITPLOIT:4066304721921583015"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/SCANNER/HTTP/WORDPRESS_GHOST_SCANNER", "MSF:EXPLOIT/OSX/LOCAL/RSH_LIBMALLOC", "MSF:ILITIES/APPLE-ITUNES-CVE-2015-5789/", "MSF:ILITIES/APPLE-ITUNES-CVE-2015-5790/", "MSF:ILITIES/APPLE-ITUNES-CVE-2015-5797/", "MSF:ILITIES/APPLE-ITUNES-CVE-2015-5821/", "MSF:ILITIES/APPLE-ITUNES-CVE-2015-5874/", "MSF:ILITIES/APPLE-OSX-APACHEMODPHP-CVE-2014-9425/"]}, {"type": "nessus", "idList": ["8615.PRM", "8661.PRM", "8662.PRM", "ALA_ALAS-2014-447.NASL", "ALA_ALAS-2015-474.NASL", "ALA_ALAS-2015-509.NASL", "ALA_ALAS-2015-510.NASL", "ALA_ALAS-2015-511.NASL", "ALA_ALAS-2015-532.NASL", "ALA_ALAS-2015-591.NASL", "CENTOS_RHSA-2014-1911.NASL", "CENTOS_RHSA-2015-0090.NASL", "CENTOS_RHSA-2015-0716.NASL", "CISCO-SA-20150128-GHOST-IOSXE_NOVA.NASL", "CISCO-SA-20150320-OPENSSL-IOS.NASL", "CISCO-SA-CSCUR01959-PRSM.NASL", "CISCO_CUCM_CSCUS66650-GHOST.NASL", "CISCO_CUPS_CSCUR05454.NASL", "DEBIAN_DLA-189.NASL", "DEBIAN_DLA-224.NASL", "DEBIAN_DSA-3159.NASL", "EULEROS_SA-2019-1418.NASL", "EULEROS_SA-2019-1425.NASL", "FEDORA_2015-1058.NASL", "FEDORA_2015-4699.NASL", "FEDORA_2015-6377.NASL", "FEDORA_2015-6407.NASL", "FREEBSD_PKG_3D0428B2FDFB11E4894FD050996490D0.NASL", "FREEBSD_PKG_81E2B3084A6C11E4B7116805CA0B3D42.NASL", "FREEBSD_PKG_9D15355BCE7C11E49DB0D050992ECDE8.NASL", "FREEBSD_PKG_BD1AB7A50E0111E59976A0F3C100AE18.NASL", "GENTOO_GLSA-201405-06.NASL", "GENTOO_GLSA-201412-27.NASL", "GENTOO_GLSA-201503-03.NASL", "JUNIPER_JSA10804.NASL", "MACOSX_SECUPD2015-005.NASL", "MANDRIVA_MDVSA-2014-190.NASL", "MANDRIVA_MDVSA-2014-225.NASL", "MANDRIVA_MDVSA-2015-164.NASL", "MANDRIVA_MDVSA-2015-209.NASL", "NEWSTART_CGSL_NS-SA-2019-0036_OPENSSH.NASL", "OPENSSL_0_9_8ZF.NASL", "OPENSUSE-2014-595.NASL", "OPENSUSE-2015-163.NASL", "OPENSUSE-2015-295.NASL", "OPENSUSE-2015-366.NASL", "OPENSUSE-2015-6.NASL", "OPENSUSE-2015-84.NASL", "OPENSUSE-2015-889.NASL", "OPENSUSE-2016-273.NASL", "ORACLELINUX_ELSA-2014-1911.NASL", "ORACLELINUX_ELSA-2014-3094.NASL", "ORACLELINUX_ELSA-2015-0092.NASL", "ORACLELINUX_ELSA-2015-2155.NASL", "PHP_5_4_38.NASL", "PHP_5_4_42.NASL", "PHP_5_5_22.NASL", "PHP_5_5_23.NASL", "PHP_5_5_24.NASL", "PHP_5_6_6.NASL", "REDHAT-RHSA-2014-1354.NASL", "REDHAT-RHSA-2015-0716.NASL", "SL_20141014_OPENSSH_ON_SL6_X.NASL", "SL_20150413_OPENSSL_ON_SL5_X.NASL", "SL_20150623_PHP_ON_SL7_X.NASL", "SL_20150709_PHP_ON_SL6_X.NASL", "SL_20150817_SQLITE_ON_SL6_X.NASL", "SOLARIS11_PROCMAIL_20141014.NASL", "SPLUNK_618.NASL", "SUSE_11_APACHE2-MOD_PHP53-150212.NASL", "SUSE_11_APACHE2-MOD_PHP53-150226.NASL", "SUSE_11_PROCMAIL-140904.NASL", "SUSE_SU-2015-0868-1.NASL", "SUSE_SU-2015-1018-1.NASL", "SUSE_SU-2015-1915-1.NASL", "UBUNTU_USN-2572-1.NASL", "VMWARE_VCENTER_SERVER_APPLIANCE_VMSA-2014-0010.NASL", "VMWARE_VSPHERE_REPLICATION_VMSA_2014_0010.NASL", "VMWARE_WORKSPACE_PORTAL_VMSA2014-0010.NASL", "WEB_APPLICATION_SCANNING_98802", "WEB_APPLICATION_SCANNING_98830", "WEB_APPLICATION_SCANNING_98831", "WEB_APPLICATION_SCANNING_98839", "XEROX_XRX15AD_COLORQUBE.NASL", "XEROX_XRX15R.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2015-0287"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105188", "OPENVAS:1361412562310120108", "OPENVAS:1361412562310120420", "OPENVAS:1361412562310121274", "OPENVAS:1361412562310121385", "OPENVAS:1361412562310121386", "OPENVAS:1361412562310122872", "OPENVAS:1361412562310123027", "OPENVAS:1361412562310123083", "OPENVAS:1361412562310123097", "OPENVAS:1361412562310123197", "OPENVAS:1361412562310123242", "OPENVAS:1361412562310123313", "OPENVAS:1361412562310131278", "OPENVAS:1361412562310703195", "OPENVAS:1361412562310805656", "OPENVAS:1361412562310805676", "OPENVAS:1361412562310805686", "OPENVAS:1361412562310805687", "OPENVAS:1361412562310805689", "OPENVAS:1361412562310805690", "OPENVAS:1361412562310806154", "OPENVAS:1361412562310806731", "OPENVAS:1361412562310841764", "OPENVAS:1361412562310841988", "OPENVAS:1361412562310842077", "OPENVAS:1361412562310850640", "OPENVAS:1361412562310850676", "OPENVAS:1361412562310850839", "OPENVAS:1361412562310868198", "OPENVAS:1361412562310869291", "OPENVAS:1361412562310869335", "OPENVAS:1361412562310869465", "OPENVAS:1361412562310882022", "OPENVAS:1361412562310882108", "OPENVAS:1361412562310882163", "OPENVAS:1361412562310882251", "OPENVAS:1361412562311220181374", "OPENVAS:1361412562311220191544", "OPENVAS:702894", "OPENVAS:703198", "OPENVAS:703215"]}, {"type": "openwrt", "idList": ["OPENWRT-SA-000002"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2015-2367936"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-0800"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:128650"]}, {"type": "redhat", "idList": ["RHSA-2014:1354", "RHSA-2015:0715"]}, {"type": "saint", "idList": ["SAINT:5A2B8BE492460005E2B67FB7305B1795"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31664", "SECURITYVULNS:DOC:31790", "SECURITYVULNS:DOC:31961", "SECURITYVULNS:DOC:31989", "SECURITYVULNS:DOC:31997", "SECURITYVULNS:VULN:13966", "SECURITYVULNS:VULN:13977", "SECURITYVULNS:VULN:14245", "SECURITYVULNS:VULN:14261", "SECURITYVULNS:VULN:14325"]}, {"type": "seebug", "idList": ["SSV:89630"]}, {"type": "slackware", "idList": ["SSA-2015-028-01", "SSA-2015-111-09"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:0162-1", "OPENSUSE-SU-2021:1058-1", "OPENSUSE-SU-2021:2320-1", "SUSE-SU-2015:0424-1", "SUSE-SU-2015:0436-1", "SUSE-SU-2015:0868-1"]}, {"type": "symantec", "idList": ["SMNTC-1337"]}, {"type": "thn", "idList": ["THN:A649F4ABCE9B99052139693A13D95B14", "THN:ACBFC80659E47A5B7C81B99570749679"]}, {"type": "threatpost", "idList": ["THREATPOST:F6AE4A5AF20D9E9C8BE6663E8FC80848"]}, {"type": "ubuntu", "idList": ["USN-2535-1", "USN-2572-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-6277", "UB:CVE-2014-8090", "UB:CVE-2014-9705", "UB:CVE-2015-2305", "UB:CVE-2015-2331", "UB:CVE-2015-3414", "UB:CVE-2015-5804", "UB:CVE-2015-5807", "UB:CVE-2015-5812", "UB:CVE-2015-5813", "UB:CVE-2015-5816", "UB:CVE-2015-5820", "UB:CVE-2015-5913"]}, {"type": "vmware", "idList": ["VMSA-2014-0010"]}, {"type": "vulnerlab", "idList": ["VULNERABLE:1430"]}, {"type": "zdt", "idList": ["1337DAY-ID-22754", "1337DAY-ID-24349", "1337DAY-ID-36699"]}]}, "exploitation": null, "vulnersScore": 0.3}, "_state": {"dependencies": 1673449426, "score": 1673453377}, "_internal": {"score_hash": "a5d3b84707ad8882e0f5b6e49bd3eac5"}, "pluginID": "86270", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86270);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/06/20 11:24:24\");\n\n script_cve_id(\n \"CVE-2013-3951\",\n \"CVE-2014-2532\",\n \"CVE-2014-3618\",\n \"CVE-2014-6277\",\n \"CVE-2014-7186\",\n \"CVE-2014-7187\",\n \"CVE-2014-8080\",\n \"CVE-2014-8090\",\n \"CVE-2014-8146\",\n \"CVE-2014-8147\",\n \"CVE-2014-8611\",\n \"CVE-2014-9425\",\n \"CVE-2014-9427\",\n \"CVE-2014-9652\",\n \"CVE-2014-9705\",\n \"CVE-2014-9709\",\n \"CVE-2015-0231\",\n \"CVE-2015-0232\",\n \"CVE-2015-0235\",\n \"CVE-2015-0273\",\n \"CVE-2015-0286\",\n \"CVE-2015-0287\",\n \"CVE-2015-1351\",\n \"CVE-2015-1352\",\n \"CVE-2015-1855\",\n \"CVE-2015-2301\",\n \"CVE-2015-2305\",\n \"CVE-2015-2331\",\n \"CVE-2015-2348\",\n \"CVE-2015-2783\",\n \"CVE-2015-2787\",\n \"CVE-2015-3329\",\n \"CVE-2015-3330\",\n \"CVE-2015-3414\",\n \"CVE-2015-3415\",\n \"CVE-2015-3416\",\n \"CVE-2015-3785\",\n \"CVE-2015-3801\",\n \"CVE-2015-5522\",\n \"CVE-2015-5523\",\n \"CVE-2015-5764\",\n \"CVE-2015-5765\",\n \"CVE-2015-5767\",\n \"CVE-2015-5780\",\n \"CVE-2015-5788\",\n \"CVE-2015-5789\",\n \"CVE-2015-5790\",\n \"CVE-2015-5791\",\n \"CVE-2015-5792\",\n \"CVE-2015-5793\",\n \"CVE-2015-5794\",\n \"CVE-2015-5795\",\n \"CVE-2015-5796\",\n \"CVE-2015-5797\",\n \"CVE-2015-5798\",\n \"CVE-2015-5799\",\n \"CVE-2015-5800\",\n \"CVE-2015-5801\",\n \"CVE-2015-5802\",\n \"CVE-2015-5803\",\n \"CVE-2015-5804\",\n \"CVE-2015-5805\",\n \"CVE-2015-5806\",\n \"CVE-2015-5807\",\n \"CVE-2015-5808\",\n \"CVE-2015-5809\",\n \"CVE-2015-5810\",\n \"CVE-2015-5811\",\n \"CVE-2015-5812\",\n \"CVE-2015-5813\",\n \"CVE-2015-5814\",\n \"CVE-2015-5815\",\n \"CVE-2015-5816\",\n \"CVE-2015-5817\",\n \"CVE-2015-5818\",\n \"CVE-2015-5819\",\n \"CVE-2015-5820\",\n \"CVE-2015-5821\",\n \"CVE-2015-5822\",\n \"CVE-2015-5823\",\n \"CVE-2015-5824\",\n \"CVE-2015-5825\",\n \"CVE-2015-5826\",\n \"CVE-2015-5827\",\n \"CVE-2015-5828\",\n \"CVE-2015-5830\",\n \"CVE-2015-5831\",\n \"CVE-2015-5833\",\n \"CVE-2015-5836\",\n \"CVE-2015-5839\",\n \"CVE-2015-5840\",\n \"CVE-2015-5841\",\n \"CVE-2015-5842\",\n \"CVE-2015-5847\",\n \"CVE-2015-5849\",\n \"CVE-2015-5851\",\n \"CVE-2015-5853\",\n \"CVE-2015-5854\",\n \"CVE-2015-5855\",\n \"CVE-2015-5858\",\n \"CVE-2015-5860\",\n \"CVE-2015-5862\",\n \"CVE-2015-5863\",\n \"CVE-2015-5864\",\n \"CVE-2015-5865\",\n \"CVE-2015-5866\",\n \"CVE-2015-5867\",\n \"CVE-2015-5868\",\n \"CVE-2015-5869\",\n \"CVE-2015-5870\",\n \"CVE-2015-5871\",\n \"CVE-2015-5872\",\n \"CVE-2015-5873\",\n \"CVE-2015-5874\",\n \"CVE-2015-5875\",\n \"CVE-2015-5876\",\n \"CVE-2015-5877\",\n \"CVE-2015-5878\",\n \"CVE-2015-5879\",\n \"CVE-2015-5881\",\n \"CVE-2015-5882\",\n \"CVE-2015-5883\",\n \"CVE-2015-5884\",\n \"CVE-2015-5885\",\n \"CVE-2015-5887\",\n \"CVE-2015-5888\",\n \"CVE-2015-5889\",\n \"CVE-2015-5890\",\n \"CVE-2015-5891\",\n \"CVE-2015-5893\",\n \"CVE-2015-5894\",\n \"CVE-2015-5896\",\n \"CVE-2015-5897\",\n \"CVE-2015-5899\",\n \"CVE-2015-5900\",\n \"CVE-2015-5901\",\n \"CVE-2015-5902\",\n \"CVE-2015-5903\",\n \"CVE-2015-5912\",\n \"CVE-2015-5913\",\n \"CVE-2015-5914\",\n \"CVE-2015-5915\",\n \"CVE-2015-5917\",\n \"CVE-2015-5922\",\n \"CVE-2015-7760\",\n \"CVE-2015-7761\"\n );\n script_bugtraq_id(\n 60440,\n 66355,\n 69573,\n 70152,\n 70154,\n 70165,\n 70935,\n 71230,\n 71621,\n 71800,\n 71833,\n 71929,\n 71932,\n 72325,\n 72505,\n 72539,\n 72541,\n 72611,\n 72701,\n 73031,\n 73037,\n 73225,\n 73227,\n 73306,\n 73431,\n 73434,\n 74204,\n 74228,\n 74239,\n 74240,\n 74446,\n 74457,\n 75037,\n 76763,\n 76764,\n 76765,\n 76766,\n 76908,\n 76909,\n 76910,\n 76911,\n 79707\n );\n script_xref(name:\"CERT\", value:\"967332\");\n script_xref(name:\"IAVA\", value:\"2014-A-0142\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-09-30-3\");\n\n script_name(english:\"Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)\");\n script_summary(english:\"Checks the version of Mac OS X.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nsecurity vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X that is 10.6.8 or\nlater but prior to 10.11. It is, therefore, affected by multiple\nvulnerabilities in the following components :\n\n - Address Book\n - AirScan\n - apache_mod_php\n - Apple Online Store Kit\n - AppleEvents\n - Audio\n - bash\n - Certificate Trust Policy\n - CFNetwork Cookies\n - CFNetwork FTPProtocol\n - CFNetwork HTTPProtocol\n - CFNetwork Proxies\n - CFNetwork SSL\n - CoreCrypto\n - CoreText\n - Dev Tools\n - Disk Images\n - dyld\n - EFI\n - Finder\n - Game Center\n - Heimdal\n - ICU\n - Install Framework Legacy\n - Intel Graphics Driver\n - IOAudioFamily\n - IOGraphics\n - IOHIDFamily\n - IOStorageFamily\n - Kernel\n - libc\n - libpthread\n - libxpc\n - Login Window\n - lukemftpd\n - Mail\n - Multipeer Connectivity\n - NetworkExtension\n - Notes\n - OpenSSH\n - OpenSSL\n - procmail\n - remote_cmds\n - removefile\n - Ruby\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - Security\n - SMB\n - SQLite\n - Telephony\n - Terminal\n - tidy\n - Time Machine\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205267\");\n # https://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76b3b492\");\n # https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7a6ddbd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mac OS X 10.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-6277\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nmatch = eregmatch(pattern:\"Mac OS X ([0-9]+(\\.[0-9]+)+)\", string:os);\nif (isnull(match)) exit(1, \"Failed to parse the Mac OS X version ('\" + os + \"').\");\n\nversion = match[1];\nif (\n version !~ \"^10\\.6\\.([89]|[1-9][0-9]+)\" &&\n version !~ \"^10\\.([7-9]|10)\\.\"\n) audit(AUDIT_OS_NOT, \"Mac OS X 10.6.8 or later\", \"Mac OS X \"+version);\n\nfixed_version = \"10.11\";\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected since it is running Mac OS X \"+version+\".\");\n", "naslFamily": "MacOS X Local Security Checks", "cpe": ["cpe:/o:apple:mac_os_x"], "solution": "Upgrade to Mac OS X 10.11 or later.", "nessusSeverity": "Critical", "cvssScoreSource": "CVE-2014-6277", "vendor_cvss2": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "vpr": {"risk factor": "Critical", "score": "9.8"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2015-09-30T00:00:00", "vulnerabilityPublicationDate": "2013-04-26T00:00:00", "exploitableWith": ["Core Impact", "CANVAS(CANVAS)", "Metasploit(Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation)"]}

{"nessus": [{"lastseen": "2023-01-11T15:02:21", "description": "The remote host is running a version of Mac OS X that is 10.6.8 or later but prior to 10.11 and is affected by multiple vulnerabilities in the following components : \n\n - Address Book \n - AirScan \n - apache_mod_php \n - Apple Online Store Kit \n - AppleEvents \n - Audio \n - bash \n - Certificate Trust Policy \n - CFNetwork Cookies - CFNetwork FTPProtocol \n - CFNetwork HTTPProtocol \n - CFNetwork Proxies \n - CFNetwork SSL \n - CoreCrypto \n - CoreText \n - Dev Tools \n - Disk Images \n - dyld \n - EFI \n - Finder \n - Game Center \n - Heimdal \n - ICU \n - Install Framework Legacy \n - Intel Graphics Driver \n - IOAudioFamily \n - IOGraphics \n - IOHIDFamily \n - IOStorageFamily \n - Kernel \n - libc \n - libpthread \n - libxpc \n - Login Window \n - lukemftpd \n - Mail \n - Multipeer Connectivity \n - NetworkExtension \n - Notes \n - OpenSSH \n - OpenSSL \n - procmail \n - remote_cmds \n - removefile \n - Ruby \n - Safari \n - Safari Downloads \n - Safari Extensions \n - Safari Safe Browsing \n - Security \n - SMB \n - SQLite \n - Telephony \n - Terminal \n - tidy \n - Time Machine \n - WebKit \n - WebKit CSS \n - WebKit JavaScript Bindings \n - WebKit Page Loading \n - WebKit Plug-ins", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-10-28T00:00:00", "type": "nessus", "title": "Mac OS X < 10.11 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3951", "CVE-2014-2532", "CVE-2014-3618", "CVE-2014-6277", "CVE-2014-7186", "CVE-2014-7187", "CVE-2014-8080", "CVE-2014-8090", "CVE-2014-8146", "CVE-2014-8147", "CVE-2014-8611", "CVE-2014-9425", "CVE-2014-9427", "CVE-2014-9652", "CVE-2014-9705", "CVE-2014-9709", "CVE-2015-0231", "CVE-2015-0232", "CVE-2015-0235", "CVE-2015-0273", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-1351", "CVE-2015-1352", "CVE-2015-1855", "CVE-2015-2301", "CVE-2015-2305", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3329", "CVE-2015-3330", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3785", "CVE-2015-5522", "CVE-2015-5523", "CVE-2015-5824", "CVE-2015-5830", "CVE-2015-5831", "CVE-2015-5833", "CVE-2015-5836", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5841", "CVE-2015-5842", "CVE-2015-5847", "CVE-2015-5849", "CVE-2015-5851", "CVE-2015-5853", "CVE-2015-5854", "CVE-2015-5855", "CVE-2015-5858", "CVE-2015-5860", "CVE-2015-5862", "CVE-2015-5863", "CVE-2015-5864", "CVE-2015-5865", "CVE-2015-5866", "CVE-2015-5867", "CVE-2015-5868", "CVE-2015-5869", "CVE-2015-5870", "CVE-2015-5871", "CVE-2015-5872", "CVE-2015-5873", "CVE-2015-5874", "CVE-2015-5875", "CVE-2015-5876", "CVE-2015-5877", "CVE-2015-5878", "CVE-2015-5879", "CVE-2015-5881", "CVE-2015-5882", "CVE-2015-5883", "CVE-2015-5884", "CVE-2015-5885", "CVE-2015-5887", "CVE-2015-5888", "CVE-2015-5889", "CVE-2015-5890", "CVE-2015-5891", "CVE-2015-5893", "CVE-2015-5894", "CVE-2015-5896", "CVE-2015-5897", "CVE-2015-5899", "CVE-2015-5900", "CVE-2015-5901", "CVE-2015-5902", "CVE-2015-5903", "CVE-2015-5912", "CVE-2015-5913", "CVE-2015-5914", "CVE-2015-5915", "CVE-2015-5917", "CVE-2015-5922"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "8982.PRM", "href": "https://www.tenable.com/plugins/nnm/8982", "sourceData": "Binary data 8982.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:02:39", "description": "The version of Apple Safari installed on the remote Mac OS X host is prior to 9.0. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins", "cvss3": {}, "published": "2015-10-02T00:00:00", "type": "nessus", "title": "Mac OS X : Apple Safari < 9.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3801", "CVE-2015-5764", "CVE-2015-5765", "CVE-2015-5767", "CVE-2015-5780", "CVE-2015-5788", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5798", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5808", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5820", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5825", "CVE-2015-5826", "CVE-2015-5827", "CVE-2015-5828"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI9_0.NASL", "href": "https://www.tenable.com/plugins/nessus/86252", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86252);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2015-3801\",\n \"CVE-2015-5764\",\n \"CVE-2015-5765\",\n \"CVE-2015-5767\",\n \"CVE-2015-5780\",\n \"CVE-2015-5788\",\n \"CVE-2015-5789\",\n \"CVE-2015-5790\",\n \"CVE-2015-5791\",\n \"CVE-2015-5792\",\n \"CVE-2015-5793\",\n \"CVE-2015-5794\",\n \"CVE-2015-5795\",\n \"CVE-2015-5796\",\n \"CVE-2015-5797\",\n \"CVE-2015-5798\",\n \"CVE-2015-5799\",\n \"CVE-2015-5800\",\n \"CVE-2015-5801\",\n \"CVE-2015-5802\",\n \"CVE-2015-5803\",\n \"CVE-2015-5804\",\n \"CVE-2015-5805\",\n \"CVE-2015-5806\",\n \"CVE-2015-5807\",\n \"CVE-2015-5808\",\n \"CVE-2015-5809\",\n \"CVE-2015-5810\",\n \"CVE-2015-5811\",\n \"CVE-2015-5812\",\n \"CVE-2015-5813\",\n \"CVE-2015-5814\",\n \"CVE-2015-5815\",\n \"CVE-2015-5816\",\n \"CVE-2015-5817\",\n \"CVE-2015-5818\",\n \"CVE-2015-5819\",\n \"CVE-2015-5820\",\n \"CVE-2015-5821\",\n \"CVE-2015-5822\",\n \"CVE-2015-5823\",\n \"CVE-2015-5825\",\n \"CVE-2015-5826\",\n \"CVE-2015-5827\",\n \"CVE-2015-5828\"\n );\n script_bugtraq_id(76764);\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-09-30-2\");\n\n script_name(english:\"Mac OS X : Apple Safari < 9.0 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Safari version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a web browser installed is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote Mac OS X host is\nprior to 9.0. It is, therefore, affected by multiple vulnerabilities\nin the following components :\n\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205265\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Safari version 9.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-5780\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.(9|10|11)([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.9 / 10.10 / 10.11\");\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nfixed_version = \"9.0\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:02:22", "description": "The version of Safari installed on the remote host is prior to 9.0. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - Safari\n - Safari Downloads\n - Safari Extensions\n - Safari Safe Browsing\n - WebKit\n - WebKit CSS\n - WebKit JavaScript Bindings\n - WebKit Page Loading\n - WebKit Plug-ins", "cvss3": {}, "published": "2015-10-13T00:00:00", "type": "nessus", "title": "Safari < 9.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3801", "CVE-2015-5764", "CVE-2015-5765", "CVE-2015-5767", "CVE-2015-5780", "CVE-2015-5788", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5798", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5808", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5820", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5825", "CVE-2015-5826", "CVE-2015-5827", "CVE-2015-5828"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"], "id": "8976.PRM", "href": "https://www.tenable.com/plugins/nnm/8976", "sourceData": "Binary data 8976.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:02:19", "description": "The remote host is running a version of iOS that is prior to version 9.0 and the following components contain vulnerabilities :\n\n - Apple Pay \n - AppleKeyStore \n - Application Store \n - Audio \n - Certificate Trust Policy \n - CFNetwork \n - CFNetwork Cookies \n - CFNetwork FTPProtocol \n - CFNetwork Proxies \n - CFNetwork SSL \n - CoreAnimation \n - CoreCrypto \n - CoreText \n - Data Detectors Engine \n - Dev Tools \n - Disk Images \n - dyld \n - Game Center \n - ICU \n - IOAcceleratorFamily \n - IOHIDFamily \n - IOKit \n - IOMobileFrameBuffer \n - IOStorageFamily \n - iTunes Store \n - JavaScriptCore \n - Kernel \n - libc \n - libpthread \n - Mail \n - Multipeer Connectivity \n - NetworkExtension \n - OpenSSL \n - PluginKit \n - removefile \n - Safari \n - Safari Safe Browsing \n - Security \n - Siri \n - SpringBoard \n - SQLite \n - tidy \n - WebKit \n - WebKit Canvas \n - WebKit Page Loading", "cvss3": {}, "published": "2015-10-15T00:00:00", "type": "nessus", "title": "Apple iOS < 9.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3951", "CVE-2014-8146", "CVE-2014-8147", "CVE-2014-8611", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-1129", "CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416", "CVE-2015-3801", "CVE-2015-5522", "CVE-2015-5523", "CVE-2015-5748", "CVE-2015-5764", "CVE-2015-5765", "CVE-2015-5767", "CVE-2015-5788", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5820", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5824", "CVE-2015-5825", "CVE-2015-5826", "CVE-2015-5827", "CVE-2015-5829", "CVE-2015-5831", "CVE-2015-5832", "CVE-2015-5834", "CVE-2015-5835", "CVE-2015-5837", "CVE-2015-5838", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5841", "CVE-2015-5842", "CVE-2015-5843", "CVE-2015-5844", "CVE-2015-5845", "CVE-2015-5846", "CVE-2015-5847", "CVE-2015-5848", "CVE-2015-5850", "CVE-2015-5851", "CVE-2015-5855", "CVE-2015-5856", "CVE-2015-5857", "CVE-2015-5858", "CVE-2015-5860", "CVE-2015-5861", "CVE-2015-5862", "CVE-2015-5863", "CVE-2015-5867", "CVE-2015-5868", "CVE-2015-5869", "CVE-2015-5874", "CVE-2015-5876", "CVE-2015-5879", "CVE-2015-5880", "CVE-2015-5882", "CVE-2015-5885", "CVE-2015-5892", "CVE-2015-5896", "CVE-2015-5898", "CVE-2015-5899", "CVE-2015-5903", "CVE-2015-5904", "CVE-2015-5905", "CVE-2015-5906", "CVE-2015-5907", "CVE-2015-5912", "CVE-2015-5916", "CVE-2015-5921", "CVE-2015-5922"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "id": "8979.PRM", "href": "https://www.tenable.com/plugins/nnm/8979", "sourceData": "Binary data 8979.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:01:31", "description": "The mobile device is running a version of iOS prior to version 9.0. It is, therefore, affected by vulnerabilities in the following components :\n\n - Apple Pay\n - AppleKeyStore\n - Application Store\n - Audio\n - Certificate Trust Policy\n - CFNetwork\n - CFNetwork Cookies\n - CFNetwork FTPProtocol\n - CFNetwork Proxies\n - CFNetwork SSL\n - CommonCrypto \n - CoreAnimation\n - CoreCrypto\n - CoreText\n - Data Detectors Engine\n - Dev Tools\n - Disk Images\n - dyld\n - Game Center\n - ICU\n - IOAcceleratorFamily\n - IOHIDFamily\n - IOKit\n - IOMobileFrameBuffer\n - IOStorageFamily\n - iTunes Store\n - JavaScriptCore\n - Kernel\n - libc\n - libpthread\n - Mail\n - Multipeer Connectivity\n - NetworkExtension\n - OpenSSL\n - PluginKit\n - removefile\n - Safari\n - Safari Safe Browsing\n - Security\n - Siri\n - SpringBoard\n - SQLite\n - tidy\n - WebKit\n - WebKit Canvas\n - WebKit Page Loading", "cvss3": {}, "published": "2015-09-17T00:00:00", "type": "nessus", "title": "Apple iOS < 9.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3951", "CVE-2014-8146", "CVE-2014-8611", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-1129", "CVE-2015-1205", "CVE-2015-3801", "CVE-2015-5522", "CVE-2015-5523", "CVE-2015-5748", "CVE-2015-5764", "CVE-2015-5765", "CVE-2015-5767", "CVE-2015-5788", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5820", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5824", "CVE-2015-5825", "CVE-2015-5826", "CVE-2015-5827", "CVE-2015-5829", "CVE-2015-5831", "CVE-2015-5832", "CVE-2015-5834", "CVE-2015-5835", "CVE-2015-5837", "CVE-2015-5838", "CVE-2015-5839", "CVE-2015-5840", "CVE-2015-5841", "CVE-2015-5842", "CVE-2015-5843", "CVE-2015-5844", "CVE-2015-5845", "CVE-2015-5846", "CVE-2015-5847", "CVE-2015-5848", "CVE-2015-5850", "CVE-2015-5851", "CVE-2015-5855", "CVE-2015-5856", "CVE-2015-5857", "CVE-2015-5858", "CVE-2015-5859", "CVE-2015-5860", "CVE-2015-5861", "CVE-2015-5862", "CVE-2015-5863", "CVE-2015-5867", "CVE-2015-5868", "CVE-2015-5869", "CVE-2015-5874", "CVE-2015-5876", "CVE-2015-5879", "CVE-2015-5880", "CVE-2015-5882", "CVE-2015-5885", "CVE-2015-5892", "CVE-2015-5895", "CVE-2015-5896", "CVE-2015-5898", "CVE-2015-5899", "CVE-2015-5903", "CVE-2015-5904", "CVE-2015-5905", "CVE-2015-5906", "CVE-2015-5907", "CVE-2015-5912", "CVE-2015-5916", "CVE-2015-5921"], "modified": "2022-11-30T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_90_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/85987", "sourceData": "Binary data apple_ios_90_check.nbin", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:46:30", "description": "PHP was updated to fix ten security issues.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2014-9709: A specially crafted GIF file could cause a buffer read overflow in php-gd (bnc#923946)\n\n - CVE-2015-2301: Memory was use after it was freed in PHAR (bnc#922022)\n\n - CVE-2015-2305: heap overflow vulnerability in regcomp.c (bnc#922452)\n\n - CVE-2014-9705: heap buffer overflow in Enchant (bnc#922451)\n\n - CVE-2015-2787: use-after-free vulnerability in the process_nested_data function (bnc#924972)\n\n - unserialize SoapClient type confusion (bnc#925109)\n\n - CVE-2015-2348: move_uploaded_file truncates a pathNAME upon encountering a x00 character (bnc#924970)\n\n - CVE-2015-3330: Specially crafted PHAR files could, when executed under Apache httpd 2.4 (apache2handler), allow arbitrary code execution (bnc#928506)\n\n - CVE-2015-3329: Specially crafted PHAR data could lead to disclosure of sensitive information due to a buffer overflow (bnc#928506)\n\n - CVE-2015-2783: Specially crafted PHAR data could lead to disclosure of sensitive information due to a buffer over-read (bnc#928511)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : php5 (SUSE-SU-2015:0868-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9705", "CVE-2014-9709", "CVE-2015-2301", "CVE-2015-2305", "CVE-2015-2348", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3329", "CVE-2015-3330"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php5", "p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:suse_linux:php5", "p-cpe:/a:novell:suse_linux:php5-bcmath", "p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo", "p-cpe:/a:novell:suse_linux:php5-bz2", "p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo", "p-cpe:/a:novell:suse_linux:php5-calendar", "p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ctype", "p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo", "p-cpe:/a:novell:suse_linux:php5-curl", "p-cpe:/a:novell:suse_linux:php5-curl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-dba", "p-cpe:/a:novell:suse_linux:php5-dba-debuginfo", "p-cpe:/a:novell:suse_linux:php5-debuginfo", "p-cpe:/a:novell:suse_linux:php5-debugsource", "p-cpe:/a:novell:suse_linux:php5-dom", "p-cpe:/a:novell:suse_linux:php5-dom-debuginfo", "p-cpe:/a:novell:suse_linux:php5-enchant", "p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo", "p-cpe:/a:novell:suse_linux:php5-exif", "p-cpe:/a:novell:suse_linux:php5-exif-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fastcgi", "p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fileinfo", "p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fpm", "p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ftp", "p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gd", "p-cpe:/a:novell:suse_linux:php5-gd-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gettext", "p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gmp", "p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-iconv", "p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo", "p-cpe:/a:novell:suse_linux:php5-intl", "p-cpe:/a:novell:suse_linux:php5-intl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-json", "p-cpe:/a:novell:suse_linux:php5-json-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ldap", "p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mbstring", "p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mcrypt", "p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mysql", "p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo", "p-cpe:/a:novell:suse_linux:php5-odbc", "p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo", "p-cpe:/a:novell:suse_linux:php5-openssl", "p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pcntl", "p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pdo", "p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pgsql", "p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pspell", "p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo", "p-cpe:/a:novell:suse_linux:php5-shmop", "p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo", "p-cpe:/a:novell:suse_linux:php5-snmp", "p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-soap", "p-cpe:/a:novell:suse_linux:php5-soap-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sockets", "p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sqlite", "p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo", "p-cpe:/a:novell:suse_linux:php5-suhosin", "p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvmsg", "p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvsem", "p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvshm", "p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo", "p-cpe:/a:novell:suse_linux:php5-tokenizer", "p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo", "p-cpe:/a:novell:suse_linux:php5-wddx", "p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlreader", "p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlrpc", "p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlwriter", "p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xsl", "p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-zip", "p-cpe:/a:novell:suse_linux:php5-zip-debuginfo", "p-cpe:/a:novell:suse_linux:php5-zlib", "p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2015-0868-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119964", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0868-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119964);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-9705\", \"CVE-2014-9709\", \"CVE-2015-2301\", \"CVE-2015-2305\", \"CVE-2015-2348\", \"CVE-2015-2783\", \"CVE-2015-2787\", \"CVE-2015-3329\", \"CVE-2015-3330\");\n script_bugtraq_id(72611, 73031, 73037, 73306, 73431, 73434, 74204, 74239, 74240);\n\n script_name(english:\"SUSE SLES12 Security Update : php5 (SUSE-SU-2015:0868-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP was updated to fix ten security issues.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2014-9709: A specially crafted GIF file could cause\n a buffer read overflow in php-gd (bnc#923946)\n\n - CVE-2015-2301: Memory was use after it was freed in PHAR\n (bnc#922022)\n\n - CVE-2015-2305: heap overflow vulnerability in regcomp.c\n (bnc#922452)\n\n - CVE-2014-9705: heap buffer overflow in Enchant\n (bnc#922451)\n\n - CVE-2015-2787: use-after-free vulnerability in the\n process_nested_data function (bnc#924972)\n\n - unserialize SoapClient type confusion (bnc#925109)\n\n - CVE-2015-2348: move_uploaded_file truncates a pathNAME\n upon encountering a x00 character (bnc#924970)\n\n - CVE-2015-3330: Specially crafted PHAR files could, when\n executed under Apache httpd 2.4 (apache2handler), allow\n arbitrary code execution (bnc#928506)\n\n - CVE-2015-3329: Specially crafted PHAR data could lead to\n disclosure of sensitive information due to a buffer\n overflow (bnc#928506)\n\n - CVE-2015-2783: Specially crafted PHAR data could lead to\n disclosure of sensitive information due to a buffer\n over-read (bnc#928511)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=922022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=922451\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=922452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=923946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=924970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=924972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=925109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=928408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=928506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=928511\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9705/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9709/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2301/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2305/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2348/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2783/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2787/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3329/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3330/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150868-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?632b005e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2015-192=1\n\nSUSE Linux Enterprise Module for Web Scripting 12 :\n\nzypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2015-192=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php5-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php5-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bcmath-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bcmath-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bz2-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bz2-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-calendar-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-calendar-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ctype-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ctype-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-curl-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-curl-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dba-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dba-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-debugsource-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dom-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dom-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-enchant-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-enchant-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-exif-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-exif-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fastcgi-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fastcgi-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fileinfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fileinfo-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fpm-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fpm-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ftp-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ftp-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gd-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gd-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gettext-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gettext-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gmp-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gmp-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-iconv-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-iconv-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-intl-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-intl-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-json-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-json-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ldap-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ldap-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mbstring-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mbstring-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mcrypt-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mcrypt-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mysql-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mysql-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-odbc-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-odbc-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-openssl-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-openssl-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pcntl-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pcntl-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pdo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pdo-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pgsql-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pgsql-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pspell-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pspell-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-shmop-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-shmop-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-snmp-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-snmp-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-soap-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-soap-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sockets-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sockets-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sqlite-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sqlite-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-suhosin-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-suhosin-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvmsg-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvmsg-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvsem-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvsem-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvshm-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvshm-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-tokenizer-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-tokenizer-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-wddx-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-wddx-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlreader-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlreader-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlrpc-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlrpc-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlwriter-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlwriter-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xsl-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xsl-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zip-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zip-debuginfo-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zlib-5.5.14-22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zlib-debuginfo-5.5.14-22.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:12", "description": "New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.", "cvss3": {}, "published": "2015-04-22T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / current : php (SSA:2015-111-10)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9709", "CVE-2015-0231", "CVE-2015-1351", "CVE-2015-1352", "CVE-2015-2301", "CVE-2015-2305", "CVE-2015-2331", "CVE-2015-2783", "CVE-2015-3330"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:php", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1"], "id": "SLACKWARE_SSA_2015-111-10.NASL", "href": "https://www.tenable.com/plugins/nessus/82923", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2015-111-10. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82923);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-9709\", \"CVE-2015-0231\", \"CVE-2015-1351\", \"CVE-2015-1352\", \"CVE-2015-2301\", \"CVE-2015-2305\", \"CVE-2015-2331\", \"CVE-2015-2783\", \"CVE-2015-3330\");\n script_bugtraq_id(71929, 71932, 72539, 72611, 73037, 73182, 73306, 74204, 74239);\n script_xref(name:\"SSA\", value:\"2015-111-10\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / current : php (SSA:2015-111-10)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New php packages are available for Slackware 14.0, 14.1, and -current\nto fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.429606\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cd0c572c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"php\", pkgver:\"5.4.40\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.4.40\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"php\", pkgver:\"5.4.40\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.4.40\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"php\", pkgver:\"5.6.8\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.6.8\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:54:12", "description": "CVE-2014-9705 Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.\n\nCVE-2015-0232 The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image.\n\nCVE-2015-2301 Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.\n\nCVE-2015-2331 Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.\n\nCVE-2015-2783 Buffer Over-read in unserialize when parsing Phar\n\nCVE-2015-2787 Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.\n\nCVE-2015-3329 Buffer Overflow when parsing tar/zip/phar in phar_set_inode)\n\nCVE-2015-3330 PHP potential remote code execution with apache 2.4 apache2handler\n\nCVE-2015-temp-68819 denial of service when processing a crafted file with Fileinfo\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-04-30T00:00:00", "type": "nessus", "title": "Debian DLA-212-1 : php5 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9705", "CVE-2015-0231", "CVE-2015-0232", "CVE-2015-2301", "CVE-2015-2331", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3329", "CVE-2015-3330"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libapache2-mod-php5", "p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter", "p-cpe:/a:debian:debian_linux:php-pear", "p-cpe:/a:debian:debian_linux:php5", "p-cpe:/a:debian:debian_linux:php5-cgi", "p-cpe:/a:debian:debian_linux:php5-cli", "p-cpe:/a:debian:debian_linux:php5-common", "p-cpe:/a:debian:debian_linux:php5-curl", "p-cpe:/a:debian:debian_linux:php5-dbg", "p-cpe:/a:debian:debian_linux:php5-dev", "p-cpe:/a:debian:debian_linux:php5-enchant", "p-cpe:/a:debian:debian_linux:php5-gd", "p-cpe:/a:debian:debian_linux:php5-gmp", "p-cpe:/a:debian:debian_linux:php5-imap", "p-cpe:/a:debian:debian_linux:php5-interbase", "p-cpe:/a:debian:debian_linux:php5-intl", "p-cpe:/a:debian:debian_linux:php5-ldap", "p-cpe:/a:debian:debian_linux:php5-mcrypt", "p-cpe:/a:debian:debian_linux:php5-mysql", "p-cpe:/a:debian:debian_linux:php5-odbc", "p-cpe:/a:debian:debian_linux:php5-pgsql", "p-cpe:/a:debian:debian_linux:php5-pspell", "p-cpe:/a:debian:debian_linux:php5-recode", "p-cpe:/a:debian:debian_linux:php5-snmp", "p-cpe:/a:debian:debian_linux:php5-sqlite", "p-cpe:/a:debian:debian_linux:php5-sybase", "p-cpe:/a:debian:debian_linux:php5-tidy", "p-cpe:/a:debian:debian_linux:php5-xmlrpc", "p-cpe:/a:debian:debian_linux:php5-xsl", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-212.NASL", "href": "https://www.tenable.com/plugins/nessus/83144", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-212-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83144);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-9705\", \"CVE-2015-0232\", \"CVE-2015-2301\", \"CVE-2015-2331\", \"CVE-2015-2783\", \"CVE-2015-2787\", \"CVE-2015-3329\", \"CVE-2015-3330\");\n script_bugtraq_id(72541, 73031, 73037, 73182, 73431, 74204, 74239, 74240);\n\n script_name(english:\"Debian DLA-212-1 : php5 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2014-9705 Heap-based buffer overflow in the\nenchant_broker_request_dict function in ext/enchant/enchant.c in PHP\nbefore 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows\nremote attackers to execute arbitrary code via vectors that trigger\ncreation of multiple dictionaries.\n\nCVE-2015-0232 The exif_process_unicode function in ext/exif/exif.c in\nPHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows\nremote attackers to execute arbitrary code or cause a denial of\nservice (uninitialized pointer free and application crash) via crafted\nEXIF data in a JPEG image.\n\nCVE-2015-2301 Use-after-free vulnerability in the phar_rename_archive\nfunction in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6\nallows remote attackers to cause a denial of service or possibly have\nunspecified other impact via vectors that trigger an attempted\nrenaming of a Phar archive to the name of an existing file.\n\nCVE-2015-2331 Integer overflow in the _zip_cdir_new function in\nzip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP\nextension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before\n5.6.7 and other products, allows remote attackers to cause a denial of\nservice (application crash) or possibly execute arbitrary code via a\nZIP archive that contains many entries, leading to a heap-based buffer\noverflow.\n\nCVE-2015-2783 Buffer Over-read in unserialize when parsing Phar\n\nCVE-2015-2787 Use-after-free vulnerability in the process_nested_data\nfunction in ext/standard/var_unserializer.re in PHP before 5.4.39,\n5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to\nexecute arbitrary code via a crafted unserialize call that leverages\nuse of the unset function within an __wakeup function, a related issue\nto CVE-2015-0231.\n\nCVE-2015-3329 Buffer Overflow when parsing tar/zip/phar in\nphar_set_inode)\n\nCVE-2015-3330 PHP potential remote code execution with apache 2.4\napache2handler\n\nCVE-2015-temp-68819 denial of service when processing a crafted file\nwith Fileinfo\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/04/msg00025.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/php5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-interbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php-pear\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cgi\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cli\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-common\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-curl\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dbg\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dev\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-enchant\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gd\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gmp\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-imap\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-interbase\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-intl\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-ldap\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mcrypt\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mysql\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-odbc\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pgsql\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pspell\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-recode\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-snmp\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sqlite\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sybase\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-tidy\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xmlrpc\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xsl\", reference:\"5.3.3.1-7+squeeze26\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:19", "description": "According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.5. It is, therefore, affected by multiple vulnerabilities:\n\n - A double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine could allow a remote attacker to cause a denial of service. (CVE-2014-9425)\n\n - An out-of-bounds read flaw in file 'cgi_main.c' exists when nmap is used to process an invalid file that begins with a hash character (#) but lacks a newline character.\n A remote attacker, using a specially crafted PHP file, can exploit this vulnerability to disclose memory contents, cause a denial of service, or possibly execute code. (CVE-2014-9427)\n\n - The mconvert function in softmagic.c does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which could allow a remote attacker to cause a denial of service.\n (CVE-2014-9652)\n\n - An out-of-bounds read issue exists in the GetCode_() function in 'gd_gif_in.c'. This allows a remote attacker to disclose memory contents. (CVE-2014-9709)\n\n - A use-after-free memory error exists in the process_nested_data() function in 'var_unserializer.re' due to improper handling of duplicate numerical keys within the serialized properties of an object. A remote attacker, using a crafted unserialize method call, can exploit this vulnerability to execute arbitrary code.\n (CVE-2015-0231)\n\n - A flaw exists in the exif_process_unicode() function in 'exif.c' that allows freeing an uninitialized pointer. A remote attacker, using specially crafted EXIF data in a JPEG image, can exploit this to cause a denial of service or to execute arbitrary code. (CVE-2015-0232)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2015-01-29T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9425", "CVE-2014-9427", "CVE-2014-9652", "CVE-2014-9709", "CVE-2015-0231", "CVE-2015-0232"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_6_5.NASL", "href": "https://www.tenable.com/plugins/nessus/81082", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81082);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2014-9425\",\n \"CVE-2014-9427\",\n \"CVE-2014-9652\",\n \"CVE-2014-9709\",\n \"CVE-2015-0231\",\n \"CVE-2015-0232\"\n );\n script_bugtraq_id(\n 71800,\n 71833,\n 72505,\n 72539,\n 72541,\n 73306\n );\n\n script_name(english:\"PHP 5.6.x < 5.6.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.6.x installed on the\nremote host is prior to 5.6.5. It is, therefore, affected by multiple\nvulnerabilities:\n\n - A double free vulnerability in the\n zend_ts_hash_graceful_destroy function in\n zend_ts_hash.c in the Zend Engine could allow a remote\n attacker to cause a denial of service. (CVE-2014-9425)\n\n - An out-of-bounds read flaw in file 'cgi_main.c' exists\n when nmap is used to process an invalid file that begins\n with a hash character (#) but lacks a newline character.\n A remote attacker, using a specially crafted PHP file,\n can exploit this vulnerability to disclose memory\n contents, cause a denial of service, or possibly execute\n code. (CVE-2014-9427)\n\n - The mconvert function in softmagic.c does not properly\n handle a certain string-length field during a copy of a\n truncated version of a Pascal string, which could allow\n a remote attacker to cause a denial of service.\n (CVE-2014-9652)\n\n - An out-of-bounds read issue exists in the GetCode_()\n function in 'gd_gif_in.c'. This allows a remote attacker\n to disclose memory contents. (CVE-2014-9709)\n\n - A use-after-free memory error exists in the\n process_nested_data() function in 'var_unserializer.re'\n due to improper handling of duplicate numerical keys\n within the serialized properties of an object. A remote\n attacker, using a crafted unserialize method call, can\n exploit this vulnerability to execute arbitrary code.\n (CVE-2015-0231)\n\n - A flaw exists in the exif_process_unicode() function in\n 'exif.c' that allows freeing an uninitialized pointer. A\n remote attacker, using specially crafted EXIF data in a\n JPEG image, can exploit this to cause a denial of\n service or to execute arbitrary code. (CVE-2015-0232)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.6.5\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68618\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68710\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68799\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.6.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-0231\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.6)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.6\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.6.x\", port);\n\nif (version =~ \"^5\\.6\\.[0-4]$\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.6.5' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:44:18", "description": "According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.5. It is, therefore, affected by multiple vulnerabilities:\n\n - An out-of-bounds read flaw in file 'cgi_main.c' exists when nmap is used to process an invalid file that begins with a hash character (#) but lacks a newline character. A remote attacker, using a specially crafted PHP file, can exploit this vulnerability to disclose memory contents, cause a denial of service, or possibly execute code. (CVE-2014-9427)\n\n - An out-of-bounds read issue exists in the GetCode_() function in 'gd_gif_in.c'. This allows a remote attacker to disclose memory contents. (CVE-2014-9709)\n\n - A use-after-free memory error exists in the process_nested_data() function in 'var_unserializer.re' due to improper handling of duplicate numerical keys within the serialized properties of an object. A remote attacker, using a crafted unserialize method call, can exploit this vulnerability to execute arbitrary code. (CVE-2015-0231)\n\n - A flaw exists in the exif_process_unicode() function in 'exif.c' that allows freeing an uninitialized pointer. A remote attacker, using specially crafted EXIF data in a JPEG image, can exploit this to cause a denial of service or to execute arbitrary code. (CVE-2015-0232)\n\nNote that the scanner has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-01-09T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9425", "CVE-2014-9427", "CVE-2014-9652", "CVE-2014-9709", "CVE-2015-0231", "CVE-2015-0232"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98828", "href": "https://www.tenable.com/plugins/was/98828", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:21", "description": "According to its banner, the version of PHP 5.5.x installed on the remote host is prior to 5.5.21. It is, therefore, affected by multiple vulnerabilities:\n\n - A double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine could allow a remote attacker to cause a denial of service. (CVE-2014-9425)\n\n - An out-of-bounds read flaw in file 'cgi_main.c' exists when nmap is used to process an invalid file that begins with a hash character (#) but lacks a newline character.\n A remote attacker, using a specially crafted PHP file, can exploit this vulnerability to disclose memory contents, cause a denial of service, or possibly execute code. (CVE-2014-9427)\n\n - The mconvert function in softmagic.c does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which could allow a remote attacker to cause a denial of service.\n (CVE-2014-9652)\n\n - An out-of-bounds read issue exists in the GetCode_() function in 'gd_gif_in.c'. This allows a remote attacker to disclose memory contents. (CVE-2014-9709)\n\n - A use-after-free memory error exists in the process_nested_data() function in 'var_unserializer.re' due to improper handling of duplicate numerical keys within the serialized properties of an object. A remote attacker, using a crafted unserialize method call, can exploit this vulnerability to execute arbitrary code.\n (CVE-2015-0231)\n\n - A flaw exists in the exif_process_unicode() function in 'exif.c' that allows freeing an uninitialized pointer. A remote attacker, using specially crafted EXIF data in a JPEG image, can exploit this to cause a denial of service or to execute arbitrary code. (CVE-2015-0232)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2015-01-29T00:00:00", "type": "nessus", "title": "PHP 5.5.x < 5.5.21 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9425", "CVE-2014-9427", "CVE-2014-9652", "CVE-2014-9709", "CVE-2015-0231", "CVE-2015-0232"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_5_21.NASL", "href": "https://www.tenable.com/plugins/nessus/81081", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81081);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2014-9425\",\n \"CVE-2014-9427\",\n \"CVE-2014-9652\",\n \"CVE-2014-9709\",\n \"CVE-2015-0231\",\n \"CVE-2015-0232\"\n );\n script_bugtraq_id(\n 71800,\n 71833,\n 72505,\n 72539,\n 72541,\n 73306\n );\n\n script_name(english:\"PHP 5.5.x < 5.5.21 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.5.x installed on the\nremote host is prior to 5.5.21. It is, therefore, affected by multiple\nvulnerabilities:\n\n - A double free vulnerability in the\n zend_ts_hash_graceful_destroy function in\n zend_ts_hash.c in the Zend Engine could allow a remote\n attacker to cause a denial of service. (CVE-2014-9425)\n\n - An out-of-bounds read flaw in file 'cgi_main.c' exists\n when nmap is used to process an invalid file that begins\n with a hash character (#) but lacks a newline character.\n A remote attacker, using a specially crafted PHP file,\n can exploit this vulnerability to disclose memory\n contents, cause a denial of service, or possibly execute\n code. (CVE-2014-9427)\n\n - The mconvert function in softmagic.c does not properly\n handle a certain string-length field during a copy of a\n truncated version of a Pascal string, which could allow\n a remote attacker to cause a denial of service.\n (CVE-2014-9652)\n\n - An out-of-bounds read issue exists in the GetCode_()\n function in 'gd_gif_in.c'. This allows a remote attacker\n to disclose memory contents. (CVE-2014-9709)\n\n - A use-after-free memory error exists in the\n process_nested_data() function in 'var_unserializer.re'\n due to improper handling of duplicate numerical keys\n within the serialized properties of an object. A remote\n attacker, using a crafted unserialize method call, can\n exploit this vulnerability to execute arbitrary code.\n (CVE-2015-0231)\n\n - A flaw exists in the exif_process_unicode() function in\n 'exif.c' that allows freeing an uninitialized pointer. A\n remote attacker, using specially crafted EXIF data in a\n JPEG image, can exploit this to cause a denial of\n service or to execute arbitrary code. (CVE-2015-0232)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.5.21\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68618\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68710\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68799\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.5.21 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-0231\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.5)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.5\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.5.x\", port);\n\nif (version =~ \"^5\\.5\\.([0-9]|1[0-9]|20)($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.5.21' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:58", "description": "It was discovered that PHP incorrectly handled cleanup when used with Apache 2.4. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-3330)\n\nIt was discovered that PHP incorrectly handled opening tar, zip or phar archives through the PHAR extension. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-3329)\n\nIt was discovered that PHP incorrectly handled regular expressions. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-2305)\n\nPaulos Yibelo discovered that PHP incorrectly handled moving files when a pathname contained a null character. A remote attacker could use this issue to possibly bypass filename restrictions. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-2348)\n\nIt was discovered that PHP incorrectly handled unserializing PHAR files. A remote attacker could use this issue to cause PHP to possibly expose sensitive information. (CVE-2015-2783)\n\nTaoguang Chen discovered that PHP incorrectly handled unserializing certain objects. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-2787).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-04-21T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : php5 vulnerabilities (USN-2572-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2305", "CVE-2015-2348", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3329", "CVE-2015-3330"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5", "p-cpe:/a:canonical:ubuntu_linux:php5-cgi", "p-cpe:/a:canonical:ubuntu_linux:php5-cli", "p-cpe:/a:canonical:ubuntu_linux:php5-fpm", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:14.10"], "id": "UBUNTU_USN-2572-1.NASL", "href": "https://www.tenable.com/plugins/nessus/82911", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2572-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82911);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-2305\", \"CVE-2015-2348\", \"CVE-2015-2783\", \"CVE-2015-2787\", \"CVE-2015-3329\", \"CVE-2015-3330\");\n script_bugtraq_id(72611, 73431, 73434, 74204);\n script_xref(name:\"USN\", value:\"2572-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : php5 vulnerabilities (USN-2572-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that PHP incorrectly handled cleanup when used with\nApache 2.4. A remote attacker could use this issue to cause PHP to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2015-3330)\n\nIt was discovered that PHP incorrectly handled opening tar, zip or\nphar archives through the PHAR extension. A remote attacker could use\nthis issue to cause PHP to crash, resulting in a denial of service, or\npossibly execute arbitrary code. (CVE-2015-3329)\n\nIt was discovered that PHP incorrectly handled regular expressions. A\nremote attacker could use this issue to cause PHP to crash, resulting\nin a denial of service, or possibly execute arbitrary code.\n(CVE-2015-2305)\n\nPaulos Yibelo discovered that PHP incorrectly handled moving files\nwhen a pathname contained a null character. A remote attacker could\nuse this issue to possibly bypass filename restrictions. This issue\nonly applied to Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-2348)\n\nIt was discovered that PHP incorrectly handled unserializing PHAR\nfiles. A remote attacker could use this issue to cause PHP to possibly\nexpose sensitive information. (CVE-2015-2783)\n\nTaoguang Chen discovered that PHP incorrectly handled unserializing\ncertain objects. A remote attacker could use this issue to cause PHP\nto crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2015-2787).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2572-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.3.2-1ubuntu4.30\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.2-1ubuntu4.30\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-cli\", pkgver:\"5.3.2-1ubuntu4.30\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.3.10-1ubuntu3.18\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.10-1ubuntu3.18\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-cli\", pkgver:\"5.3.10-1ubuntu3.18\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-fpm\", pkgver:\"5.3.10-1ubuntu3.18\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.5.9+dfsg-1ubuntu4.9\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-cgi\", pkgver:\"5.5.9+dfsg-1ubuntu4.9\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-cli\", pkgver:\"5.5.9+dfsg-1ubuntu4.9\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-fpm\", pkgver:\"5.5.9+dfsg-1ubuntu4.9\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.5.12+dfsg-2ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"php5-cgi\", pkgver:\"5.5.12+dfsg-2ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"php5-cli\", pkgver:\"5.5.12+dfsg-2ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"php5-fpm\", pkgver:\"5.5.12+dfsg-2ubuntu4.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-mod-php5 / php5-cgi / php5-cli / php5-fpm\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:53", "description": "PHP was updated to fix several security issues.\n\nThe following vulnerabilities were fixed :\n\n - A specially crafted GIF file could cause a buffer read overflow in php-gd (CVE-2014-9709 bnc#923946)\n\n - Memory was use after it was freed in PHAR (CVE-2015-2301 bnc#922022)\n\n - heap overflow vulnerability in regcomp.c (CVE-2015-2305 bnc#922452)\n\n - heap buffer overflow in Enchant (CVE-2014-9705 bnc#922451)\n\nFor openSUSE 13.2, the following additional vulnerability was fixed :\n\n - A specially crafted zip file could lead to writing past the heap boundary (CVE-2015-2331 bnc#922894)", "cvss3": {}, "published": "2015-04-02T00:00:00", "type": "nessus", "title": "openSUSE Security Update : php5 (openSUSE-2015-282)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9705", "CVE-2014-9709", "CVE-2015-2301", "CVE-2015-2305", "CVE-2015-2331"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird", "p-cpe:/a:novell:opensuse:php5-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-opcache", "p-cpe:/a:novell:opensuse:php5-opcache-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2015-282.NASL", "href": "https://www.tenable.com/plugins/nessus/82516", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-282.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82516);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-9705\", \"CVE-2014-9709\", \"CVE-2015-2301\", \"CVE-2015-2305\", \"CVE-2015-2331\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-2015-282)\");\n script_summary(english:\"Check for the openSUSE-2015-282 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP was updated to fix several security issues.\n\nThe following vulnerabilities were fixed :\n\n - A specially crafted GIF file could cause a buffer read\n overflow in php-gd (CVE-2014-9709 bnc#923946)\n\n - Memory was use after it was freed in PHAR (CVE-2015-2301\n bnc#922022)\n\n - heap overflow vulnerability in regcomp.c (CVE-2015-2305\n bnc#922452)\n\n - heap buffer overflow in Enchant (CVE-2014-9705\n bnc#922451)\n\nFor openSUSE 13.2, the following additional vulnerability was fixed :\n\n - A specially crafted zip file could lead to writing past\n the heap boundary (CVE-2015-2331 bnc#922894)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922451\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=922894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=923946\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debugsource-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-devel-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pear-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-debuginfo-5.4.20-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debugsource-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-devel-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pear-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-debuginfo-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-5.6.1-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-debuginfo-5.6.1-15.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:51", "description": "Multiple vulnerabilities has been discovered and corrected in php :\n\nS. Paraschoudis discovered that PHP incorrectly handled memory in the enchant binding. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2014-9705).\n\nTaoguang Chen discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2015-0273).\n\nIt was discovered that PHP incorrectly handled memory in the phar extension. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2015-2301).\n\nUse-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142 (CVE-2015-0231).\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is embedded in PHP, processed certain ZIP archives. If an attacker were able to supply a specially crafted ZIP archive to an application using libzip, it could cause the application to crash or, possibly, execute arbitrary code (CVE-2015-2331).\n\nIt was discovered that the PHP opcache component incorrectly handled memory. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2015-1351).\n\nIt was discovered that the PHP PostgreSQL database extension incorrectly handled certain pointers. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2015-1352).\n\nThe updated php packages have been patched and upgraded to the 5.5.23 version which is not vulnerable to these issues. The libzip packages has been patched to address the CVE-2015-2331 flaw.\n\nAdditionally the php-xdebug package has been upgraded to the latest 2.3.2 and the PECL packages which requires so has been rebuilt for php-5.5.23.", "cvss3": {}, "published": "2015-03-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : php (MDVSA-2015:079)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8142", "CVE-2014-9705", "CVE-2015-0231", "CVE-2015-0273", "CVE-2015-1351", "CVE-2015-1352", "CVE-2015-2301", "CVE-2015-2331"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:apache-mod_php", "p-cpe:/a:mandriva:linux:lib64php5_common5", "p-cpe:/a:mandriva:linux:lib64zip-devel", "p-cpe:/a:mandriva:linux:lib64zip2", "p-cpe:/a:mandriva:linux:libzip", "p-cpe:/a:mandriva:linux:php-apc", "p-cpe:/a:mandriva:linux:php-apc-admin", "p-cpe:/a:mandriva:linux:php-bcmath", "p-cpe:/a:mandriva:linux:php-bz2", "p-cpe:/a:mandriva:linux:php-calendar", "p-cpe:/a:mandriva:linux:php-cgi", "p-cpe:/a:mandriva:linux:php-cli", "p-cpe:/a:mandriva:linux:php-ctype", "p-cpe:/a:mandriva:linux:php-curl", "p-cpe:/a:mandriva:linux:php-dba", "p-cpe:/a:mandriva:linux:php-devel", "p-cpe:/a:mandriva:linux:php-doc", "p-cpe:/a:mandriva:linux:php-dom", "p-cpe:/a:mandriva:linux:php-enchant", "p-cpe:/a:mandriva:linux:php-exif", "p-cpe:/a:mandriva:linux:php-fileinfo", "p-cpe:/a:mandriva:linux:php-filter", "p-cpe:/a:mandriva:linux:php-fpm", "p-cpe:/a:mandriva:linux:php-ftp", "p-cpe:/a:mandriva:linux:php-gd", "p-cpe:/a:mandriva:linux:php-gettext", "p-cpe:/a:mandriva:linux:php-gmp", "p-cpe:/a:mandriva:linux:php-hash", "p-cpe:/a:mandriva:linux:php-iconv", "p-cpe:/a:mandriva:linux:php-imap", "p-cpe:/a:mandriva:linux:php-ini", "p-cpe:/a:mandriva:linux:php-intl", "p-cpe:/a:mandriva:linux:php-json", "p-cpe:/a:mandriva:linux:php-ldap", "p-cpe:/a:mandriva:linux:php-mbstring", "p-cpe:/a:mandriva:linux:php-mcrypt", "p-cpe:/a:mandriva:linux:php-mssql", "p-cpe:/a:mandriva:linux:php-mysql", "p-cpe:/a:mandriva:linux:php-mysqli", "p-cpe:/a:mandriva:linux:php-mysqlnd", "p-cpe:/a:mandriva:linux:php-odbc", "p-cpe:/a:mandriva:linux:php-opcache", "p-cpe:/a:mandriva:linux:php-openssl", "p-cpe:/a:mandriva:linux:php-pcntl", "p-cpe:/a:mandriva:linux:php-pdo", "p-cpe:/a:mandriva:linux:php-pdo_dblib", "p-cpe:/a:mandriva:linux:php-pdo_mysql", "p-cpe:/a:mandriva:linux:php-pdo_odbc", "p-cpe:/a:mandriva:linux:php-pdo_pgsql", "p-cpe:/a:mandriva:linux:php-pdo_sqlite", "p-cpe:/a:mandriva:linux:php-pgsql", "p-cpe:/a:mandriva:linux:php-phar", "p-cpe:/a:mandriva:linux:php-posix", "p-cpe:/a:mandriva:linux:php-readline", "p-cpe:/a:mandriva:linux:php-recode", "p-cpe:/a:mandriva:linux:php-session", "p-cpe:/a:mandriva:linux:php-shmop", "p-cpe:/a:mandriva:linux:php-snmp", "p-cpe:/a:mandriva:linux:php-soap", "p-cpe:/a:mandriva:linux:php-sockets", "p-cpe:/a:mandriva:linux:php-sqlite3", "p-cpe:/a:mandriva:linux:php-sybase_ct", "p-cpe:/a:mandriva:linux:php-sysvmsg", "p-cpe:/a:mandriva:linux:php-sysvsem", "p-cpe:/a:mandriva:linux:php-sysvshm", "p-cpe:/a:mandriva:linux:php-tidy", "p-cpe:/a:mandriva:linux:php-tokenizer", "p-cpe:/a:mandriva:linux:php-wddx", "p-cpe:/a:mandriva:linux:php-xdebug", "p-cpe:/a:mandriva:linux:php-xml", "p-cpe:/a:mandriva:linux:php-xmlreader", "p-cpe:/a:mandriva:linux:php-xmlrpc", "p-cpe:/a:mandriva:linux:php-xmlwriter", "p-cpe:/a:mandriva:linux:php-xsl", "p-cpe:/a:mandriva:linux:php-zip", "p-cpe:/a:mandriva:linux:php-zlib", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2015-079.NASL", "href": "https://www.tenable.com/plugins/nessus/82332", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:079. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82332);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-9705\", \"CVE-2015-0231\", \"CVE-2015-0273\", \"CVE-2015-1351\", \"CVE-2015-1352\", \"CVE-2015-2301\", \"CVE-2015-2331\");\n script_bugtraq_id(71929, 71932, 72539, 72701, 73031, 73037, 73182);\n script_xref(name:\"MDVSA\", value:\"2015:079\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php (MDVSA-2015:079)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in php :\n\nS. Paraschoudis discovered that PHP incorrectly handled memory in the\nenchant binding. A remote attacker could use this issue to cause PHP\nto crash, resulting in a denial of service, or possibly execute\narbitrary code (CVE-2014-9705).\n\nTaoguang Chen discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code\n(CVE-2015-0273).\n\nIt was discovered that PHP incorrectly handled memory in the phar\nextension. A remote attacker could use this issue to cause PHP to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode (CVE-2015-2301).\n\nUse-after-free vulnerability in the process_nested_data function in\next/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before\n5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute\narbitrary code via a crafted unserialize call that leverages improper\nhandling of duplicate numerical keys within the serialized properties\nof an object. NOTE: this vulnerability exists because of an incomplete\nfix for CVE-2014-8142 (CVE-2015-0231).\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way libzip, which is embedded in PHP, processed certain\nZIP archives. If an attacker were able to supply a specially crafted\nZIP archive to an application using libzip, it could cause the\napplication to crash or, possibly, execute arbitrary code\n(CVE-2015-2331).\n\nIt was discovered that the PHP opcache component incorrectly handled\nmemory. A remote attacker could possibly use this issue to cause PHP\nto crash, resulting in a denial of service, or possibly execute\narbitrary code (CVE-2015-1351).\n\nIt was discovered that the PHP PostgreSQL database extension\nincorrectly handled certain pointers. A remote attacker could possibly\nuse this issue to cause PHP to crash, resulting in a denial of\nservice, or possibly execute arbitrary code (CVE-2015-1352).\n\nThe updated php packages have been patched and upgraded to the 5.5.23\nversion which is not vulnerable to these issues. The libzip packages\nhas been patched to address the CVE-2015-2331 flaw.\n\nAdditionally the php-xdebug package has been upgraded to the latest\n2.3.2 and the PECL packages which requires so has been rebuilt for\nphp-5.5.23.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.22\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.23\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2501-1/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2535-1/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1204676\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64php5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64zip-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64zip2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libzip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-apc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-apc-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sybase_ct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_php-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64zip-devel-0.10.1-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64zip2-0.10.1-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"libzip-0.10.1-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-apc-3.1.15-1.17.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-apc-admin-3.1.15-1.17.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-bcmath-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-bz2-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-calendar-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-cgi-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-cli-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ctype-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-curl-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-dba-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-devel-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-doc-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-dom-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-enchant-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-exif-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-fileinfo-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-filter-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-fpm-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ftp-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gd-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gettext-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gmp-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-hash-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-iconv-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-imap-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ini-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-intl-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-json-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ldap-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mbstring-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mcrypt-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mssql-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mysql-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mysqli-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-odbc-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-opcache-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-openssl-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pcntl-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_dblib-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_mysql-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_odbc-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_pgsql-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_sqlite-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pgsql-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-phar-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-posix-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-readline-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-recode-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-session-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-shmop-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-snmp-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-soap-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sockets-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sqlite3-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sybase_ct-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sysvmsg-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sysvsem-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sysvshm-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-tidy-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-tokenizer-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-wddx-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xdebug-2.3.2-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xml-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xmlreader-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xmlwriter-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xsl-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-zip-5.5.23-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-zlib-5.5.23-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:44", "description": "A buffer overflow vulnerability was found in PHP's phar (PHP Archive) implementation. See https://bugs.php.net/bug.php?id=69324 for more details. (CVE-2015-2783)\n\nA use-after-free flaw was found in PHP's phar (PHP Archive) paths implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memory. (CVE-2015-2301)\n\nA buffer over-read flaw was found in the GD library. A specially crafted GIF file could cause an application using the gdImageCreateFromGif() function to crash. (CVE-2014-9709)\n\nA NULL pointer dereference flaw was found in PHP's pgsql extension. A specially crafted table name passed to function as pg_insert() or pg_select() could cause a PHP application to crash. (CVE-2015-1352)\n\nA buffer overflow flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened.\n(CVE-2015-3329)", "cvss3": {}, "published": "2015-04-20T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php54 (ALAS-2015-509)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9709", "CVE-2015-1352", "CVE-2015-2301", "CVE-2015-2783", "CVE-2015-3329"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php54", "p-cpe:/a:amazon:linux:php54-bcmath", "p-cpe:/a:amazon:linux:php54-cli", "p-cpe:/a:amazon:linux:php54-common", "p-cpe:/a:amazon:linux:php54-dba", "p-cpe:/a:amazon:linux:php54-debuginfo", "p-cpe:/a:amazon:linux:php54-devel", "p-cpe:/a:amazon:linux:php54-embedded", "p-cpe:/a:amazon:linux:php54-enchant", "p-cpe:/a:amazon:linux:php54-fpm", "p-cpe:/a:amazon:linux:php54-gd", "p-cpe:/a:amazon:linux:php54-imap", "p-cpe:/a:amazon:linux:php54-intl", "p-cpe:/a:amazon:linux:php54-ldap", "p-cpe:/a:amazon:linux:php54-mbstring", "p-cpe:/a:amazon:linux:php54-mcrypt", "p-cpe:/a:amazon:linux:php54-mssql", "p-cpe:/a:amazon:linux:php54-mysql", "p-cpe:/a:amazon:linux:php54-mysqlnd", "p-cpe:/a:amazon:linux:php54-odbc", "p-cpe:/a:amazon:linux:php54-pdo", "p-cpe:/a:amazon:linux:php54-pgsql", "p-cpe:/a:amazon:linux:php54-process", "p-cpe:/a:amazon:linux:php54-pspell", "p-cpe:/a:amazon:linux:php54-recode", "p-cpe:/a:amazon:linux:php54-snmp", "p-cpe:/a:amazon:linux:php54-soap", "p-cpe:/a:amazon:linux:php54-tidy", "p-cpe:/a:amazon:linux:php54-xml", "p-cpe:/a:amazon:linux:php54-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-509.NASL", "href": "https://www.tenable.com/plugins/nessus/82856", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-509.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82856);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-9709\", \"CVE-2015-1352\", \"CVE-2015-2301\", \"CVE-2015-2783\", \"CVE-2015-3329\");\n script_xref(name:\"ALAS\", value:\"2015-509\");\n\n script_name(english:\"Amazon Linux AMI : php54 (ALAS-2015-509)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow vulnerability was found in PHP's phar (PHP Archive)\nimplementation. See https://bugs.php.net/bug.php?id=69324 for more\ndetails. (CVE-2015-2783)\n\nA use-after-free flaw was found in PHP's phar (PHP Archive) paths\nimplementation. A malicious script author could possibly use this flaw\nto disclose certain portions of server memory. (CVE-2015-2301)\n\nA buffer over-read flaw was found in the GD library. A specially\ncrafted GIF file could cause an application using the\ngdImageCreateFromGif() function to crash. (CVE-2014-9709)\n\nA NULL pointer dereference flaw was found in PHP's pgsql extension. A\nspecially crafted table name passed to function as pg_insert() or\npg_select() could cause a PHP application to crash. (CVE-2015-1352)\n\nA buffer overflow flaw was found in the way PHP's Phar extension\nparsed Phar archives. A specially crafted archive could cause PHP to\ncrash or, possibly, execute arbitrary code when opened.\n(CVE-2015-3329)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.php.net/bug.php?id=69324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-509.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php54' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php54-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-bcmath-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-cli-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-common-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-dba-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-debuginfo-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-devel-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-embedded-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-enchant-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-fpm-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-gd-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-imap-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-intl-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-ldap-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mbstring-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mcrypt-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mssql-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mysql-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mysqlnd-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-odbc-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pdo-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pgsql-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-process-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pspell-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-recode-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-snmp-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-soap-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-tidy-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-xml-5.4.40-1.68.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-xmlrpc-5.4.40-1.68.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php54 / php54-bcmath / php54-cli / php54-common / php54-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:26", "description": "The PHP project reports :\n\nThe PHP development team announces the immediate availability of PHP 5.4.40. 14 security-related bugs were fixed in this release, including CVE-2014-9709, CVE-2015-2301, CVE-2015-2783, CVE-2015-1352. All PHP 5.4 users are encouraged to upgrade to this version.\n\nThe PHP development team announces the immediate availability of PHP 5.5.24. Several bugs have been fixed, some of them being security related, like CVE-2015-1351 and CVE-2015-1352. All PHP 5.5 users are encouraged to upgrade to this version.\n\nThe PHP development team announces the immediate availability of PHP 5.6.8. Several bugs have been fixed, some of them being security related, like CVE-2015-1351 and CVE-2015-1352. All PHP 5.6 users are encouraged to upgrade to this version.", "cvss3": {}, "published": "2015-04-27T00:00:00", "type": "nessus", "title": "FreeBSD : Several vulnerabilities found in PHP (1e232a0c-eb57-11e4-b595-4061861086c1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9709", "CVE-2015-1351", "CVE-2015-1352", "CVE-2015-2301", "CVE-2015-2783"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:php5", "p-cpe:/a:freebsd:freebsd:php55", "p-cpe:/a:freebsd:freebsd:php56", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_1E232A0CEB5711E4B5954061861086C1.NASL", "href": "https://www.tenable.com/plugins/nessus/83080", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83080);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-9709\", \"CVE-2015-1351\", \"CVE-2015-1352\", \"CVE-2015-2301\", \"CVE-2015-2783\");\n\n script_name(english:\"FreeBSD : Several vulnerabilities found in PHP (1e232a0c-eb57-11e4-b595-4061861086c1)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The PHP project reports :\n\nThe PHP development team announces the immediate availability of PHP\n5.4.40. 14 security-related bugs were fixed in this release, including\nCVE-2014-9709, CVE-2015-2301, CVE-2015-2783, CVE-2015-1352. All PHP\n5.4 users are encouraged to upgrade to this version.\n\nThe PHP development team announces the immediate availability of PHP\n5.5.24. Several bugs have been fixed, some of them being security\nrelated, like CVE-2015-1351 and CVE-2015-1352. All PHP 5.5 users are\nencouraged to upgrade to this version.\n\nThe PHP development team announces the immediate availability of PHP\n5.6.8. Several bugs have been fixed, some of them being security\nrelated, like CVE-2015-1351 and CVE-2015-1352. All PHP 5.6 users are\nencouraged to upgrade to this version.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/archive/2015.php#id2015-04-16-2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=199585\"\n );\n # https://vuxml.freebsd.org/freebsd/1e232a0c-eb57-11e4-b595-4061861086c1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4e748b42\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"php5<5.4.40\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55<5.5.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56<5.6.8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:03:24", "description": "The version of Apple iTunes running on the remote host is prior to 12.3. It is, therefore, affected by multiple vulnerabilities in the WebKit, CoreText, and ICU components, and in the bundled version of the Microsoft Visual Studio C++ Redistributable Package. An attacker can exploit these vulnerabilities to cause a denial of service, execute arbitrary code, or gain access to encrypted SMB credentials.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2015-10-26T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.3 Multiple Vulnerabilities (uncredentialed check)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3190", "CVE-2014-8146", "CVE-2015-1152", "CVE-2015-1153", "CVE-2015-1157", "CVE-2015-1205", "CVE-2015-3686", "CVE-2015-3687", "CVE-2015-3688", "CVE-2015-3730", "CVE-2015-3731", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3741", "CVE-2015-3742", "CVE-2015-3743", "CVE-2015-3744", "CVE-2015-3745", "CVE-2015-3746", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-5755", "CVE-2015-5761", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5798", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5808", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5874", "CVE-2015-5920"], "modified": "2019-11-20T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_3_0_BANNER.NASL", "href": "https://www.tenable.com/plugins/nessus/86601", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86601);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/20\");\n\n script_cve_id(\n \"CVE-2010-3190\",\n \"CVE-2014-8146\",\n \"CVE-2015-1152\",\n \"CVE-2015-1153\",\n \"CVE-2015-1157\",\n \"CVE-2015-1205\",\n \"CVE-2015-3686\",\n \"CVE-2015-3687\",\n \"CVE-2015-3688\",\n \"CVE-2015-3730\",\n \"CVE-2015-3731\",\n \"CVE-2015-3733\",\n \"CVE-2015-3734\",\n \"CVE-2015-3735\",\n \"CVE-2015-3736\",\n \"CVE-2015-3737\",\n \"CVE-2015-3738\",\n \"CVE-2015-3739\",\n \"CVE-2015-3740\",\n \"CVE-2015-3741\",\n \"CVE-2015-3742\",\n \"CVE-2015-3743\",\n \"CVE-2015-3744\",\n \"CVE-2015-3745\",\n \"CVE-2015-3746\",\n \"CVE-2015-3747\",\n \"CVE-2015-3748\",\n \"CVE-2015-3749\",\n \"CVE-2015-5755\",\n \"CVE-2015-5761\",\n \"CVE-2015-5789\",\n \"CVE-2015-5790\",\n \"CVE-2015-5791\",\n \"CVE-2015-5792\",\n \"CVE-2015-5793\",\n \"CVE-2015-5794\",\n \"CVE-2015-5795\",\n \"CVE-2015-5796\",\n \"CVE-2015-5797\",\n \"CVE-2015-5798\",\n \"CVE-2015-5799\",\n \"CVE-2015-5800\",\n \"CVE-2015-5801\",\n \"CVE-2015-5802\",\n \"CVE-2015-5803\",\n \"CVE-2015-5804\",\n \"CVE-2015-5805\",\n \"CVE-2015-5806\",\n \"CVE-2015-5807\",\n \"CVE-2015-5808\",\n \"CVE-2015-5809\",\n \"CVE-2015-5810\",\n \"CVE-2015-5811\",\n \"CVE-2015-5812\",\n \"CVE-2015-5813\",\n \"CVE-2015-5814\",\n \"CVE-2015-5815\",\n \"CVE-2015-5816\",\n \"CVE-2015-5817\",\n \"CVE-2015-5818\",\n \"CVE-2015-5819\",\n \"CVE-2015-5821\",\n \"CVE-2015-5822\",\n \"CVE-2015-5823\",\n \"CVE-2015-5874\",\n \"CVE-2015-5920\"\n );\n script_bugtraq_id(\n 42811,\n 72288,\n 74457,\n 74523,\n 74525,\n 75491,\n 76338,\n 76343,\n 76763,\n 76764,\n 76765,\n 76766\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-09-16-3\");\n script_xref(name:\"IAVB\", value:\"2011-B-0046\");\n\n script_name(english:\"Apple iTunes < 12.3 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes running on the remote host is prior to\n12.3. It is, therefore, affected by multiple vulnerabilities in the\nWebKit, CoreText, and ICU components, and in the bundled version of\nthe Microsoft Visual Studio C++ Redistributable Package. An attacker\ncan exploit these vulnerabilities to cause a denial of service,\nexecute arbitrary code, or gain access to encrypted SMB credentials.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205221\");\n # https://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fb0bd3a7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2010-3190\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type != 'Windows') audit(AUDIT_OS_NOT, \"Windows\");\n\nfixed_version = \"12.3.0.44\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + \n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:02:06", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.3. It is, therefore, affected by multiple vulnerabilities in the bundled versions of WebKit, CoreText, the Microsoft Visual Studio C++ Redistributable Package, and ICU.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2015-09-18T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.3 Multiple Vulnerabilities (credentialed check)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3190", "CVE-2014-8146", "CVE-2015-1152", "CVE-2015-1153", "CVE-2015-1157", "CVE-2015-1205", "CVE-2015-3686", "CVE-2015-3687", "CVE-2015-3688", "CVE-2015-3730", "CVE-2015-3731", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3741", "CVE-2015-3742", "CVE-2015-3743", "CVE-2015-3744", "CVE-2015-3745", "CVE-2015-3746", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-5755", "CVE-2015-5761", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5798", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5808", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5874", "CVE-2015-5920"], "modified": "2019-11-22T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_3_0.NASL", "href": "https://www.tenable.com/plugins/nessus/86001", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86001);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\n \"CVE-2010-3190\",\n \"CVE-2014-8146\",\n \"CVE-2015-1152\",\n \"CVE-2015-1153\",\n \"CVE-2015-1157\",\n \"CVE-2015-1205\",\n \"CVE-2015-3686\",\n \"CVE-2015-3687\",\n \"CVE-2015-3688\",\n \"CVE-2015-3730\",\n \"CVE-2015-3731\",\n \"CVE-2015-3733\",\n \"CVE-2015-3734\",\n \"CVE-2015-3735\",\n \"CVE-2015-3736\",\n \"CVE-2015-3737\",\n \"CVE-2015-3738\",\n \"CVE-2015-3739\",\n \"CVE-2015-3740\",\n \"CVE-2015-3741\",\n \"CVE-2015-3742\",\n \"CVE-2015-3743\",\n \"CVE-2015-3744\",\n \"CVE-2015-3745\",\n \"CVE-2015-3746\",\n \"CVE-2015-3747\",\n \"CVE-2015-3748\",\n \"CVE-2015-3749\",\n \"CVE-2015-5755\",\n \"CVE-2015-5761\",\n \"CVE-2015-5789\",\n \"CVE-2015-5790\",\n \"CVE-2015-5791\",\n \"CVE-2015-5792\",\n \"CVE-2015-5793\",\n \"CVE-2015-5794\",\n \"CVE-2015-5795\",\n \"CVE-2015-5796\",\n \"CVE-2015-5797\",\n \"CVE-2015-5798\",\n \"CVE-2015-5799\",\n \"CVE-2015-5800\",\n \"CVE-2015-5801\",\n \"CVE-2015-5802\",\n \"CVE-2015-5803\",\n \"CVE-2015-5804\",\n \"CVE-2015-5805\",\n \"CVE-2015-5806\",\n \"CVE-2015-5807\",\n \"CVE-2015-5808\",\n \"CVE-2015-5809\",\n \"CVE-2015-5810\",\n \"CVE-2015-5811\",\n \"CVE-2015-5812\",\n \"CVE-2015-5813\",\n \"CVE-2015-5814\",\n \"CVE-2015-5815\",\n \"CVE-2015-5816\",\n \"CVE-2015-5817\",\n \"CVE-2015-5818\",\n \"CVE-2015-5819\",\n \"CVE-2015-5821\",\n \"CVE-2015-5822\",\n \"CVE-2015-5823\",\n \"CVE-2015-5874\",\n \"CVE-2015-5920\"\n );\n script_bugtraq_id(\n 42811,\n 72288,\n 74457,\n 74523,\n 74525,\n 75491,\n 76338,\n 76343,\n 76763,\n 76764,\n 76765,\n 76766\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-09-16-3\");\n script_xref(name:\"IAVB\", value:\"2011-B-0046\");\n\n script_name(english:\"Apple iTunes < 12.3 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks the version of iTunes on Windows.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is\nprior to 12.3. It is, therefore, affected by multiple vulnerabilities\nin the bundled versions of WebKit, CoreText, the Microsoft Visual\nStudio C++ Redistributable Package, and ICU.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT205221\");\n # https://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fb0bd3a7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes 12.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2010-3190\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\n# Ensure this is Windows\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_id = 'iTunes Version';\ninstall = get_single_install(app_name:app_id, exit_if_unknown_ver:TRUE);\n\nversion = install[\"version\"];\npath = install[\"path\"];\n\nfixed_version = \"12.3.0.44\";\nif (ver_compare(ver:version, fix:fixed_version) < 0)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"iTunes\", version, path);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:50:42", "description": "Multiple vulnerabilities have been discovered in the PHP language :\n\n - CVE-2015-2305 Guido Vranken discovered a heap overflow in the ereg extension (only applicable to 32 bit systems).\n\n - CVE-2014-9705 Buffer overflow in the enchant extension.\n\n - CVE-2015-0231 Stefan Esser discovered a use-after-free in the unserialisation of objects.\n\n - CVE-2015-0232 Alex Eubanks discovered incorrect memory management in the exif extension.\n\n - CVE-2015-0273 Use-after-free in the unserialisation of DateTimeZone.", "cvss3": {}, "published": "2015-03-19T00:00:00", "type": "nessus", "title": "Debian DSA-3195-1 : php5 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9705", "CVE-2015-0231", "CVE-2015-0232", "CVE-2015-0273", "CVE-2015-2305"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:php5", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3195.NASL", "href": "https://www.tenable.com/plugins/nessus/81926", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3195. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81926);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-9705\", \"CVE-2015-0231\", \"CVE-2015-0232\", \"CVE-2015-0273\", \"CVE-2015-2305\");\n script_xref(name:\"DSA\", value:\"3195\");\n\n script_name(english:\"Debian DSA-3195-1 : php5 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in the PHP language :\n\n - CVE-2015-2305\n Guido Vranken discovered a heap overflow in the ereg\n extension (only applicable to 32 bit systems).\n\n - CVE-2014-9705\n Buffer overflow in the enchant extension.\n\n - CVE-2015-0231\n Stefan Esser discovered a use-after-free in the\n unserialisation of objects.\n\n - CVE-2015-0232\n Alex Eubanks discovered incorrect memory management in\n the exif extension.\n\n - CVE-2015-0273\n Use-after-free in the unserialisation of DateTimeZone.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-2305\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-9705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-0231\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-0232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-0273\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/php5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3195\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the php5 packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 5.4.38-0+deb7u1.\n\nFor the upcoming stable distribution (jessie), these problems have\nbeen fixed in version 5.6.6+dfsg-2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-mod-php5\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libphp5-embed\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php-pear\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-cgi\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-cli\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-common\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-curl\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-dbg\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-dev\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-enchant\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-fpm\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-gd\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-gmp\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-imap\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-interbase\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-intl\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-ldap\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mcrypt\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mysql\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mysqlnd\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-odbc\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-pgsql\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-pspell\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-recode\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-snmp\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-sqlite\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-sybase\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-tidy\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-xmlrpc\", reference:\"5.4.38-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-xsl\", reference:\"5.4.38-0+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:02:20", "description": "Versions of iTunes earlier than 12.3 are affected by multiple vulnerabilities which include :\n\n - A flaw exists in Microsoft Foundation Class's handling of library loading due to the use of a fixed path. An attacker can place a custom version of the file or library in the path, and the program will load it before the legitimate version. Thus, an attacker can leverage this flaw to execute custom code. (CVE-2010-3190)\n - International Components for Unicode for C/C++ (ICU4C) contains several flaws. An overflow condition exists in the resolveImplicitLevels() function in 'ubidi.c', which is triggered as user-supplied input is not properly validated. Additionally, an integer truncation flaw exists in the same function in 'ubidi.c'. Either flaw may allow an attacker to crash an application linked against the library or potentially execute arbitrary code. (CVE-2014-8146, CVE-2014-8147, CVE-2015-5922)\n - A flaw exists in CoreText that is triggered as user-supplied input is not properly validated when handling text and font files. This may allow a context-dependent attacker can corrupt memory and potentially execute arbitrary code. (CVE-2015-1157, CVE-2015-5874, CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, CVE-2015-5755, CVE-2015-5761)\n - A flaw exists that is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2015-1152, CVE-2015-1153, CVE-2015-3730, CVE-2015-3731, CVE-2015-3733, CVE-2015-3734, CVE-2015-3735, CVE-2015-3736, CVE-2015-3737, CVE-2015-3738, CVE-2015-3739, CVE-2015-3740, CVE-2015-3741, CVE-2015-3742, CVE-2015-3743, CVE-2015-3744, CVE-2015-3745, CVE-2015-3746, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749, CVE-2015-5789, CVE-2015-5790, CVE-2015-5791, CVE-2015-5792, CVE-2015-5793, CVE-2015-5794, CVE-2015-5795, CVE-2015-5796, CVE-2015-5797, CVE-2015-5798, CVE-2015-5799, CVE-2015-5800, CVE-2015-5801, CVE-2015-5802, CVE-2015-5803, CVE-2015-5804, CVE-2015-5805, CVE-2015-5806, CVE-2015-5807, CVE-2015-5808, CVE-2015-5809, CVE-2015-5810, CVE-2015-5811, CVE-2015-5812, CVE-2015-5813, CVE-2015-5814, CVE-2015-5815, CVE-2015-5816, CVE-2015-5817, CVE-2015-5818, CVE-2015-5819, CVE-2015-5821, CVE-2015-5822, CVE-2015-5823)\n - An unspecified flaw exists that is triggered during the handling of network connection redirects. This may allow a remote man-in-the-middle attacker to gain access to hashed SMB credential information. (CVE-2015-5920)", "cvss3": {}, "published": "2015-10-23T00:00:00", "type": "nessus", "title": "iTunes for Windows < 12.3 Multiple Vulnerabilities ", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3190", "CVE-2014-8146", "CVE-2014-8147", "CVE-2015-1152", "CVE-2015-1153", "CVE-2015-1157", "CVE-2015-3686", "CVE-2015-3687", "CVE-2015-3688", "CVE-2015-3730", "CVE-2015-3731", "CVE-2015-3733", "CVE-2015-3734", "CVE-2015-3735", "CVE-2015-3736", "CVE-2015-3737", "CVE-2015-3738", "CVE-2015-3739", "CVE-2015-3740", "CVE-2015-3741", "CVE-2015-3742", "CVE-2015-3743", "CVE-2015-3744", "CVE-2015-3745", "CVE-2015-3746", "CVE-2015-3747", "CVE-2015-3748", "CVE-2015-3749", "CVE-2015-5755", "CVE-2015-5761", "CVE-2015-5789", "CVE-2015-5790", "CVE-2015-5791", "CVE-2015-5792", "CVE-2015-5793", "CVE-2015-5794", "CVE-2015-5795", "CVE-2015-5796", "CVE-2015-5797", "CVE-2015-5798", "CVE-2015-5799", "CVE-2015-5800", "CVE-2015-5801", "CVE-2015-5802", "CVE-2015-5803", "CVE-2015-5804", "CVE-2015-5805", "CVE-2015-5806", "CVE-2015-5807", "CVE-2015-5808", "CVE-2015-5809", "CVE-2015-5810", "CVE-2015-5811", "CVE-2015-5812", "CVE-2015-5813", "CVE-2015-5814", "CVE-2015-5815", "CVE-2015-5816", "CVE-2015-5817", "CVE-2015-5818", "CVE-2015-5819", "CVE-2015-5821", "CVE-2015-5822", "CVE-2015-5823", "CVE-2015-5874", "CVE-2015-5920", "CVE-2015-5922"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*"], "id": "8958.PRM", "href": "https://www.tenable.com/plugins/nnm/8958", "sourceData": "Binary data 8958.prm", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:49:47", "description": "Stefan Esser discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2014-8142, CVE-2015-0231)\n\nBrian Carpenter discovered that the PHP CGI component incorrectly handled invalid files. A local attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-9427)\n\nIt was discovered that PHP incorrectly handled certain pascal strings in the fileinfo extension. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-9652)\n\nAlex Eubanks discovered that PHP incorrectly handled EXIF data in JPEG images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.\nThis issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10.\n(CVE-2015-0232)\n\nIt was discovered that the PHP opcache component incorrectly handled memory. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-1351)\n\nIt was discovered that the PHP PostgreSQL database extension incorrectly handled certain pointers. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-1352).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-02-18T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : php5 vulnerabilities (USN-2501-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8142", "CVE-2014-9427", "CVE-2014-9652", "CVE-2015-0231", "CVE-2015-0232", "CVE-2015-1351", "CVE-2015-1352"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5", "p-cpe:/a:canonical:ubuntu_linux:php5-cgi", "p-cpe:/a:canonical:ubuntu_linux:php5-cli", "p-cpe:/a:canonical:ubuntu_linux:php5-fpm", "p-cpe:/a:canonical:ubuntu_linux:php5-pgsql", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:14.10"], "id": "UBUNTU_USN-2501-1.NASL", "href": "https://www.tenable.com/plugins/nessus/81399", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2501-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81399);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8142\", \"CVE-2014-9427\", \"CVE-2014-9652\", \"CVE-2015-0231\", \"CVE-2015-0232\", \"CVE-2015-1351\", \"CVE-2015-1352\");\n script_bugtraq_id(71791, 71833, 71929, 71932, 72505, 72539, 72541);\n script_xref(name:\"USN\", value:\"2501-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : php5 vulnerabilities (USN-2501-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stefan Esser discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2014-8142, CVE-2015-0231)\n\nBrian Carpenter discovered that the PHP CGI component incorrectly\nhandled invalid files. A local attacker could use this issue to obtain\nsensitive information, or possibly execute arbitrary code. This issue\nonly affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-9427)\n\nIt was discovered that PHP incorrectly handled certain pascal strings\nin the fileinfo extension. A remote attacker could possibly use this\nissue to cause PHP to crash, resulting in a denial of service. This\nissue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-9652)\n\nAlex Eubanks discovered that PHP incorrectly handled EXIF data in JPEG\nimages. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\nThis issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10.\n(CVE-2015-0232)\n\nIt was discovered that the PHP opcache component incorrectly handled\nmemory. A remote attacker could possibly use this issue to cause PHP\nto crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu\n14.10. (CVE-2015-1351)\n\nIt was discovered that the PHP PostgreSQL database extension\nincorrectly handled certain pointers. A remote attacker could possibly\nuse this issue to cause PHP to crash, resulting in a denial of\nservice, or possibly execute arbitrary code. This issue only affected\nUbuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-1352).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2501-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.3.10-1ubuntu3.16\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.10-1ubuntu3.16\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-cli\", pkgver:\"5.3.10-1ubuntu3.16\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-fpm\", pkgver:\"5.3.10-1ubuntu3.16\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-pgsql\", pkgver:\"5.3.10-1ubuntu3.16\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.5.9+dfsg-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-cgi\", pkgver:\"5.5.9+dfsg-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-cli\", pkgver:\"5.5.9+dfsg-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-fpm\", pkgver:\"5.5.9+dfsg-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-pgsql\", pkgver:\"5.5.9+dfsg-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.5.12+dfsg-2ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"php5-cgi\", pkgver:\"5.5.12+dfsg-2ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"php5-cli\", pkgver:\"5.5.12+dfsg-2ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"php5-fpm\", pkgver:\"5.5.12+dfsg-2ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"php5-pgsql\", pkgver:\"5.5.12+dfsg-2ubuntu4.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-mod-php5 / php5-cgi / php5-cli / php5-fpm / php5-pgsql\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:40", "description": "PHP versions 5.5.x prior to 5.5.21, and 5.6.x prior to 5.6.5 are exposed to the following issues :\n\n - A flaw exists in the 'ereg(regex)' component due to a NULL pointer dereference condition. Specifically, this issue affects the '/regex/regcomp.c' source file. (Bug 68740) \n\n - A use-after-free memory error exists in the 'opcache' component. Specifically, this issue affects the '/ext/opcache/zend_shared_alloc.c' source file. (Bug 68677 / CVE-2015-1351)\n\n - A flaw exists in the 'zend_ts_hash_graceful_destroy' function in the Zend Engine for PHP which exposes a double free vulnerability. Specifically, this issue affects the 'zend_ts_hash.c' source file. (Bug 68676 / CVE-2014-9425)\n\n - A flaw exists in the 'pgsql' component due to a NULL pointer dereference condition. Specifically, this issue affects the 'token' parameter of the '/ext/pgsql/pgsql.c' source file. (Bug 68697 / CVE-2015-1352)\n\nA remote attacker could exploit these vulnerabilities to crash the affected application, denying service to legitimate users.\n\n - An out-of-bounds read issue exists in the 'GetCode_()' function in 'gd_gif_in.c'. This allows a remote attacker to disclose memory contents. (CVE-2014-9709)", "cvss3": {}, "published": "2015-02-25T00:00:00", "type": "nessus", "title": "PHP 5.5.x < 5.5.21 / 5.6.x < 5.6.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9425", "CVE-2014-9709", "CVE-2015-1351", "CVE-2015-1352"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "8909.PRM", "href": "https://www.tenable.com/plugins/nnm/8909", "sourceData": "Binary data 8909.prm", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:30", "description": "Multiple vulnerabilities have been discovered in the PHP language :\n\n - CVE-2015-2301 Use-after-free in the phar extension.\n\n - CVE-2015-2331 Emmanuel Law discovered an integer overflow in the processing of ZIP archives, resulting in denial of service or potentially the execution of arbitrary code.", "cvss3": {}, "published": "2015-03-23T00:00:00", "type": "nessus", "title": "Debian DSA-3198-1 : php5 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2301", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-2787"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:php5", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3198.NASL", "href": "https://www.tenable.com/plugins/nessus/81982", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3198. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81982);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-2301\", \"CVE-2015-2331\", \"CVE-2015-2348\", \"CVE-2015-2787\");\n script_bugtraq_id(73037, 73182);\n script_xref(name:\"DSA\", value:\"3198\");\n\n script_name(english:\"Debian DSA-3198-1 : php5 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in the PHP language :\n\n - CVE-2015-2301\n Use-after-free in the phar extension.\n\n - CVE-2015-2331\n Emmanuel Law discovered an integer overflow in the\n processing of ZIP archives, resulting in denial of\n service or potentially the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-2301\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-2331\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/php5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3198\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the php5 packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 5.4.39-0+deb7u1. This update also fixes a regression in the\ncurl support introduced in DSA 3195.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-mod-php5\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libphp5-embed\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php-pear\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-cgi\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-cli\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-common\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-curl\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-dbg\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-dev\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-enchant\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-fpm\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-gd\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-gmp\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-imap\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-interbase\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-intl\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-ldap\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mcrypt\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mysql\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mysqlnd\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-odbc\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-pgsql\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-pspell\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-recode\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-snmp\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-sqlite\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-sybase\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-tidy\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-xmlrpc\", reference:\"5.4.39-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-xsl\", reference:\"5.4.39-0+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:44", "description": "PHP versions 5.4.x prior to 5.4.37, 5.5.x prior to 5.5.21, and 5.6.x prior to 5.6.5 are exposed to the following issues:\n\n - The CGI component has an out-of-bounds read flaw in file 'cgi_main.c' when nmap is used to process an invalid file that begins with a hash character (#) but lacks a newline character. A remote attacker, using a specially crafted PHP file, can exploit this vulnerability to disclose memory contents, cause a denial of service, or possibly execute code. (Bug 68618 / CVE-2014-9427)\n\n - A use-after-free memory error exists in the function 'process_nested_data' within 'var_unserializer.re' due to the improper handling of duplicate numerical keys within the serialized properties of an object. A remote attacker, using a crafted unserialize method call, can exploit this vulnerability to execute arbitrary code. (Bug 68710 / CVE-2015-0231)\n\n - A flaw exists in function 'exif_process_unicode' within 'exif.c' that allows freeing an uninitialized pointer. A remote attacker, using specially crafted EXIF data in a JPEG image, can exploit this to cause a denial of service or to execute arbitrary code. (Bug 68799 / CVE-2015-0232)\n\n - An out-of-bounds read flaw exists in the 'fileinfo' extension of the 'src/softmagic.c' source file when handling certain Pascal strings. A remote attacker can exploit this issue to crash the affected application, denying service to legitimate users. (Bug 68735 / CVE-2014-9652)", "cvss3": {}, "published": "2015-02-25T00:00:00", "type": "nessus", "title": "PHP 5.4.x < 5.4.37 / 5.5.x < 5.5.21 / 5.6.x < 5.6.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9427", "CVE-2014-9652", "CVE-2015-0231", "CVE-2015-0232"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "8615.PRM", "href": "https://www.tenable.com/plugins/nnm/8615", "sourceData": "Binary data 8615.prm", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:07", "description": "According to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.37. It is, therefore, affected by multiple vulnerabilities:\n\n - The CGI component has an out-of-bounds read flaw in file 'cgi_main.c' when nmap is used to process an invalid file that begins with a hash character (#) but lacks a newline character. A remote attacker, using a specially crafted PHP file, can exploit this vulnerability to disclose memory contents, cause a denial of service, or possibly execute code. (CVE-2014-9427)\n\n - A use-after-free memory error exists in the function 'process_nested_data' within 'var_unserializer.re' due to the improper handling of duplicate numerical keys within the serialized properties of an object. A remote attacker, using a crafted unserialize method call, can exploit this vulnerability to execute arbitrary code.\n (CVE-2015-0231)\n\n - A flaw exists in function 'exif_process_unicode' within 'exif.c' that allows freeing an uninitialized pointer. A remote attacker, using specially crafted EXIF data in a JPEG image, can exploit this to cause a denial of service or to execute arbitrary code. (CVE-2015-0232)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2015-01-29T00:00:00", "type": "nessus", "title": "PHP 5.4.x < 5.4.37 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9427", "CVE-2014-9652", "CVE-2015-0231", "CVE-2015-0232"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_4_37.NASL", "href": "https://www.tenable.com/plugins/nessus/81080", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81080);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2014-9427\",\n \"CVE-2014-9652\",\n \"CVE-2015-0231\",\n \"CVE-2015-0232\"\n );\n script_bugtraq_id(\n 71833,\n 72505,\n 72539,\n 72541\n );\n\n script_name(english:\"PHP 5.4.x < 5.4.37 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.4.x installed on the\nremote host is prior to 5.4.37. It is, therefore, affected by multiple\nvulnerabilities:\n\n - The CGI component has an out-of-bounds read flaw in file\n 'cgi_main.c' when nmap is used to process an invalid\n file that begins with a hash character (#) but lacks a\n newline character. A remote attacker, using a specially\n crafted PHP file, can exploit this vulnerability to\n disclose memory contents, cause a denial of service, or\n possibly execute code. (CVE-2014-9427)\n\n - A use-after-free memory error exists in the function\n 'process_nested_data' within 'var_unserializer.re' due\n to the improper handling of duplicate numerical keys\n within the serialized properties of an object. A remote\n attacker, using a crafted unserialize method call, can\n exploit this vulnerability to execute arbitrary code.\n (CVE-2015-0231)\n\n - A flaw exists in function 'exif_process_unicode' within\n 'exif.c' that allows freeing an uninitialized pointer. A\n remote attacker, using specially crafted EXIF data in a\n JPEG image, can exploit this to cause a denial of\n service or to execute arbitrary code. (CVE-2015-0232)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.4.37\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68618\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68710\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68799\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.4.37 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-9427\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.4)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.4\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.4.x\", port);\n\nif (version =~ \"^5\\.4\\.([0-9]|[12][0-9]|3[0-6])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.4.37' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:47", "description": "Versions of PHP 5.4.x earlier than 5.4.38, 5.5.x earlier than 5.5.22, or 5.6.x earlier than 5.6.6 are exposed to the following issues :\n\n - A heap-based buffer overflow flaw in the GNU C Library (glibc) due to improperly validating user-supplied input in the glibc functions __nss_hostname_digits_dots(), gethostbyname(), and gethostbyname2(). This allows a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (GHOST) (Bug 68925 / CVE-2015-0235)\n\n - A use-after-free flaw exists in the function php_date_timezone_initialize_from_hash() within the 'ext/date/php_date.c' script. An attacker can exploit this to access sensitive information or crash applications linked to PHP. (Bug 68942 / CVE-2015-0273)\n\n - A use-after-free flaw exists in the function 'phar_rename_archive' in the source file 'phar_object.c'. An attacker can cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file. (Bug 68901 / CVE-2015-2301)\n\n - A heap-based buffer overflow flaw affects the 'enchant_broker_request_dict' function in the source file 'ext/enchant/enchant.c'. This allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries. (Bug 68552 / CVE-2014-9705) ", "cvss3": {}, "published": "2015-04-09T00:00:00", "type": "nessus", "title": "PHP 5.4.x < 5.4.38 / 5.5.x < 5.5.22 / 5.6.x < 5.6.6 Multiple Vulnerabilities (GHOST)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9705", "CVE-2015-0235", "CVE-2015-0273", "CVE-2015-2301"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "8677.PRM", "href": "https://www.tenable.com/plugins/nnm/8677", "sourceData": "Binary data 8677.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:53:03", "description": "16 Apr 2015, **PHP 5.5.24**\n\nApache2handler :\n\n - Fixed bug #69218 (potential remote code execution with apache 2.4 apache2handler). (Gerrit Venema)\n\nCore :\n\n - Fixed bug #66609 (php crashes with __get() and ++ operator in some cases). (Dmitry, Laruence)\n\n - Fixed bug #67626 (User exceptions not properly handled in streams). (Julian)\n\n - Fixed bug #68021 (get_browser() browser_name_regex returns non-utf-8 characters). (Tjerk)\n\n - Fixed bug #68917 (parse_url fails on some partial urls). (Wei Dai)\n\n - Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options). (Anatol Belski)\n\n - Additional fix for bug #69152 (Type confusion vulnerability in exception::getTraceAsString). (Stas)\n\n - Fixed bug #69212 (Leaking VIA_HANDLER func when exception thrown in __call/... arg passing). (Nikita)\n\n - Fixed bug #69221 (Segmentation fault when using a generator in combination with an Iterator). (Nikita)\n\n - Fixed bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability). (Stas)\n\n - Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions). (Stas)\n\nCurl :\n\n - Implemented FR#69278 (HTTP2 support). (Masaki Kagaya)\n\n - Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER). (Laruence)\n\nDate :\n\n - Export date_get_immutable_ce so that it can be used by extensions. (Derick Rethans)\n\n - Fixed bug #69336 (Issues with 'last day of <monthname>'). (Derick Rethans)\n\nEnchant :\n\n - Fixed bug #65406 (Enchant broker plugins are in the wrong place in windows builds). (Anatol)\n\nFileinfo :\n\n - Fixed bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault). (Anatol Belski)\n\nFilter :\n\n - Fixed bug #69202 (FILTER_FLAG_STRIP_BACKTICK ignored unless other flags are used). (Jeff Welch)\n\n - Fixed bug #69203 (FILTER_FLAG_STRIP_HIGH doesn't strip ASCII 127). (Jeff Welch)\n\nMbstring :\n\n - Fixed bug #68846 (False detection of CJK Unified Ideographs Extension E). (Masaki Kagaya)\n\nOPCache\n\n - Fixed bug #68677 (Use After Free). (CVE-2015-1351) (Laruence)\n\n - Fixed bug #69281 (opcache_is_script_cached no longer works). (danack)\n\nOpenSSL :\n\n - Fixed bug #67403 (Add signatureType to openssl_x509_parse).\n\n - Add a check for RAND_egd to allow compiling against LibreSSL (Leigh)\n\nPhar :\n\n - Fixed bug #64343 (PharData::extractTo fails for tarball created by BSD tar). (Mike)\n\n - Fixed bug #64931 (phar_add_file is too restrictive on filename). (Mike)\n\n - Fixed bug #65467 (Call to undefined method cli_arg_typ_string). (Mike)\n\n - Fixed bug #67761 (Phar::mapPhar fails for Phars inside a path containing '.tar'). (Mike)\n\n - Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar). (Stas)\n\n - Fixed bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode). (Stas)\n\nPostgres :\n\n - Fixed bug #68741 (NULL pointer dereference).\n (CVE-2015-1352) (Laruence)\n\nSPL :\n\n - Fixed bug #69227 (Use after free in zval_scan caused by spl_object_storage_get_gc). (adam dot scarr at 99designs dot com)\n\nSOAP :\n\n - Fixed bug #69293 (NEW segfault when using SoapClient::__setSoapHeader (bisected, regression)).\n (thomas at shadowweb dot org, Laruence)\n\nSQLITE :\n\n - Fixed bug #68760 (SQLITE segfaults if custom collator throws an exception). (Dan Ackroyd)\n\n - Fixed bug #69287 (Upgrade bundled sqlite to 3.8.8.3).\n (Anatol)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-04-28T00:00:00", "type": "nessus", "title": "Fedora 20 : php-5.5.24-1.fc20 (2015-6399)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1351", "CVE-2015-1352", "CVE-2015-2783", "CVE-2015-3329"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2015-6399.NASL", "href": "https://www.tenable.com/plugins/nessus/83093", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-6399.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83093);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1351\", \"CVE-2015-1352\", \"CVE-2015-2783\", \"CVE-2015-3329\");\n script_xref(name:\"FEDORA\", value:\"2015-6399\");\n\n script_name(english:\"Fedora 20 : php-5.5.24-1.fc20 (2015-6399)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"16 Apr 2015, **PHP 5.5.24**\n\nApache2handler :\n\n - Fixed bug #69218 (potential remote code execution with\n apache 2.4 apache2handler). (Gerrit Venema)\n\nCore :\n\n - Fixed bug #66609 (php crashes with __get() and ++\n operator in some cases). (Dmitry, Laruence)\n\n - Fixed bug #67626 (User exceptions not properly handled\n in streams). (Julian)\n\n - Fixed bug #68021 (get_browser() browser_name_regex\n returns non-utf-8 characters). (Tjerk)\n\n - Fixed bug #68917 (parse_url fails on some partial\n urls). (Wei Dai)\n\n - Fixed bug #69134 (Per Directory Values overrides\n PHP_INI_SYSTEM configuration options). (Anatol Belski)\n\n - Additional fix for bug #69152 (Type confusion\n vulnerability in exception::getTraceAsString). (Stas)\n\n - Fixed bug #69212 (Leaking VIA_HANDLER func when\n exception thrown in __call/... arg passing). (Nikita)\n\n - Fixed bug #69221 (Segmentation fault when using a\n generator in combination with an Iterator). (Nikita)\n\n - Fixed bug #69337 (php_stream_url_wrap_http_ex()\n type-confusion vulnerability). (Stas)\n\n - Fixed bug #69353 (Missing null byte checks for paths\n in various PHP extensions). (Stas)\n\nCurl :\n\n - Implemented FR#69278 (HTTP2 support). (Masaki Kagaya)\n\n - Fixed bug #69316 (Use-after-free in php_curl related\n to CURLOPT_FILE/_INFILE/_WRITEHEADER). (Laruence)\n\nDate :\n\n - Export date_get_immutable_ce so that it can be used by\n extensions. (Derick Rethans)\n\n - Fixed bug #69336 (Issues with 'last day of\n <monthname>'). (Derick Rethans)\n\nEnchant :\n\n - Fixed bug #65406 (Enchant broker plugins are in the\n wrong place in windows builds). (Anatol)\n\nFileinfo :\n\n - Fixed bug #68819 (Fileinfo on specific file causes\n spurious OOM and/or segfault). (Anatol Belski)\n\nFilter :\n\n - Fixed bug #69202 (FILTER_FLAG_STRIP_BACKTICK ignored\n unless other flags are used). (Jeff Welch)\n\n - Fixed bug #69203 (FILTER_FLAG_STRIP_HIGH doesn't strip\n ASCII 127). (Jeff Welch)\n\nMbstring :\n\n - Fixed bug #68846 (False detection of CJK Unified\n Ideographs Extension E). (Masaki Kagaya)\n\nOPCache\n\n - Fixed bug #68677 (Use After Free). (CVE-2015-1351)\n (Laruence)\n\n - Fixed bug #69281 (opcache_is_script_cached no longer\n works). (danack)\n\nOpenSSL :\n\n - Fixed bug #67403 (Add signatureType to\n openssl_x509_parse).\n\n - Add a check for RAND_egd to allow compiling against\n LibreSSL (Leigh)\n\nPhar :\n\n - Fixed bug #64343 (PharData::extractTo fails for tarball\n created by BSD tar). (Mike)\n\n - Fixed bug #64931 (phar_add_file is too restrictive on\n filename). (Mike)\n\n - Fixed bug #65467 (Call to undefined method\n cli_arg_typ_string). (Mike)\n\n - Fixed bug #67761 (Phar::mapPhar fails for Phars inside\n a path containing '.tar'). (Mike)\n\n - Fixed bug #69324 (Buffer Over-read in unserialize when\n parsing Phar). (Stas)\n\n - Fixed bug #69441 (Buffer Overflow when parsing\n tar/zip/phar in phar_set_inode). (Stas)\n\nPostgres :\n\n - Fixed bug #68741 (NULL pointer dereference).\n (CVE-2015-1352) (Laruence)\n\nSPL :\n\n - Fixed bug #69227 (Use after free in zval_scan caused by\n spl_object_storage_get_gc). (adam dot scarr at 99designs\n dot com)\n\nSOAP :\n\n - Fixed bug #69293 (NEW segfault when using\n SoapClient::__setSoapHeader (bisected, regression)).\n (thomas at shadowweb dot org, Laruence)\n\nSQLITE :\n\n - Fixed bug #68760 (SQLITE segfaults if custom collator\n throws an exception). (Dan Ackroyd)\n\n - Fixed bug #69287 (Upgrade bundled sqlite to 3.8.8.3).\n (Anatol)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185900\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185904\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213407\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213416\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213442\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213446\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213449\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-April/156128.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?65e8f9a1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"php-5.5.24-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:36", "description": "16 Apr 2015, **PHP 5.6.8**\n\nCore :\n\n - Fixed bug #66609 (php crashes with __get() and ++ operator in some cases). (Dmitry, Laruence)\n\n - Fixed bug #68021 (get_browser() browser_name_regex returns non-utf-8 characters). (Tjerk)\n\n - Fixed bug #68917 (parse_url fails on some partial urls). (Wei Dai)\n\n - Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options). (Anatol Belski)\n\n - Additional fix for bug #69152 (Type confusion vulnerability in exception::getTraceAsString). (Stas)\n\n - Fixed bug #69210 (serialize function return corrupted data when sleep has non-string values). (Juan Basso)\n\n - Fixed bug #69212 (Leaking VIA_HANDLER func when exception thrown in __call/... arg passing). (Nikita)\n\n - Fixed bug #69221 (Segmentation fault when using a generator in combination with an Iterator). (Nikita)\n\n - Fixed bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability). (Stas)\n\n - Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions). (Stas)\n\nApache2handler :\n\n - Fixed bug #69218 (potential remote code execution with apache 2.4 apache2handler). (Gerrit Venema)\n\ncURL :\n\n - Implemented FR#69278 (HTTP2 support). (Masaki Kagaya)\n\n - Fixed bug #68739 (Missing break / control flow).\n (Laruence)\n\n - Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER). (Laruence)\n\nDate :\n\n - Fixed bug #69336 (Issues with 'last day of <monthname>'). (Derick Rethans)\n\nEnchant :\n\n - Fixed bug #65406 (Enchant broker plugins are in the wrong place in windows builds). (Anatol)\n\nEreg :\n\n - Fixed bug #68740 (NULL pointer Dereference). (Laruence)\n\nFileinfo :\n\n - Fixed bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault). (Anatol Belski)\n\nFilter :\n\n - Fixed bug #69202: (FILTER_FLAG_STRIP_BACKTICK ignored unless other flags are used). (Jeff Welch)\n\n - Fixed bug #69203 (FILTER_FLAG_STRIP_HIGH doesn't strip ASCII 127). (Jeff Welch)\n\nOPCache :\n\n - Fixed bug #69297 (function_exists strange behavior with OPCache on disabled function). (Laruence)\n\n - Fixed bug #69281 (opcache_is_script_cached no longer works). (danack)\n\n - Fixed bug #68677 (Use After Free). (CVE-2015-1351) (Laruence)\n\nOpenSSL\n\n - Fixed bugs #68853, #65137 (Buffered crypto stream data breaks IO polling in stream_select() contexts) (Chris Wright)\n\n - Fixed bug #69197 (openssl_pkcs7_sign handles default value incorrectly) (Daniel Lowrey)\n\n - Fixed bug #69215 (Crypto servers should send client CA list) (Daniel Lowrey)\n\n - Add a check for RAND_egd to allow compiling against LibreSSL (Leigh)\n\nPhar :\n\n - Fixed bug #64343 (PharData::extractTo fails for tarball created by BSD tar). (Mike)\n\n - Fixed bug #64931 (phar_add_file is too restrictive on filename). (Mike)\n\n - Fixed bug #65467 (Call to undefined method cli_arg_typ_string). (Mike)\n\n - Fixed bug #67761 (Phar::mapPhar fails for Phars inside a path containing '.tar'). (Mike)\n\n - Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar). (Stas)\n\n - Fixed bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode). (Stas)\n\nPostgres :\n\n - Fixed bug #68741 (NULL pointer dereference).\n (CVE-2015-1352) (Laruence)\n\nSPL :\n\n - Fixed bug #69227 (Use after free in zval_scan caused by spl_object_storage_get_gc). (adam dot scarr at 99designs dot com)\n\nSOAP :\n\n - Fixed bug #69293 (NEW segfault when using SoapClient::__setSoapHeader (bisected, regression)).\n (Laruence)\n\nSqlite3 :\n\n - Fixed bug #68760 (SQLITE segfaults if custom collator throws an exception). (Dan Ackroyd)\n\n - Fixed bug #69287 (Upgrade bundled libsqlite to 3.8.8.3). (Anatol)\n\n - Fixed bug #66550 (SQLite prepared statement use-after-free). (Sean Heelan)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-04-23T00:00:00", "type": "nessus", "title": "Fedora 22 : php-5.6.8-1.fc22 (2015-6195)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1351", "CVE-2015-1352", "CVE-2015-2783", "CVE-2015-3329"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-6195.NASL", "href": "https://www.tenable.com/plugins/nessus/83018", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-6195.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83018);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1351\", \"CVE-2015-1352\", \"CVE-2015-2783\", \"CVE-2015-3329\");\n script_bugtraq_id(71929, 71932, 74239, 74240);\n script_xref(name:\"FEDORA\", value:\"2015-6195\");\n\n script_name(english:\"Fedora 22 : php-5.6.8-1.fc22 (2015-6195)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"16 Apr 2015, **PHP 5.6.8**\n\nCore :\n\n - Fixed bug #66609 (php crashes with __get() and ++\n operator in some cases). (Dmitry, Laruence)\n\n - Fixed bug #68021 (get_browser() browser_name_regex\n returns non-utf-8 characters). (Tjerk)\n\n - Fixed bug #68917 (parse_url fails on some partial\n urls). (Wei Dai)\n\n - Fixed bug #69134 (Per Directory Values overrides\n PHP_INI_SYSTEM configuration options). (Anatol Belski)\n\n - Additional fix for bug #69152 (Type confusion\n vulnerability in exception::getTraceAsString). (Stas)\n\n - Fixed bug #69210 (serialize function return corrupted\n data when sleep has non-string values). (Juan Basso)\n\n - Fixed bug #69212 (Leaking VIA_HANDLER func when\n exception thrown in __call/... arg passing). (Nikita)\n\n - Fixed bug #69221 (Segmentation fault when using a\n generator in combination with an Iterator). (Nikita)\n\n - Fixed bug #69337 (php_stream_url_wrap_http_ex()\n type-confusion vulnerability). (Stas)\n\n - Fixed bug #69353 (Missing null byte checks for paths\n in various PHP extensions). (Stas)\n\nApache2handler :\n\n - Fixed bug #69218 (potential remote code execution with\n apache 2.4 apache2handler). (Gerrit Venema)\n\ncURL :\n\n - Implemented FR#69278 (HTTP2 support). (Masaki Kagaya)\n\n - Fixed bug #68739 (Missing break / control flow).\n (Laruence)\n\n - Fixed bug #69316 (Use-after-free in php_curl related\n to CURLOPT_FILE/_INFILE/_WRITEHEADER). (Laruence)\n\nDate :\n\n - Fixed bug #69336 (Issues with 'last day of\n <monthname>'). (Derick Rethans)\n\nEnchant :\n\n - Fixed bug #65406 (Enchant broker plugins are in the\n wrong place in windows builds). (Anatol)\n\nEreg :\n\n - Fixed bug #68740 (NULL pointer Dereference). (Laruence)\n\nFileinfo :\n\n - Fixed bug #68819 (Fileinfo on specific file causes\n spurious OOM and/or segfault). (Anatol Belski)\n\nFilter :\n\n - Fixed bug #69202: (FILTER_FLAG_STRIP_BACKTICK ignored\n unless other flags are used). (Jeff Welch)\n\n - Fixed bug #69203 (FILTER_FLAG_STRIP_HIGH doesn't strip\n ASCII 127). (Jeff Welch)\n\nOPCache :\n\n - Fixed bug #69297 (function_exists strange behavior with\n OPCache on disabled function). (Laruence)\n\n - Fixed bug #69281 (opcache_is_script_cached no longer\n works). (danack)\n\n - Fixed bug #68677 (Use After Free). (CVE-2015-1351)\n (Laruence)\n\nOpenSSL\n\n - Fixed bugs #68853, #65137 (Buffered crypto stream data\n breaks IO polling in stream_select() contexts) (Chris\n Wright)\n\n - Fixed bug #69197 (openssl_pkcs7_sign handles default\n value incorrectly) (Daniel Lowrey)\n\n - Fixed bug #69215 (Crypto servers should send client CA\n list) (Daniel Lowrey)\n\n - Add a check for RAND_egd to allow compiling against\n LibreSSL (Leigh)\n\nPhar :\n\n - Fixed bug #64343 (PharData::extractTo fails for tarball\n created by BSD tar). (Mike)\n\n - Fixed bug #64931 (phar_add_file is too restrictive on\n filename). (Mike)\n\n - Fixed bug #65467 (Call to undefined method\n cli_arg_typ_string). (Mike)\n\n - Fixed bug #67761 (Phar::mapPhar fails for Phars inside\n a path containing '.tar'). (Mike)\n\n - Fixed bug #69324 (Buffer Over-read in unserialize when\n parsing Phar). (Stas)\n\n - Fixed bug #69441 (Buffer Overflow when parsing\n tar/zip/phar in phar_set_inode). (Stas)\n\nPostgres :\n\n - Fixed bug #68741 (NULL pointer dereference).\n (CVE-2015-1352) (Laruence)\n\nSPL :\n\n - Fixed bug #69227 (Use after free in zval_scan caused by\n spl_object_storage_get_gc). (adam dot scarr at 99designs\n dot com)\n\nSOAP :\n\n - Fixed bug #69293 (NEW segfault when using\n SoapClient::__setSoapHeader (bisected, regression)).\n (Laruence)\n\nSqlite3 :\n\n - Fixed bug #68760 (SQLITE segfaults if custom collator\n throws an exception). (Dan Ackroyd)\n\n - Fixed bug #69287 (Upgrade bundled libsqlite to\n 3.8.8.3). (Anatol)\n\n - Fixed bug #66550 (SQLite prepared statement\n use-after-free). (Sean Heelan)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185900\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185904\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213407\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213416\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213442\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213446\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213449\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-April/155837.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4fa550d3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"php-5.6.8-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:57:25", "description": "PHP 5.3 was updated to fix multiple security issues :\n\nbnc#931776: pcntl_exec() does not check path validity (CVE-2015-4026)\n\nbnc#931772: overflow in ftp_genlist() resulting in heap overflow (CVE-2015-4022)\n\nbnc#931769: memory corruption in phar_parse_tarfile when entry filename starts with NULL (CVE-2015-4021)\n\nbnc#931421: multipart/form-data remote denial-of-service vulnerability (CVE-2015-4024)\n\nbnc#928511: buffer over-read in unserialize when parsing Phar (CVE-2015-2783)\n\nbnc#928506: buffer over flow when parsing tar/zip/phar in phar_set_inode() (CVE-2015-3329)\n\nbnc#925109: SoapClient's __call() type confusion through unserialize()\n\nbnc#924972: use-after-free vulnerability in the process_nested_data function (CVE-2015-2787)\n\nbnc#923946: embedded gd copy: buffer read overflow in gd_gif_in.c (CVE-2014-9709)\n\nbnc#922452: built-in regular expression (regex) library contains a heap overflow vulnerability (CVE-2015-2305)\n\nbnc#922451: heap buffer overflow in enchant_broker_request_dict() (CVE-2014-9705)\n\nbnc#922022: php's built-in regular expression (regex) library contains a heap overflow vulnerability (CVE-2015-2301)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-06-10T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : php53 (SUSE-SU-2015:1018-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9705", "CVE-2014-9709", "CVE-2015-2301", "CVE-2015-2305", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3329", "CVE-2015-4021", "CVE-2015-4022", "CVE-2015-4024", "CVE-2015-4026"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php53", "p-cpe:/a:novell:suse_linux:php53", "p-cpe:/a:novell:suse_linux:php53-bcmath", "p-cpe:/a:novell:suse_linux:php53-bz2", "p-cpe:/a:novell:suse_linux:php53-calendar", "p-cpe:/a:novell:suse_linux:php53-ctype", "p-cpe:/a:novell:suse_linux:php53-curl", "p-cpe:/a:novell:suse_linux:php53-dba", "p-cpe:/a:novell:suse_linux:php53-dom", "p-cpe:/a:novell:suse_linux:php53-exif", "p-cpe:/a:novell:suse_linux:php53-fastcgi", "p-cpe:/a:novell:suse_linux:php53-fileinfo", "p-cpe:/a:novell:suse_linux:php53-ftp", "p-cpe:/a:novell:suse_linux:php53-gd", "p-cpe:/a:novell:suse_linux:php53-gettext", "p-cpe:/a:novell:suse_linux:php53-gmp", "p-cpe:/a:novell:suse_linux:php53-iconv", "p-cpe:/a:novell:suse_linux:php53-intl", "p-cpe:/a:novell:suse_linux:php53-json", "p-cpe:/a:novell:suse_linux:php53-ldap", "p-cpe:/a:novell:suse_linux:php53-mbstring", "p-cpe:/a:novell:suse_linux:php53-mcrypt", "p-cpe:/a:novell:suse_linux:php53-mysql", "p-cpe:/a:novell:suse_linux:php53-odbc", "p-cpe:/a:novell:suse_linux:php53-openssl", "p-cpe:/a:novell:suse_linux:php53-pcntl", "p-cpe:/a:novell:suse_linux:php53-pdo", "p-cpe:/a:novell:suse_linux:php53-pear", "p-cpe:/a:novell:suse_linux:php53-pgsql", "p-cpe:/a:novell:suse_linux:php53-pspell", "p-cpe:/a:novell:suse_linux:php53-shmop", "p-cpe:/a:novell:suse_linux:php53-snmp", "p-cpe:/a:novell:suse_linux:php53-soap", "p-cpe:/a:novell:suse_linux:php53-suhosin", "p-cpe:/a:novell:suse_linux:php53-sysvmsg", "p-cpe:/a:novell:suse_linux:php53-sysvsem", "p-cpe:/a:novell:suse_linux:php53-sysvshm", "p-cpe:/a:novell:suse_linux:php53-tokenizer", "p-cpe:/a:novell:suse_linux:php53-wddx", "p-cpe:/a:novell:suse_linux:php53-xmlreader", "p-cpe:/a:novell:suse_linux:php53-xmlrpc", "p-cpe:/a:novell:suse_linux:php53-xmlwriter", "p-cpe:/a:novell:suse_linux:php53-xsl", "p-cpe:/a:novell:suse_linux:php53-zip", "p-cpe:/a:novell:suse_linux:php53-zlib", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2015-1018-1.NASL", "href": "https://www.tenable.com/plugins/nessus/84082", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1018-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84082);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-9705\", \"CVE-2014-9709\", \"CVE-2015-2301\", \"CVE-2015-2305\", \"CVE-2015-2783\", \"CVE-2015-2787\", \"CVE-2015-3329\", \"CVE-2015-4021\", \"CVE-2015-4022\", \"CVE-2015-4024\", \"CVE-2015-4026\");\n script_bugtraq_id(72611, 73031, 73037, 73306, 73431, 74239, 74240, 74700, 74902, 74903, 75056);\n\n script_name(english:\"SUSE SLES11 Security Update : php53 (SUSE-SU-2015:1018-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP 5.3 was updated to fix multiple security issues :\n\nbnc#931776: pcntl_exec() does not check path validity (CVE-2015-4026)\n\nbnc#931772: overflow in ftp_genlist() resulting in heap overflow\n(CVE-2015-4022)\n\nbnc#931769: memory corruption in phar_parse_tarfile when entry\nfilename starts with NULL (CVE-2015-4021)\n\nbnc#931421: multipart/form-data remote denial-of-service vulnerability\n(CVE-2015-4024)\n\nbnc#928511: buffer over-read in unserialize when parsing Phar\n(CVE-2015-2783)\n\nbnc#928506: buffer over flow when parsing tar/zip/phar in\nphar_set_inode() (CVE-2015-3329)\n\nbnc#925109: SoapClient's __call() type confusion through unserialize()\n\nbnc#924972: use-after-free vulnerability in the process_nested_data\nfunction (CVE-2015-2787)\n\nbnc#923946: embedded gd copy: buffer read overflow in gd_gif_in.c\n(CVE-2014-9709)\n\nbnc#922452: built-in regular expression (regex) library contains a\nheap overflow vulnerability (CVE-2015-2305)\n\nbnc#922451: heap buffer overflow in enchant_broker_request_dict()\n(CVE-2014-9705)\n\nbnc#922022: php's built-in regular expression (regex) library contains\na heap overflow vulnerability (CVE-2015-2301)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=922022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=922451\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=922452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=923946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=924972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=925109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=928506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=928511\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931769\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931776\"\n );\n # https://download.suse.com/patch/finder/?keywords=50901ea397c43cdc72e7b8b864450cd7\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d03cc6d1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9705/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9709/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2301/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2305/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2783/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2787/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3329/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4021/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4022/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4024/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4026/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151018-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?48073445\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11 SP3 :\n\nzypper in -t patch sdksp3-apache2-mod_php53=10716\n\nSUSE Linux Enterprise Server 11 SP3 for VMware :\n\nzypper in -t patch slessp3-apache2-mod_php53=10716\n\nSUSE Linux Enterprise Server 11 SP3 :\n\nzypper in -t patch slessp3-apache2-mod_php53=10716\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"apache2-mod_php53-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-bcmath-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-bz2-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-calendar-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-ctype-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-curl-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-dba-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-dom-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-exif-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-fastcgi-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-fileinfo-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-ftp-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-gd-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-gettext-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-gmp-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-iconv-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-intl-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-json-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-ldap-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-mbstring-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-mcrypt-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-mysql-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-odbc-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-openssl-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-pcntl-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-pdo-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-pear-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-pgsql-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-pspell-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-shmop-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-snmp-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-soap-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-suhosin-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-sysvmsg-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-sysvsem-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-sysvshm-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-tokenizer-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-wddx-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-xmlreader-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-xmlrpc-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-xmlwriter-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-xsl-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-zip-5.3.17-0.41.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-zlib-5.3.17-0.41.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:37", "description": "According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.6. It is, therefore, affected by multiple vulnerabilities :\n\n - A heap-based buffer overflow flaw in the enchant_broker_request_dict function in ext/enchant/enchant.c could allow a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2014-9705)\n\n - A heap-based buffer overflow flaw in the GNU C Library (glibc) due to improperly validating user-supplied input in the glibc functions __nss_hostname_digits_dots(), gethostbyname(), and gethostbyname2(). This allows a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-0235)\n\n - A use-after-free flaw exists in the function php_date_timezone_initialize_from_hash() within the 'ext/date/php_date.c' script. An attacker can exploit this to access sensitive information or crash applications linked to PHP. (CVE-2015-0273)\n\n - A use-after-free vulnerability in the phar_rename_archive function in phar_object.c could allow a remote attacker to cause a denial of service.\n (CVE-2015-2301)\n\n - An XML External Entity (XXE) flaw exists in the PHP-FPM component due to improper parsing of XML data. A remote attacker can exploit this, via specially crafted XML data, to disclose sensitive information or cause a denial of service. (CVE-2015-8866)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2015-02-25T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.6 Multiple Vulnerabilities (GHOST)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9705", "CVE-2015-0235", "CVE-2015-0273", "CVE-2015-2301", "CVE-2015-8866"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_6_6.NASL", "href": "https://www.tenable.com/plugins/nessus/81512", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81512);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2014-9705\",\n \"CVE-2015-0235\",\n \"CVE-2015-0273\",\n \"CVE-2015-2301\",\n \"CVE-2015-8866\"\n );\n script_bugtraq_id(\n 72325,\n 72701,\n 73031,\n 73034,\n 73037\n );\n script_xref(name:\"CERT\", value:\"967332\");\n\n script_name(english:\"PHP 5.6.x < 5.6.6 Multiple Vulnerabilities (GHOST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.6.x installed on the\nremote host is prior to 5.6.6. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A heap-based buffer overflow flaw in the\n enchant_broker_request_dict function in\n ext/enchant/enchant.c could allow a remote attacker\n to cause a buffer overflow, resulting in\n a denial of service condition or the execution of\n arbitrary code. (CVE-2014-9705)\n\n - A heap-based buffer overflow flaw in the GNU C Library\n (glibc) due to improperly validating user-supplied input\n in the glibc functions __nss_hostname_digits_dots(),\n gethostbyname(), and gethostbyname2(). This allows a\n remote attacker to cause a buffer overflow, resulting in\n a denial of service condition or the execution of\n arbitrary code. (CVE-2015-0235)\n\n - A use-after-free flaw exists in the function\n php_date_timezone_initialize_from_hash() within the\n 'ext/date/php_date.c' script. An attacker can exploit\n this to access sensitive information or crash\n applications linked to PHP. (CVE-2015-0273)\n\n - A use-after-free vulnerability in the\n phar_rename_archive function in phar_object.c could\n allow a remote attacker to cause a denial of service.\n (CVE-2015-2301)\n\n - An XML External Entity (XXE) flaw exists in the PHP-FPM\n component due to improper parsing of XML data. A remote\n attacker can exploit this, via specially crafted XML\n data, to disclose sensitive information or cause a\n denial of service. (CVE-2015-8866)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.6.6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68942\");\n # https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7a6ddbd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.6.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-0235\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Exim GHOST (glibc gethostbyname) Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.6)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.6\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.6.x\", port);\n\nif (version =~ \"^5\\.6\\.[0-5]($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.6.6' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:49:03", "description": "According to its banner, the version of PHP 5.5.x installed on the remote host is prior to 5.5.22. It is, therefore, affected by multiple vulnerabilities :\n\n - A heap-based buffer overflow flaw in the enchant_broker_request_dict function in ext/enchant/enchant.c could allow a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2014-9705)\n\n - A heap-based buffer overflow flaw in the GNU C Library (glibc) due to improperly validating user-supplied input in the glibc functions __nss_hostname_digits_dots(), gethostbyname(), and gethostbyname2(). This allows a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-0235)\n\n - A use-after-free flaw exists in the function php_date_timezone_initialize_from_hash() within the 'ext/date/php_date.c' script. An attacker can exploit this to access sensitive information or crash applications linked to PHP. (CVE-2015-0273)\n\n - A use-after-free vulnerability in the phar_rename_archive function in phar_object.c could allow a remote attacker to cause a denial of service.\n (CVE-2015-2301)\n\n - An XML External Entity (XXE) flaw exists in the PHP-FPM component due to improper parsing of XML data. A remote attacker can exploit this, via specially crafted XML data, to disclose sensitive information or cause a denial of service. (CVE-2015-8866) Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2015-02-25T00:00:00", "type": "nessus", "title": "PHP 5.5.x < 5.5.22 Multiple Vulnerabilities (GHOST)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9705", "CVE-2015-0235", "CVE-2015-0273", "CVE-2015-2301", "CVE-2015-8866"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_5_22.NASL", "href": "https://www.tenable.com/plugins/nessus/81511", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81511);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2014-9705\",\n \"CVE-2015-0235\",\n \"CVE-2015-0273\",\n \"CVE-2015-2301\",\n \"CVE-2015-8866\"\n );\n script_bugtraq_id(\n 72325,\n 72701,\n 73031,\n 73034,\n 73037\n );\n script_xref(name:\"CERT\", value:\"967332\");\n\n script_name(english:\"PHP 5.5.x < 5.5.22 Multiple Vulnerabilities (GHOST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.5.x installed on the\nremote host is prior to 5.5.22. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A heap-based buffer overflow flaw in the\n enchant_broker_request_dict function in\n ext/enchant/enchant.c could allow a remote attacker\n to cause a buffer overflow, resulting in\n a denial of service condition or the execution of\n arbitrary code. (CVE-2014-9705)\n\n - A heap-based buffer overflow flaw in the GNU C Library\n (glibc) due to improperly validating user-supplied input\n in the glibc functions __nss_hostname_digits_dots(),\n gethostbyname(), and gethostbyname2(). This allows a\n remote attacker to cause a buffer overflow, resulting in\n a denial of service condition or the execution of\n arbitrary code. (CVE-2015-0235)\n\n - A use-after-free flaw exists in the function\n php_date_timezone_initialize_from_hash() within the\n 'ext/date/php_date.c' script. An attacker can exploit\n this to access sensitive information or crash\n applications linked to PHP. (CVE-2015-0273)\n\n - A use-after-free vulnerability in the\n phar_rename_archive function in phar_object.c could\n allow a remote attacker to cause a denial of service.\n (CVE-2015-2301)\n\n - An XML External Entity (XXE) flaw exists in the PHP-FPM\n component due to improper parsing of XML data. A remote\n attacker can exploit this, via specially crafted XML\n data, to disclose sensitive information or cause a\n denial of service. (CVE-2015-8866)\n \nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.5.22\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68942\");\n # https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7a6ddbd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.5.22 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-0235\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Exim GHOST (glibc gethostbyname) Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.5)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.5\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.5.x\", port);\n\nif (version =~ \"^5\\.5\\.([0-9]|1[0-9]|2[01])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.5.22' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-27T14:19:19", "description": "From Red Hat Security Advisory 2015:1635 :\n\nAn updated sqlite package that fixes three security issues is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : sqlite (ELSA-2015-1635)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:lemon", "p-cpe:/a:oracle:linux:sqlite", "p-cpe:/a:oracle:linux:sqlite-devel", "p-cpe:/a:oracle:linux:sqlite-doc", "p-cpe:/a:oracle:linux:sqlite-tcl", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2015-1635.NASL", "href": "https://www.tenable.com/plugins/nessus/85491", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1635 and \n# Oracle Linux Security Advisory ELSA-2015-1635 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85491);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"RHSA\", value:\"2015:1635\");\n\n script_name(english:\"Oracle Linux 7 : sqlite (ELSA-2015-1635)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1635 :\n\nAn updated sqlite package that fixes three security issues is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a\nsingle disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and\nflexibility of a SQL database without the administrative hassles of\nsupporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-August/005344.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sqlite packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"sqlite-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"sqlite-devel-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"sqlite-doc-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-devel / sqlite-doc / sqlite-tcl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:19:29", "description": "An updated sqlite package that fixes three security issues is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "RHEL 7 : sqlite (RHSA-2015:1635)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:lemon", "p-cpe:/a:redhat:enterprise_linux:sqlite", "p-cpe:/a:redhat:enterprise_linux:sqlite-debuginfo", "p-cpe:/a:redhat:enterprise_linux:sqlite-devel", "p-cpe:/a:redhat:enterprise_linux:sqlite-doc", "p-cpe:/a:redhat:enterprise_linux:sqlite-tcl", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.1", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2015-1635.NASL", "href": "https://www.tenable.com/plugins/nessus/85496", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1635. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85496);\n script_version(\"2.15\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"RHSA\", value:\"2015:1635\");\n\n script_name(english:\"RHEL 7 : sqlite (RHSA-2015:1635)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated sqlite package that fixes three security issues is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a\nsingle disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and\nflexibility of a SQL database without the administrative hassles of\nsupporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3416\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3414\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1635\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"sqlite-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"sqlite-debuginfo-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"sqlite-devel-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"sqlite-doc-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-debuginfo / sqlite-devel / sqlite-doc / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:19:30", "description": "A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : sqlite on SL7.x x86_64 (20150817)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:lemon", "p-cpe:/a:fermilab:scientific_linux:sqlite", "p-cpe:/a:fermilab:scientific_linux:sqlite-debuginfo", "p-cpe:/a:fermilab:scientific_linux:sqlite-devel", "p-cpe:/a:fermilab:scientific_linux:sqlite-doc", "p-cpe:/a:fermilab:scientific_linux:sqlite-tcl", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150817_SQLITE_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/85502", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85502);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n\n script_name(english:\"Scientific Linux Security Update : sqlite on SL7.x x86_64 (20150817)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1508&L=scientific-linux-errata&F=&S=&P=15216\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?212022ab\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"sqlite-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"sqlite-debuginfo-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"sqlite-devel-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"sqlite-doc-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-debuginfo / sqlite-devel / sqlite-doc / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:15:48", "description": "Michal Zalewski discovered multiple vulnerabilities in SQLite, which may result in denial of service or the execution of arbitrary code.", "cvss3": {}, "published": "2015-05-07T00:00:00", "type": "nessus", "title": "Debian DSA-3252-1 : sqlite3 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:sqlite3", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3252.NASL", "href": "https://www.tenable.com/plugins/nessus/83273", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3252. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83273);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_bugtraq_id(74228);\n script_xref(name:\"DSA\", value:\"3252\");\n\n script_name(english:\"Debian DSA-3252-1 : sqlite3 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Michal Zalewski discovered multiple vulnerabilities in SQLite, which\nmay result in denial of service or the execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783968\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/sqlite3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3252\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the sqlite3 packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 3.8.7.1-1+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"lemon\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-0\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-0-dbg\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-dev\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsqlite3-tcl\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sqlite3\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sqlite3-doc\", reference:\"3.8.7.1-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:17:23", "description": "The remote host is affected by the vulnerability described in GLSA-201507-05 (SQLite: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A context-dependent attacker could possibly cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2015-07-08T00:00:00", "type": "nessus", "title": "GLSA-201507-05 : SQLite: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:sqlite", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201507-05.NASL", "href": "https://www.tenable.com/plugins/nessus/84604", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201507-05.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84604);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_bugtraq_id(74228);\n script_xref(name:\"GLSA\", value:\"201507-05\");\n\n script_name(english:\"GLSA-201507-05 : SQLite: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201507-05\n(SQLite: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in SQLite. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker could possibly cause a Denial of Service\n condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201507-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All SQLite users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/sqlite-3.8.9'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-db/sqlite\", unaffected:make_list(\"ge 3.8.9\"), vulnerable:make_list(\"lt 3.8.9\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SQLite\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:19:07", "description": "An updated sqlite package that fixes three security issues is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and flexibility of a SQL database without the administrative hassles of supporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {}, "published": "2015-08-18T00:00:00", "type": "nessus", "title": "CentOS 7 : sqlite (CESA-2015:1635)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:lemon", "p-cpe:/a:centos:centos:sqlite", "p-cpe:/a:centos:centos:sqlite-devel", "p-cpe:/a:centos:centos:sqlite-doc", "p-cpe:/a:centos:centos:sqlite-tcl", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2015-1635.NASL", "href": "https://www.tenable.com/plugins/nessus/85463", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1635 and \n# CentOS Errata and Security Advisory 2015:1635 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85463);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"RHSA\", value:\"2015:1635\");\n\n script_name(english:\"CentOS 7 : sqlite (CESA-2015:1635)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated sqlite package that fixes three security issues is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nSQLite is a C library that implements a SQL database engine. A large\nsubset of SQL92 is supported. A complete database is stored in a\nsingle disk file. The API is designed for convenience and ease of use.\nApplications that link against SQLite can enjoy the power and\nflexibility of a SQL database without the administrative hassles of\nsupporting a separate database server.\n\nA flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\n\nAll sqlite users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-August/021337.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?df1770c2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sqlite packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-3414\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"lemon-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"sqlite-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"sqlite-devel-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"sqlite-doc-3.7.17-6.el7_1.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"sqlite-tcl-3.7.17-6.el7_1.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-devel / sqlite-doc / sqlite-tcl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:14:28", "description": "Multiple vulnerabilities has been found and corrected in sqlite3 :\n\nSQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement (CVE-2015-3414).\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0 O>O) in a CREATE TABLE statement (CVE-2015-3415).\n\nThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement (CVE-2015-3416).\n\nThe updated packages provides a solution for these security issues.", "cvss3": {}, "published": "2015-05-01T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : sqlite3 (MDVSA-2015:217)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lemon", "p-cpe:/a:mandriva:linux:lib64sqlite3-devel", "p-cpe:/a:mandriva:linux:lib64sqlite3-static-devel", "p-cpe:/a:mandriva:linux:lib64sqlite3_0", "p-cpe:/a:mandriva:linux:sqlite3-tcl", "p-cpe:/a:mandriva:linux:sqlite3-tools", "cpe:/o:mandriva:business_server:1", "cpe:/o:mandriva:business_server:2"], "id": "MANDRIVA_MDVSA-2015-217.NASL", "href": "https://www.tenable.com/plugins/nessus/83169", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:217. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83169);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"MDVSA\", value:\"2015:217\");\n\n script_name(english:\"Mandriva Linux Security Advisory : sqlite3 (MDVSA-2015:217)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in sqlite3 :\n\nSQLite before 3.8.9 does not properly implement the dequoting of\ncollation-sequence names, which allows context-dependent attackers to\ncause a denial of service (uninitialized memory access and application\ncrash) or possibly have unspecified other impact via a crafted COLLATE\nclause, as demonstrated by COLLATE at the end of a SELECT statement\n(CVE-2015-3414).\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not\nproperly implement comparison operators, which allows\ncontext-dependent attackers to cause a denial of service (invalid free\noperation) or possibly have unspecified other impact via a crafted\nCHECK clause, as demonstrated by CHECK(0 O>O) in a CREATE TABLE\nstatement (CVE-2015-3415).\n\nThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does\nnot properly handle precision and width values during floating-point\nconversions, which allows context-dependent attackers to cause a\ndenial of service (integer overflow and stack-based buffer overflow)\nor possibly have unspecified other impact via large integers in a\ncrafted printf function call in a SELECT statement (CVE-2015-3416).\n\nThe updated packages provides a solution for these security issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1212357\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64sqlite3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64sqlite3-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64sqlite3_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:sqlite3-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:sqlite3-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lemon-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64sqlite3-devel-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64sqlite3-static-devel-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64sqlite3_0-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"sqlite3-tcl-3.8.9-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"sqlite3-tools-3.8.9-1.mbs1\")) flag++;\n\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lemon-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64sqlite3-devel-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64sqlite3-static-devel-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64sqlite3_0-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"sqlite3-tcl-3.8.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"sqlite3-tools-3.8.9-1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:14:43", "description": "NVD reports :\n\nSQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE'''''''' at the end of a SELECT statement.\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.\n\nThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.", "cvss3": {}, "published": "2015-04-20T00:00:00", "type": "nessus", "title": "FreeBSD : sqlite -- multiple vulnerabilities (dec3164f-3121-45ef-af18-bb113ac5082f)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:sqlite3", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_DEC3164F312145EFAF18BB113AC5082F.NASL", "href": "https://www.tenable.com/plugins/nessus/82893", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82893);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n\n script_name(english:\"FreeBSD : sqlite -- multiple vulnerabilities (dec3164f-3121-45ef-af18-bb113ac5082f)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"NVD reports :\n\nSQLite before 3.8.9 does not properly implement the dequoting of\ncollation-sequence names, which allows context-dependent attackers to\ncause a denial of service (uninitialized memory access and application\ncrash) or possibly have unspecified other impact via a crafted COLLATE\nclause, as demonstrated by COLLATE'''''''' at the end of a SELECT\nstatement.\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not\nproperly implement comparison operators, which allows\ncontext-dependent attackers to cause a denial of service (invalid free\noperation) or possibly have unspecified other impact via a crafted\nCHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE\nstatement.\n\nThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does\nnot properly handle precision and width values during floating-point\nconversions, which allows context-dependent attackers to cause a\ndenial of service (integer overflow and stack-based buffer overflow)\nor possibly have unspecified other impact via large integers in a\ncrafted printf function call in a SELECT statement.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.sqlite.org/src/info/eddc05e7bb31fae7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.sqlite.org/src/info/02e3c88fbf6abdcf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.sqlite.org/src/info/c494171f77dc2e5e\"\n );\n # http://seclists.org/fulldisclosure/2015/Apr/31\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://seclists.org/fulldisclosure/2015/Apr/31\"\n );\n # https://vuxml.freebsd.org/freebsd/dec3164f-3121-45ef-af18-bb113ac5082f.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?972e9809\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"sqlite3<3.8.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T14:20:02", "description": "A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly implement comparison operators. A local attacker could submit a specially crafted CHECK statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)", "cvss3": {}, "published": "2015-09-03T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : sqlite (ALAS-2015-591)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3414", "CVE-2015-3415", "CVE-2015-3416"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:lemon", "p-cpe:/a:amazon:linux:sqlite", "p-cpe:/a:amazon:linux:sqlite-debuginfo", "p-cpe:/a:amazon:linux:sqlite-devel", "p-cpe:/a:amazon:linux:sqlite-doc", "p-cpe:/a:amazon:linux:sqlite-tcl", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-591.NASL", "href": "https://www.tenable.com/plugins/nessus/85749", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-591.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85749);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-3414\", \"CVE-2015-3415\", \"CVE-2015-3416\");\n script_xref(name:\"ALAS\", value:\"2015-591\");\n\n script_name(english:\"Amazon Linux AMI : sqlite (ALAS-2015-591)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way SQLite handled dequoting of\ncollation-sequence names. A local attacker could submit a specially\ncrafted COLLATE statement that would crash the SQLite process, or have\nother unspecified impacts. (CVE-2015-3414)\n\nIt was found that SQLite's sqlite3VdbeExec() function did not properly\nimplement comparison operators. A local attacker could submit a\nspecially crafted CHECK statement that would crash the SQLite process,\nor have other unspecified impacts. (CVE-2015-3415)\n\nIt was found that SQLite's sqlite3VXPrintf() function did not properly\nhandle precision and width values during floating-point conversions. A\nlocal attacker could submit a specially crafted SELECT statement that\nwould crash the SQLite process, or have other unspecified impacts.\n(CVE-2015-3416)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-591.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update sqlite' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:sqlite-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"lemon-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-debuginfo-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-devel-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-doc-3.7.17-6.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"sqlite-tcl-3.7.17-6.13.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lemon / sqlite / sqlite-debuginfo / sqlite-devel / sqlite-doc / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:02", "description": "A use-after-free flaw was found in the way PHP's unserialize() function processed data. If a remote attacker was able to pass crafted input to PHP's unserialize() function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code.\n(CVE-2015-0231)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is also embedded in PHP, processed certain ZIP archives. If an attacker were able to supply a specially crafted ZIP archive to an application using libzip, it could cause the application to crash or, possibly, execute arbitrary code.\n(CVE-2015-2331)\n\nInteger overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.\n(CVE-2015-2305)", "cvss3": {}, "published": "2015-04-17T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php56 (ALAS-2015-508)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0231", "CVE-2015-2305", "CVE-2015-2331"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php56", "p-cpe:/a:amazon:linux:php56-bcmath", "p-cpe:/a:amazon:linux:php56-cli", "p-cpe:/a:amazon:linux:php56-common", "p-cpe:/a:amazon:linux:php56-dba", "p-cpe:/a:amazon:linux:php56-dbg", "p-cpe:/a:amazon:linux:php56-debuginfo", "p-cpe:/a:amazon:linux:php56-devel", "p-cpe:/a:amazon:linux:php56-embedded", "p-cpe:/a:amazon:linux:php56-enchant", "p-cpe:/a:amazon:linux:php56-fpm", "p-cpe:/a:amazon:linux:php56-gd", "p-cpe:/a:amazon:linux:php56-gmp", "p-cpe:/a:amazon:linux:php56-imap", "p-cpe:/a:amazon:linux:php56-intl", "p-cpe:/a:amazon:linux:php56-ldap", "p-cpe:/a:amazon:linux:php56-mbstring", "p-cpe:/a:amazon:linux:php56-mcrypt", "p-cpe:/a:amazon:linux:php56-mssql", "p-cpe:/a:amazon:linux:php56-mysqlnd", "p-cpe:/a:amazon:linux:php56-odbc", "p-cpe:/a:amazon:linux:php56-opcache", "p-cpe:/a:amazon:linux:php56-pdo", "p-cpe:/a:amazon:linux:php56-pgsql", "p-cpe:/a:amazon:linux:php56-process", "p-cpe:/a:amazon:linux:php56-pspell", "p-cpe:/a:amazon:linux:php56-recode", "p-cpe:/a:amazon:linux:php56-snmp", "p-cpe:/a:amazon:linux:php56-soap", "p-cpe:/a:amazon:linux:php56-tidy", "p-cpe:/a:amazon:linux:php56-xml", "p-cpe:/a:amazon:linux:php56-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-508.NASL", "href": "https://www.tenable.com/plugins/nessus/82836", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-508.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82836);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-0231\", \"CVE-2015-2305\", \"CVE-2015-2331\");\n script_xref(name:\"ALAS\", value:\"2015-508\");\n\n script_name(english:\"Amazon Linux AMI : php56 (ALAS-2015-508)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free flaw was found in the way PHP's unserialize()\nfunction processed data. If a remote attacker was able to pass crafted\ninput to PHP's unserialize() function, they could cause the PHP\ninterpreter to crash or, possibly, execute arbitrary code.\n(CVE-2015-0231)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way libzip, which is also embedded in PHP, processed\ncertain ZIP archives. If an attacker were able to supply a specially\ncrafted ZIP archive to an application using libzip, it could cause the\napplication to crash or, possibly, execute arbitrary code.\n(CVE-2015-2331)\n\nInteger overflow in the regcomp implementation in the Henry Spencer\nBSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as\nused in NetBSD through 6.1.5 and other products, might allow\ncontext-dependent attackers to execute arbitrary code via a large\nregular expression that leads to a heap-based buffer overflow.\n(CVE-2015-2305)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-508.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php56' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php56-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-bcmath-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-cli-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-common-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dba-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dbg-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-debuginfo-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-devel-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-embedded-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-enchant-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-fpm-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gd-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gmp-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-imap-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-intl-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-ldap-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mbstring-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mcrypt-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mssql-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mysqlnd-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-odbc-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-opcache-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pdo-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pgsql-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-process-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pspell-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-recode-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-snmp-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-soap-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-tidy-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xml-5.6.7-1.110.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xmlrpc-5.6.7-1.110.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php56 / php56-bcmath / php56-cli / php56-common / php56-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:50", "description": "**19 Mar 2015, PHP 5.6.7**\n\nCore :\n\n - Fixed bug #69174 (leaks when unused inner class use traits precedence). (Laruence)\n\n - Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize). (Laruence)\n\n - Fixed bug #69121 (Segfault in get_current_user when script owner is not in passwd with ZTS build). (dan at syneto dot net)\n\n - Fixed bug #65593 (Segfault when calling ob_start from output buffering callback). (Mike)\n\n - Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file not validated in memory.c). (nayana at ddproperty dot com)\n\n - Fixed bug #68166 (Exception with invalid character causes segv). (Rasmus)\n\n - Fixed bug #69141 (Missing arguments in reflection info for some builtin functions). (kostyantyn dot lysyy at oracle dot com)\n\n - Fixed bug #68976 (Use After Free Vulnerability in unserialize()) (CVE-2015-0231). (Stas)\n\n - Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options). (Anatol Belski)\n\n - Fixed bug #69207 (move_uploaded_file allows nulls in path). (Stas)\n\nCGI :\n\n - Fixed bug #69015 (php-cgi's getopt does not see $argv).\n (Laruence)\n\nCLI :\n\n - Fixed bug #67741 (auto_prepend_file messes up __LINE__).\n (Reeze Xia)\n\ncURL :\n\n - Fixed bug #69088 (PHP_MINIT_FUNCTION does not fully initialize cURL on Win32). (Grant Pannell)\n\n - Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME constants if supported by libcurl. (Linus Unneback)\n\nEreg :\n\n - Fixed bug #69248 (heap overflow vulnerability in regcomp.c) (CVE-2015-2305). (Stas)\n\nFPM :\n\n - Fixed bug #68822 (request time is reset too early).\n (honghu069 at 163 dot com)\n\nODBC :\n\n - Fixed bug #68964 (Allowed memory size exhausted with odbc_exec). (Anatol)\n\nOpcache :\n\n - Fixed bug #69159 (Opcache causes problem when passing a variable variable to a function). (Dmitry, Laruence)\n\n - Fixed bug #69125 (Array numeric string as key).\n (Laruence)\n\n - Fixed bug #69038 (switch(SOMECONSTANT) misbehaves).\n (Laruence)\n\nOpenSSL :\n\n - Fixed bug #68912 (Segmentation fault at openssl_spki_new). (Laruence)\n\n - Fixed bug #61285, #68329, #68046, #41631 (encrypted streams don't observe socket timeouts). (Brad Broerman)\n\n - Fixed bug #68920 (use strict peer_fingerprint input checks) (Daniel Lowrey)\n\n - Fixed bug #68879 (IP Address fields in subjectAltNames not used) (Daniel Lowrey)\n\n - Fixed bug #68265 (SAN match fails with trailing DNS dot) (Daniel Lowrey)\n\n - Fixed bug #67403 (Add signatureType to openssl_x509_parse) (Daniel Lowrey)\n\n - Fixed bug (#69195 Inconsistent stream crypto values across versions) (Daniel Lowrey)\n\npgsql :\n\n - Fixed bug #68638 (pg_update() fails to store infinite values). (william dot welter at 4linux dot com dot br, Laruence)\n\nReadline :\n\n - Fixed bug #69054 (Null dereference in readline_(read|write)_history() without parameters).\n (Laruence)\n\nSOAP :\n\n - Fixed bug #69085 (SoapClient's __call() type confusion through unserialize()). (andrea dot palazzo at truel dot it, Laruence)\n\nSPL :\n\n - Fixed bug #69108 ('Segmentation fault' when (de)serializing SplObjectStorage). (Laruence)\n\n - Fixed bug #68557 (RecursiveDirectoryIterator::seek(0) broken after calling getChildren()). (Julien)\n\nZIP :\n\n - Fixed bug #69253 (ZIP Integer Overflow leads to writing past heap boundary) (CVE-2015-2331). (Stas)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-03-27T00:00:00", "type": "nessus", "title": "Fedora 22 : php-5.6.7-2.fc22 (2015-4255)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0231", "CVE-2015-2305", "CVE-2015-2331"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-4255.NASL", "href": "https://www.tenable.com/plugins/nessus/82284", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4255.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82284);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(72539);\n script_xref(name:\"FEDORA\", value:\"2015-4255\");\n\n script_name(english:\"Fedora 22 : php-5.6.7-2.fc22 (2015-4255)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"**19 Mar 2015, PHP 5.6.7**\n\nCore :\n\n - Fixed bug #69174 (leaks when unused inner class use\n traits precedence). (Laruence)\n\n - Fixed bug #69139 (Crash in gc_zval_possible_root on\n unserialize). (Laruence)\n\n - Fixed bug #69121 (Segfault in get_current_user when\n script owner is not in passwd with ZTS build). (dan at\n syneto dot net)\n\n - Fixed bug #65593 (Segfault when calling ob_start from\n output buffering callback). (Mike)\n\n - Fixed bug #68986 (pointer returned by\n php_stream_fopen_temporary_file not validated in\n memory.c). (nayana at ddproperty dot com)\n\n - Fixed bug #68166 (Exception with invalid character\n causes segv). (Rasmus)\n\n - Fixed bug #69141 (Missing arguments in reflection info\n for some builtin functions). (kostyantyn dot lysyy at\n oracle dot com)\n\n - Fixed bug #68976 (Use After Free Vulnerability in\n unserialize()) (CVE-2015-0231). (Stas)\n\n - Fixed bug #69134 (Per Directory Values overrides\n PHP_INI_SYSTEM configuration options). (Anatol Belski)\n\n - Fixed bug #69207 (move_uploaded_file allows nulls in\n path). (Stas)\n\nCGI :\n\n - Fixed bug #69015 (php-cgi's getopt does not see $argv).\n (Laruence)\n\nCLI :\n\n - Fixed bug #67741 (auto_prepend_file messes up __LINE__).\n (Reeze Xia)\n\ncURL :\n\n - Fixed bug #69088 (PHP_MINIT_FUNCTION does not fully\n initialize cURL on Win32). (Grant Pannell)\n\n - Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME\n constants if supported by libcurl. (Linus Unneback)\n\nEreg :\n\n - Fixed bug #69248 (heap overflow vulnerability in\n regcomp.c) (CVE-2015-2305). (Stas)\n\nFPM :\n\n - Fixed bug #68822 (request time is reset too early).\n (honghu069 at 163 dot com)\n\nODBC :\n\n - Fixed bug #68964 (Allowed memory size exhausted with\n odbc_exec). (Anatol)\n\nOpcache :\n\n - Fixed bug #69159 (Opcache causes problem when passing a\n variable variable to a function). (Dmitry, Laruence)\n\n - Fixed bug #69125 (Array numeric string as key).\n (Laruence)\n\n - Fixed bug #69038 (switch(SOMECONSTANT) misbehaves).\n (Laruence)\n\nOpenSSL :\n\n - Fixed bug #68912 (Segmentation fault at\n openssl_spki_new). (Laruence)\n\n - Fixed bug #61285, #68329, #68046, #41631 (encrypted\n streams don't observe socket timeouts). (Brad\n Broerman)\n\n - Fixed bug #68920 (use strict peer_fingerprint input\n checks) (Daniel Lowrey)\n\n - Fixed bug #68879 (IP Address fields in subjectAltNames\n not used) (Daniel Lowrey)\n\n - Fixed bug #68265 (SAN match fails with trailing DNS\n dot) (Daniel Lowrey)\n\n - Fixed bug #67403 (Add signatureType to\n openssl_x509_parse) (Daniel Lowrey)\n\n - Fixed bug (#69195 Inconsistent stream crypto values\n across versions) (Daniel Lowrey)\n\npgsql :\n\n - Fixed bug #68638 (pg_update() fails to store infinite\n values). (william dot welter at 4linux dot com dot br,\n Laruence)\n\nReadline :\n\n - Fixed bug #69054 (Null dereference in\n readline_(read|write)_history() without parameters).\n (Laruence)\n\nSOAP :\n\n - Fixed bug #69085 (SoapClient's __call() type confusion\n through unserialize()). (andrea dot palazzo at truel dot\n it, Laruence)\n\nSPL :\n\n - Fixed bug #69108 ('Segmentation fault' when\n (de)serializing SplObjectStorage). (Laruence)\n\n - Fixed bug #68557 (RecursiveDirectoryIterator::seek(0)\n broken after calling getChildren()). (Julien)\n\nZIP :\n\n - Fixed bug #69253 (ZIP Integer Overflow leads to writing\n past heap boundary) (CVE-2015-2331). (Stas)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1204868\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153269.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?215d7f24\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"php-5.6.7-2.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-11T14:53:00", "description": "A use-after-free flaw was found in the way PHP's unserialize() function processed data. If a remote attacker was able to pass crafted input to PHP's unserialize() function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code.\n(CVE-2015-0231)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is also embedded in PHP, processed certain ZIP archives. If an attacker were able to supply a specially crafted ZIP archive to an application using libzip, it could cause the application to crash or, possibly, execute arbitrary code.\n(CVE-2015-2331)\n\nInteger overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.\n(CVE-2015-2305)", "cvss3": {}, "published": "2015-04-17T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php54 (ALAS-2015-506)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0231", "CVE-2015-2305", "CVE-2015-2331"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php54", "p-cpe:/a:amazon:linux:php54-bcmath", "p-cpe:/a:amazon:linux:php54-cli", "p-cpe:/a:amazon:linux:php54-common", "p-cpe:/a:amazon:linux:php54-dba", "p-cpe:/a:amazon:linux:php54-debuginfo", "p-cpe:/a:amazon:linux:php54-devel", "p-cpe:/a:amazon:linux:php54-embedded", "p-cpe:/a:amazon:linux:php54-enchant", "p-cpe:/a:amazon:linux:php54-fpm", "p-cpe:/a:amazon:linux:php54-gd", "p-cpe:/a:amazon:linux:php54-imap", "p-cpe:/a:amazon:linux:php54-intl", "p-cpe:/a:amazon:linux:php54-ldap", "p-cpe:/a:amazon:linux:php54-mbstring", "p-cpe:/a:amazon:linux:php54-mcrypt", "p-cpe:/a:amazon:linux:php54-mssql", "p-cpe:/a:amazon:linux:php54-mysql", "p-cpe:/a:amazon:linux:php54-mysqlnd", "p-cpe:/a:amazon:linux:php54-odbc", "p-cpe:/a:amazon:linux:php54-pdo", "p-cpe:/a:amazon:linux:php54-pgsql", "p-cpe:/a:amazon:linux:php54-process", "p-cpe:/a:amazon:linux:php54-pspell", "p-cpe:/a:amazon:linux:php54-recode", "p-cpe:/a:amazon:linux:php54-snmp", "p-cpe:/a:amazon:linux:php54-soap", "p-cpe:/a:amazon:linux:php54-tidy", "p-cpe:/a:amazon:linux:php54-xml", "p-cpe:/a:amazon:linux:php54-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-506.NASL", "href": "https://www.tenable.com/plugins/nessus/82834", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-506.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82834);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-0231\", \"CVE-2015-2305\", \"CVE-2015-2331\");\n script_xref(name:\"ALAS\", value:\"2015-506\");\n\n script_name(english:\"Amazon Linux AMI : php54 (ALAS-2015-506)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free flaw was found in the way PHP's unserialize()\nfunction processed data. If a remote attacker was able to pass crafted\ninput to PHP's unserialize() function, they could cause the PHP\ninterpreter to crash or, possibly, execute arbitrary code.\n(CVE-2015-0231)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way libzip, which is also embedded in PHP, processed\ncertain ZIP archives. If an attacker were able to supply a specially\ncrafted ZIP archive to an application using libzip, it could cause the\napplication to crash or, possibly, execute arbitrary code.\n(CVE-2015-2331)\n\nInteger overflow in the regcomp implementation in the Henry Spencer\nBSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as\nused in NetBSD through 6.1.5 and other products, might allow\ncontext-dependent attackers to execute arbitrary code via a large\nregular expression that leads to a heap-based buffer overflow.\n(CVE-2015-2305)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-506.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php54' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php54-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-bcmath-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-cli-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-common-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-dba-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-debuginfo-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-devel-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-embedded-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-enchant-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-fpm-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-gd-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-imap-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-intl-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-ldap-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mbstring-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mcrypt-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mssql-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mysql-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mysqlnd-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-odbc-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pdo-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pgsql-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-process-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pspell-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-recode-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-snmp-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-soap-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-tidy-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-xml-5.4.39-1.67.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-xmlrpc-5.4.39-1.67.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php54 / php54-bcmath / php54-cli / php54-common / php54-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:25", "description": "A use-after-free flaw was found in the way PHP's unserialize() function processed data. If a remote attacker was able to pass crafted input to PHP's unserialize() function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code.\n(CVE-2015-0231)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is also embedded in PHP, processed certain ZIP archives. If an attacker were able to supply a specially crafted ZIP archive to an application using libzip, it could cause the application to crash or, possibly, execute arbitrary code.\n(CVE-2015-2331)\n\nInteger overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.\n(CVE-2015-2305)", "cvss3": {}, "published": "2015-04-17T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php55 (ALAS-2015-507)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0231", "CVE-2015-2305", "CVE-2015-2331"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php55", "p-cpe:/a:amazon:linux:php55-bcmath", "p-cpe:/a:amazon:linux:php55-cli", "p-cpe:/a:amazon:linux:php55-common", "p-cpe:/a:amazon:linux:php55-dba", "p-cpe:/a:amazon:linux:php55-debuginfo", "p-cpe:/a:amazon:linux:php55-devel", "p-cpe:/a:amazon:linux:php55-embedded", "p-cpe:/a:amazon:linux:php55-enchant", "p-cpe:/a:amazon:linux:php55-fpm", "p-cpe:/a:amazon:linux:php55-gd", "p-cpe:/a:amazon:linux:php55-gmp", "p-cpe:/a:amazon:linux:php55-imap", "p-cpe:/a:amazon:linux:php55-intl", "p-cpe:/a:amazon:linux:php55-ldap", "p-cpe:/a:amazon:linux:php55-mbstring", "p-cpe:/a:amazon:linux:php55-mcrypt", "p-cpe:/a:amazon:linux:php55-mssql", "p-cpe:/a:amazon:linux:php55-mysqlnd", "p-cpe:/a:amazon:linux:php55-odbc", "p-cpe:/a:amazon:linux:php55-opcache", "p-cpe:/a:amazon:linux:php55-pdo", "p-cpe:/a:amazon:linux:php55-pgsql", "p-cpe:/a:amazon:linux:php55-process", "p-cpe:/a:amazon:linux:php55-pspell", "p-cpe:/a:amazon:linux:php55-recode", "p-cpe:/a:amazon:linux:php55-snmp", "p-cpe:/a:amazon:linux:php55-soap", "p-cpe:/a:amazon:linux:php55-tidy", "p-cpe:/a:amazon:linux:php55-xml", "p-cpe:/a:amazon:linux:php55-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-507.NASL", "href": "https://www.tenable.com/plugins/nessus/82835", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-507.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82835);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-0231\", \"CVE-2015-2305\", \"CVE-2015-2331\");\n script_xref(name:\"ALAS\", value:\"2015-507\");\n\n script_name(english:\"Amazon Linux AMI : php55 (ALAS-2015-507)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free flaw was found in the way PHP's unserialize()\nfunction processed data. If a remote attacker was able to pass crafted\ninput to PHP's unserialize() function, they could cause the PHP\ninterpreter to crash or, possibly, execute arbitrary code.\n(CVE-2015-0231)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way libzip, which is also embedded in PHP, processed\ncertain ZIP archives. If an attacker were able to supply a specially\ncrafted ZIP archive to an application using libzip, it could cause the\napplication to crash or, possibly, execute arbitrary code.\n(CVE-2015-2331)\n\nInteger overflow in the regcomp implementation in the Henry Spencer\nBSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as\nused in NetBSD through 6.1.5 and other products, might allow\ncontext-dependent attackers to execute arbitrary code via a large\nregular expression that leads to a heap-based buffer overflow.\n(CVE-2015-2305)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-507.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php55' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php55-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-bcmath-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-cli-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-common-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-dba-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-debuginfo-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-devel-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-embedded-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-enchant-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-fpm-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-gd-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-gmp-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-imap-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-intl-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-ldap-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mbstring-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mcrypt-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mssql-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mysqlnd-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-odbc-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-opcache-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pdo-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pgsql-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-process-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pspell-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-recode-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-snmp-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-soap-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-tidy-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-xml-5.5.23-1.99.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-xmlrpc-5.5.23-1.99.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php55 / php55-bcmath / php55-cli / php55-common / php55-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:41", "description": "**19 Mar 2015, PHP 5.6.7**\n\nCore :\n\n - Fixed bug #69174 (leaks when unused inner class use traits precedence). (Laruence)\n\n - Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize). (Laruence)\n\n - Fixed bug #69121 (Segfault in get_current_user when script owner is not in passwd with ZTS build). (dan at syneto dot net)\n\n - Fixed bug #65593 (Segfault when calling ob_start from output buffering callback). (Mike)\n\n - Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file not validated in memory.c). (nayana at ddproperty dot com)\n\n - Fixed bug #68166 (Exception with invalid character causes segv). (Rasmus)\n\n - Fixed bug #69141 (Missing arguments in reflection info for some builtin functions). (kostyantyn dot lysyy at oracle dot com)\n\n - Fixed bug #68976 (Use After Free Vulnerability in unserialize()) (CVE-2015-0231). (Stas)\n\n - Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options). (Anatol Belski)\n\n - Fixed bug #69207 (move_uploaded_file allows nulls in path). (Stas)\n\nCGI :\n\n - Fixed bug #69015 (php-cgi's getopt does not see $argv).\n (Laruence)\n\nCLI :\n\n - Fixed bug #67741 (auto_prepend_file messes up __LINE__).\n (Reeze Xia)\n\ncURL :\n\n - Fixed bug #69088 (PHP_MINIT_FUNCTION does not fully initialize cURL on Win32). (Grant Pannell)\n\n - Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME constants if supported by libcurl. (Linus Unneback)\n\nEreg :\n\n - Fixed bug #69248 (heap overflow vulnerability in regcomp.c) (CVE-2015-2305). (Stas)\n\nFPM :\n\n - Fixed bug #68822 (request time is reset too early).\n (honghu069 at 163 dot com)\n\nODBC :\n\n - Fixed bug #68964 (Allowed memory size exhausted with odbc_exec). (Anatol)\n\nOpcache :\n\n - Fixed bug #69159 (Opcache causes problem when passing a variable variable to a function). (Dmitry, Laruence)\n\n - Fixed bug #69125 (Array numeric string as key).\n (Laruence)\n\n - Fixed bug #69038 (switch(SOMECONSTANT) misbehaves).\n (Laruence)\n\nOpenSSL :\n\n - Fixed bug #68912 (Segmentation fault at openssl_spki_new). (Laruence)\n\n - Fixed bug #61285, #68329, #68046, #41631 (encrypted streams don't observe socket timeouts). (Brad Broerman)\n\n - Fixed bug #68920 (use strict peer_fingerprint input checks) (Daniel Lowrey)\n\n - Fixed bug #68879 (IP Address fields in subjectAltNames not used) (Daniel Lowrey)\n\n - Fixed bug #68265 (SAN match fails with trailing DNS dot) (Daniel Lowrey)\n\n - Fixed bug #67403 (Add signatureType to openssl_x509_parse) (Daniel Lowrey)\n\n - Fixed bug (#69195 Inconsistent stream crypto values across versions) (Daniel Lowrey)\n\npgsql :\n\n - Fixed bug #68638 (pg_update() fails to store infinite values). (william dot welter at 4linux dot com dot br, Laruence)\n\nReadline :\n\n - Fixed bug #69054 (Null dereference in readline_(read|write)_history() without parameters).\n (Laruence)\n\nSOAP :\n\n - Fixed bug #69085 (SoapClient's __call() type confusion through unserialize()). (andrea dot palazzo at truel dot it, Laruence)\n\nSPL :\n\n - Fixed bug #69108 ('Segmentation fault' when (de)serializing SplObjectStorage). (Laruence)\n\n - Fixed bug #68557 (RecursiveDirectoryIterator::seek(0) broken after calling getChildren()). (Julien)\n\nZIP :\n\n - Fixed bug #69253 (ZIP Integer Overflow leads to writing past heap boundary) (CVE-2015-2331). (Stas)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-03-31T00:00:00", "type": "nessus", "title": "Fedora 21 : php-5.6.7-1.fc21 (2015-4236)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0231", "CVE-2015-2305", "CVE-2015-2331"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-4236.NASL", "href": "https://www.tenable.com/plugins/nessus/82435", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4236.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82435);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(72539);\n script_xref(name:\"FEDORA\", value:\"2015-4236\");\n\n script_name(english:\"Fedora 21 : php-5.6.7-1.fc21 (2015-4236)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"**19 Mar 2015, PHP 5.6.7**\n\nCore :\n\n - Fixed bug #69174 (leaks when unused inner class use\n traits precedence). (Laruence)\n\n - Fixed bug #69139 (Crash in gc_zval_possible_root on\n unserialize). (Laruence)\n\n - Fixed bug #69121 (Segfault in get_current_user when\n script owner is not in passwd with ZTS build). (dan at\n syneto dot net)\n\n - Fixed bug #65593 (Segfault when calling ob_start from\n output buffering callback). (Mike)\n\n - Fixed bug #68986 (pointer returned by\n php_stream_fopen_temporary_file not validated in\n memory.c). (nayana at ddproperty dot com)\n\n - Fixed bug #68166 (Exception with invalid character\n causes segv). (Rasmus)\n\n - Fixed bug #69141 (Missing arguments in reflection info\n for some builtin functions). (kostyantyn dot lysyy at\n oracle dot com)\n\n - Fixed bug #68976 (Use After Free Vulnerability in\n unserialize()) (CVE-2015-0231). (Stas)\n\n - Fixed bug #69134 (Per Directory Values overrides\n PHP_INI_SYSTEM configuration options). (Anatol Belski)\n\n - Fixed bug #69207 (move_uploaded_file allows nulls in\n path). (Stas)\n\nCGI :\n\n - Fixed bug #69015 (php-cgi's getopt does not see $argv).\n (Laruence)\n\nCLI :\n\n - Fixed bug #67741 (auto_prepend_file messes up __LINE__).\n (Reeze Xia)\n\ncURL :\n\n - Fixed bug #69088 (PHP_MINIT_FUNCTION does not fully\n initialize cURL on Win32). (Grant Pannell)\n\n - Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME\n constants if supported by libcurl. (Linus Unneback)\n\nEreg :\n\n - Fixed bug #69248 (heap overflow vulnerability in\n regcomp.c) (CVE-2015-2305). (Stas)\n\nFPM :\n\n - Fixed bug #68822 (request time is reset too early).\n (honghu069 at 163 dot com)\n\nODBC :\n\n - Fixed bug #68964 (Allowed memory size exhausted with\n odbc_exec). (Anatol)\n\nOpcache :\n\n - Fixed bug #69159 (Opcache causes problem when passing a\n variable variable to a function). (Dmitry, Laruence)\n\n - Fixed bug #69125 (Array numeric string as key).\n (Laruence)\n\n - Fixed bug #69038 (switch(SOMECONSTANT) misbehaves).\n (Laruence)\n\nOpenSSL :\n\n - Fixed bug #68912 (Segmentation fault at\n openssl_spki_new). (Laruence)\n\n - Fixed bug #61285, #68329, #68046, #41631 (encrypted\n streams don't observe socket timeouts). (Brad\n Broerman)\n\n - Fixed bug #68920 (use strict peer_fingerprint input\n checks) (Daniel Lowrey)\n\n - Fixed bug #68879 (IP Address fields in subjectAltNames\n not used) (Daniel Lowrey)\n\n - Fixed bug #68265 (SAN match fails with trailing DNS\n dot) (Daniel Lowrey)\n\n - Fixed bug #67403 (Add signatureType to\n openssl_x509_parse) (Daniel Lowrey)\n\n - Fixed bug (#69195 Inconsistent stream crypto values\n across versions) (Daniel Lowrey)\n\npgsql :\n\n - Fixed bug #68638 (pg_update() fails to store infinite\n values). (william dot welter at 4linux dot com dot br,\n Laruence)\n\nReadline :\n\n - Fixed bug #69054 (Null dereference in\n readline_(read|write)_history() without parameters).\n (Laruence)\n\nSOAP :\n\n - Fixed bug #69085 (SoapClient's __call() type confusion\n through unserialize()). (andrea dot palazzo at truel dot\n it, Laruence)\n\nSPL :\n\n - Fixed bug #69108 ('Segmentation fault' when\n (de)serializing SplObjectStorage). (Laruence)\n\n - Fixed bug #68557 (RecursiveDirectoryIterator::seek(0)\n broken after calling getChildren()). (Julien)\n\nZIP :\n\n - Fixed bug #69253 (ZIP Integer Overflow leads to writing\n past heap boundary) (CVE-2015-2331). (Stas)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1204868\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153929.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2fbf862d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"php-5.6.7-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-11T14:48:45", "description": "According to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.38. It is, therefore, affected by multiple vulnerabilities :\n\n - A heap-based buffer overflow flaw in the enchant_broker_request_dict function in ext/enchant/enchant.c could allow a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2014-9705)\n\n - A heap-based buffer overflow flaw in the GNU C Library (glibc) due to improperly validating user-supplied input in the glibc functions __nss_hostname_digits_dots(), gethostbyname(), and gethostbyname2(). This allows a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2015-0235)\n\n - A use-after-free flaw exists in the function php_date_timezone_initialize_from_hash() within the 'ext/date/php_date.c' script. An attacker can exploit this to access sensitive information or crash applications linked to PHP. (CVE-2015-0273)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2015-02-25T00:00:00", "type": "nessus", "title": "PHP 5.4.x < 5.4.38 Multiple Vulnerabilities (GHOST)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9705", "CVE-2015-0235", "CVE-2015-0273"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_4_38.NASL", "href": "https://www.tenable.com/plugins/nessus/81510", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81510);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2014-9705\", \"CVE-2015-0235\", \"CVE-2015-0273\");\n script_bugtraq_id(72325, 72701, 73031);\n script_xref(name:\"CERT\", value:\"967332\");\n\n script_name(english:\"PHP 5.4.x < 5.4.38 Multiple Vulnerabilities (GHOST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.4.x installed on the\nremote host is prior to 5.4.38. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A heap-based buffer overflow flaw in the\n enchant_broker_request_dict function in\n ext/enchant/enchant.c could allow a remote attacker\n to cause a buffer overflow, resulting in\n a denial of service condition or the execution of\n arbitrary code. (CVE-2014-9705)\n\n - A heap-based buffer overflow flaw in the GNU C Library\n (glibc) due to improperly validating user-supplied input\n in the glibc functions __nss_hostname_digits_dots(),\n gethostbyname(), and gethostbyname2(). This allows a\n remote attacker to cause a buffer overflow, resulting in\n a denial of service condition or the execution of\n arbitrary code. (CVE-2015-0235)\n\n - A use-after-free flaw exists in the function\n php_date_timezone_initialize_from_hash() within the\n 'ext/date/php_date.c' script. An attacker can exploit\n this to access sensitive information or crash\n applications linked to PHP. (CVE-2015-0273)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.4.38\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68942\");\n # https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7a6ddbd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.4.38 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-0235\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Exim GHOST (glibc gethostbyname) Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.4)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.4\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.4.x\", port);\n\nif (version =~ \"^5\\.4\\.([0-9]|[12][0-9]|3[0-7])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.4.38' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T14:35:33", "description": "Updated php packages fix security vulnerabilities :\n\nBuffer Over-read in unserialize when parsing Phar (CVE-2015-2783).\n\nBuffer Overflow when parsing tar/zip/phar in phar_set_inode (CVE-2015-3329).\n\nPotential remote code execution with apache 2.4 apache2handler (CVE-2015-3330).\n\nPHP has been updated to version 5.5.24, which fixes these issues and other bugs.\n\nAdditionally the timezonedb packages has been upgraded to the latest version and the PECL packages which requires so has been rebuilt for php-5.5.24.", "cvss3": {}, "published": "2015-04-28T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : php (MDVSA-2015:209)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2783", "CVE-2015-3329", "CVE-2015-3330"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:apache-mod_php", "p-cpe:/a:mandriva:linux:lib64php5_common5", "p-cpe:/a:mandriva:linux:php-apc", "p-cpe:/a:mandriva:linux:php-apc-admin", "p-cpe:/a:mandriva:linux:php-bcmath", "p-cpe:/a:mandriva:linux:php-bz2", "p-cpe:/a:mandriva:linux:php-calendar", "p-cpe:/a:mandriva:linux:php-cgi", "p-cpe:/a:mandriva:linux:php-cli", "p-cpe:/a:mandriva:linux:php-ctype", "p-cpe:/a:mandriva:linux:php-curl", "p-cpe:/a:mandriva:linux:php-dba", "p-cpe:/a:mandriva:linux:php-devel", "p-cpe:/a:mandriva:linux:php-doc", "p-cpe:/a:mandriva:linux:php-dom", "p-cpe:/a:mandriva:linux:php-enchant", "p-cpe:/a:mandriva:linux:php-exif", "p-cpe:/a:mandriva:linux:php-fileinfo", "p-cpe:/a:mandriva:linux:php-filter", "p-cpe:/a:mandriva:linux:php-fpm", "p-cpe:/a:mandriva:linux:php-ftp", "p-cpe:/a:mandriva:linux:php-gd", "p-cpe:/a:mandriva:linux:php-gettext", "p-cpe:/a:mandriva:linux:php-gmp", "p-cpe:/a:mandriva:linux:php-hash", "p-cpe:/a:mandriva:linux:php-iconv", "p-cpe:/a:mandriva:linux:php-imap", "p-cpe:/a:mandriva:linux:php-ini", "p-cpe:/a:mandriva:linux:php-interbase", "p-cpe:/a:mandriva:linux:php-intl", "p-cpe:/a:mandriva:linux:php-json", "p-cpe:/a:mandriva:linux:php-ldap", "p-cpe:/a:mandriva:linux:php-mbstring", "p-cpe:/a:mandriva:linux:php-mcrypt", "p-cpe:/a:mandriva:linux:php-mssql", "p-cpe:/a:mandriva:linux:php-mysql", "p-cpe:/a:mandriva:linux:php-mysqli", "p-cpe:/a:mandriva:linux:php-mysqlnd", "p-cpe:/a:mandriva:linux:php-odbc", "p-cpe:/a:mandriva:linux:php-opcache", "p-cpe:/a:mandriva:linux:php-openssl", "p-cpe:/a:mandriva:linux:php-pcntl", "p-cpe:/a:mandriva:linux:php-pdo", "p-cpe:/a:mandriva:linux:php-pdo_dblib", "p-cpe:/a:mandriva:linux:php-pdo_firebird", "p-cpe:/a:mandriva:linux:php-pdo_mysql", "p-cpe:/a:mandriva:linux:php-pdo_odbc", "p-cpe:/a:mandriva:linux:php-pdo_pgsql", "p-cpe:/a:mandriva:linux:php-pdo_sqlite", "p-cpe:/a:mandriva:linux:php-pgsql", "p-cpe:/a:mandriva:linux:php-phar", "p-cpe:/a:mandriva:linux:php-posix", "p-cpe:/a:mandriva:linux:php-readline", "p-cpe:/a:mandriva:linux:php-recode", "p-cpe:/a:mandriva:linux:php-session", "p-cpe:/a:mandriva:linux:php-shmop", "p-cpe:/a:mandriva:linux:php-snmp", "p-cpe:/a:mandriva:linux:php-soap", "p-cpe:/a:mandriva:linux:php-sockets", "p-cpe:/a:mandriva:linux:php-sqlite3", "p-cpe:/a:mandriva:linux:php-sybase_ct", "p-cpe:/a:mandriva:linux:php-sysvmsg", "p-cpe:/a:mandriva:linux:php-sysvsem", "p-cpe:/a:mandriva:linux:php-sysvshm", "p-cpe:/a:mandriva:linux:php-tidy", "p-cpe:/a:mandriva:linux:php-timezonedb", "p-cpe:/a:mandriva:linux:php-tokenizer", "p-cpe:/a:mandriva:linux:php-wddx", "p-cpe:/a:mandriva:linux:php-xml", "p-cpe:/a:mandriva:linux:php-xmlreader", "p-cpe:/a:mandriva:linux:php-xmlrpc", "p-cpe:/a:mandriva:linux:php-xmlwriter", "p-cpe:/a:mandriva:linux:php-xsl", "p-cpe:/a:mandriva:linux:php-zip", "p-cpe:/a:mandriva:linux:php-zlib", "cpe:/o:mandriva:business_server:1", "cpe:/o:mandriva:business_server:2"], "id": "MANDRIVA_MDVSA-2015-209.NASL", "href": "https://www.tenable.com/plugins/nessus/83101", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:209. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83101);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-2783\", \"CVE-2015-3329\", \"CVE-2015-3330\");\n script_xref(name:\"MDVSA\", value:\"2015:209\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php (MDVSA-2015:209)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php packages fix security vulnerabilities :\n\nBuffer Over-read in unserialize when parsing Phar (CVE-2015-2783).\n\nBuffer Overflow when parsing tar/zip/phar in phar_set_inode\n(CVE-2015-3329).\n\nPotential remote code execution with apache 2.4 apache2handler\n(CVE-2015-3330).\n\nPHP has been updated to version 5.5.24, which fixes these issues and\nother bugs.\n\nAdditionally the timezonedb packages has been upgraded to the latest\nversion and the PECL packages which requires so has been rebuilt for\nphp-5.5.24.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2015-0169.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64php5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-apc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-apc-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-interbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sybase_ct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-timezonedb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_php-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-apc-3.1.15-1.18.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-apc-admin-3.1.15-1.18.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-bcmath-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-bz2-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-calendar-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-cgi-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-cli-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ctype-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-curl-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-dba-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-devel-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-doc-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-dom-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-enchant-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-exif-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-fileinfo-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-filter-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-fpm-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ftp-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gd-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gettext-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gmp-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-hash-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-iconv-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-imap-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ini-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-intl-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-json-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ldap-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mbstring-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mcrypt-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mssql-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mysql-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mysqli-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-odbc-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-opcache-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-openssl-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pcntl-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_dblib-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_mysql-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_odbc-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_pgsql-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_sqlite-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pgsql-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-phar-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-posix-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-readline-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-recode-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-session-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-shmop-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-snmp-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-soap-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sockets-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sqlite3-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sybase_ct-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sysvmsg-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sysvsem-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sysvshm-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-tidy-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-timezonedb-2015.4-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-tokenizer-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-wddx-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xml-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xmlreader-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xmlwriter-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xsl-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-zip-5.5.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-zlib-5.5.24-1.mbs1\")) flag++;\n\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"apache-mod_php-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-bcmath-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-bz2-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-calendar-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-cgi-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-cli-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-ctype-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-curl-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-dba-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-devel-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-doc-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-dom-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-enchant-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-exif-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-fileinfo-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-filter-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-fpm-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-ftp-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-gd-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-gettext-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-gmp-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-hash-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-iconv-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-imap-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-ini-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-interbase-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-intl-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-json-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-ldap-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-mbstring-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-mcrypt-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-mssql-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-mysql-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-mysqli-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-odbc-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-opcache-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-openssl-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pcntl-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo_dblib-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo_firebird-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo_mysql-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo_odbc-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo_pgsql-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo_sqlite-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pgsql-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-phar-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-posix-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-readline-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-recode-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-session-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-shmop-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-snmp-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-soap-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-sockets-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-sqlite3-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-sybase_ct-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-sysvmsg-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-sysvsem-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-sysvshm-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-tidy-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-timezonedb-2015.4-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-tokenizer-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-wddx-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-xml-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-xmlreader-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-xmlwriter-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-xsl-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-zip-5.5.24-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-zlib-5.5.24-1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T14:36:56", "description": "PHP was updated to fix three security issues.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2015-3330: Specially crafted PHAR files could, when executed under Apache httpd 2.4 (apache2handler), allow arbitrary code execution (bnc#928506)\n\n - CVE-2015-3329: Specially crafted PHAR data could lead to disclosure of sensitive information due to a buffer overflow (bnc#928506)\n\n - CVE-2015-2783: Specially crafted PHAR data could lead to disclosure of sensitive information due to a buffer over-read (bnc#928511)\n\nOn openSUSE 13.2, the following bug was fixed :\n\n - boo#927147: php5-fpm did not start correctly", "cvss3": {}, "published": "2015-05-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : php5 (openSUSE-2015-352)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2783", "CVE-2015-3329", "CVE-2015-3330"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird", "p-cpe:/a:novell:opensuse:php5-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-opcache", "p-cpe:/a:novell:opensuse:php5-opcache-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2015-352.NASL", "href": "https://www.tenable.com/plugins/nessus/83391", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-352.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83391);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-2783\", \"CVE-2015-3329\", \"CVE-2015-3330\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-2015-352)\");\n script_summary(english:\"Check for the openSUSE-2015-352 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP was updated to fix three security issues.\n\nThe following vulnerabilities were fixed :\n\n - CVE-2015-3330: Specially crafted PHAR files could, when\n executed under Apache httpd 2.4 (apache2handler), allow\n arbitrary code execution (bnc#928506)\n\n - CVE-2015-3329: Specially crafted PHAR data could lead to\n disclosure of sensitive information due to a buffer\n overflow (bnc#928506)\n\n - CVE-2015-2783: Specially crafted PHAR data could lead to\n disclosure of sensitive information due to a buffer\n over-read (bnc#928511)\n\nOn openSUSE 13.2, the following bug was fixed :\n\n - boo#927147: php5-fpm did not start correctly\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=927147\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=928408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=928506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=928511\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debugsource-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-devel-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pear-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-debuginfo-5.4.20-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debugsource-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-devel-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pear-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-debuginfo-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-5.6.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-debuginfo-5.6.1-21.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:54:12", "description": "A use-after-free flaw was found in PHP's OPcache extension. This flaw could possibly lead to a disclosure of portion of server memory.\n(CVE-2015-1351)\n\nA NULL pointer dereference flaw was found in PHP's pgsql extension. A specially crafted table name passed to function as pg_insert() or pg_select() could cause a PHP application to crash. (CVE-2015-1352)\n\nA buffer overflow flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened.\n(CVE-2015-3329)", "cvss3": {}, "published": "2015-04-20T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php55 (ALAS-2015-510)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1351", "CVE-2015-1352", "CVE-2015-3329"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php55", "p-cpe:/a:amazon:linux:php55-bcmath", "p-cpe:/a:amazon:linux:php55-cli", "p-cpe:/a:amazon:linux:php55-common", "p-cpe:/a:amazon:linux:php55-dba", "p-cpe:/a:amazon:linux:php55-debuginfo", "p-cpe:/a:amazon:linux:php55-devel", "p-cpe:/a:amazon:linux:php55-embedded", "p-cpe:/a:amazon:linux:php55-enchant", "p-cpe:/a:amazon:linux:php55-fpm", "p-cpe:/a:amazon:linux:php55-gd", "p-cpe:/a:amazon:linux:php55-gmp", "p-cpe:/a:amazon:linux:php55-imap", "p-cpe:/a:amazon:linux:php55-intl", "p-cpe:/a:amazon:linux:php55-ldap", "p-cpe:/a:amazon:linux:php55-mbstring", "p-cpe:/a:amazon:linux:php55-mcrypt", "p-cpe:/a:amazon:linux:php55-mssql", "p-cpe:/a:amazon:linux:php55-mysqlnd", "p-cpe:/a:amazon:linux:php55-odbc", "p-cpe:/a:amazon:linux:php55-opcache", "p-cpe:/a:amazon:linux:php55-pdo", "p-cpe:/a:amazon:linux:php55-pgsql", "p-cpe:/a:amazon:linux:php55-process", "p-cpe:/a:amazon:linux:php55-pspell", "p-cpe:/a:amazon:linux:php55-recode", "p-cpe:/a:amazon:linux:php55-snmp", "p-cpe:/a:amazon:linux:php55-soap", "p-cpe:/a:amazon:linux:php55-tidy", "p-cpe:/a:amazon:linux:php55-xml", "p-cpe:/a:amazon:linux:php55-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-510.NASL", "href": "https://www.tenable.com/plugins/nessus/82857", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-510.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82857);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-1351\", \"CVE-2015-1352\", \"CVE-2015-3329\");\n script_xref(name:\"ALAS\", value:\"2015-510\");\n\n script_name(english:\"Amazon Linux AMI : php55 (ALAS-2015-510)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free flaw was found in PHP's OPcache extension. This flaw\ncould possibly lead to a disclosure of portion of server memory.\n(CVE-2015-1351)\n\nA NULL pointer dereference flaw was found in PHP's pgsql extension. A\nspecially crafted table name passed to function as pg_insert() or\npg_select() could cause a PHP application to crash. (CVE-2015-1352)\n\nA buffer overflow flaw was found in the way PHP's Phar extension\nparsed Phar archives. A specially crafted archive could cause PHP to\ncrash or, possibly, execute arbitrary code when opened.\n(CVE-2015-3329)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-510.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php55' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php55-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-bcmath-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-cli-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-common-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-dba-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-debuginfo-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-devel-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-embedded-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-enchant-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-fpm-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-gd-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-gmp-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-imap-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-intl-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-ldap-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mbstring-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mcrypt-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mssql-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mysqlnd-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-odbc-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-opcache-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pdo-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pgsql-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-process-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pspell-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-recode-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-snmp-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-soap-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-tidy-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-xml-5.5.24-1.100.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-xmlrpc-5.5.24-1.100.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php55 / php55-bcmath / php55-cli / php55-common / php55-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:22", "description": "A use-after-free flaw was found in PHP's OPcache extension. This flaw could possibly lead to a disclosure of portion of server memory.\n(CVE-2015-1351)\n\nA NULL pointer dereference flaw was found in PHP's pgsql extension. A specially crafted table name passed to function as pg_insert() or pg_select() could cause a PHP application to crash. (CVE-2015-1352)\n\nA buffer overflow flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened.\n(CVE-2015-3329)", "cvss3": {}, "published": "2015-04-20T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php56 (ALAS-2015-511)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1351", "CVE-2015-1352", "CVE-2015-3329"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php56", "p-cpe:/a:amazon:linux:php56-bcmath", "p-cpe:/a:amazon:linux:php56-cli", "p-cpe:/a:amazon:linux:php56-common", "p-cpe:/a:amazon:linux:php56-dba", "p-cpe:/a:amazon:linux:php56-dbg", "p-cpe:/a:amazon:linux:php56-debuginfo", "p-cpe:/a:amazon:linux:php56-devel", "p-cpe:/a:amazon:linux:php56-embedded", "p-cpe:/a:amazon:linux:php56-enchant", "p-cpe:/a:amazon:linux:php56-fpm", "p-cpe:/a:amazon:linux:php56-gd", "p-cpe:/a:amazon:linux:php56-gmp", "p-cpe:/a:amazon:linux:php56-imap", "p-cpe:/a:amazon:linux:php56-intl", "p-cpe:/a:amazon:linux:php56-ldap", "p-cpe:/a:amazon:linux:php56-mbstring", "p-cpe:/a:amazon:linux:php56-mcrypt", "p-cpe:/a:amazon:linux:php56-mssql", "p-cpe:/a:amazon:linux:php56-mysqlnd", "p-cpe:/a:amazon:linux:php56-odbc", "p-cpe:/a:amazon:linux:php56-opcache", "p-cpe:/a:amazon:linux:php56-pdo", "p-cpe:/a:amazon:linux:php56-pgsql", "p-cpe:/a:amazon:linux:php56-process", "p-cpe:/a:amazon:linux:php56-pspell", "p-cpe:/a:amazon:linux:php56-recode", "p-cpe:/a:amazon:linux:php56-snmp", "p-cpe:/a:amazon:linux:php56-soap", "p-cpe:/a:amazon:linux:php56-tidy", "p-cpe:/a:amazon:linux:php56-xml", "p-cpe:/a:amazon:linux:php56-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-511.NASL", "href": "https://www.tenable.com/plugins/nessus/82858", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-511.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82858);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-1351\", \"CVE-2015-1352\", \"CVE-2015-3329\");\n script_xref(name:\"ALAS\", value:\"2015-511\");\n\n script_name(english:\"Amazon Linux AMI : php56 (ALAS-2015-511)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free flaw was found in PHP's OPcache extension. This flaw\ncould possibly lead to a disclosure of portion of server memory.\n(CVE-2015-1351)\n\nA NULL pointer dereference flaw was found in PHP's pgsql extension. A\nspecially crafted table name passed to function as pg_insert() or\npg_select() could cause a PHP application to crash. (CVE-2015-1352)\n\nA buffer overflow flaw was found in the way PHP's Phar extension\nparsed Phar archives. A specially crafted archive could cause PHP to\ncrash or, possibly, execute arbitrary code when opened.\n(CVE-2015-3329)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-511.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php56' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php56-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-bcmath-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-cli-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-common-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dba-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dbg-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-debuginfo-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-devel-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-embedded-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-enchant-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-fpm-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gd-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gmp-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-imap-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-intl-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-ldap-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mbstring-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mcrypt-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mssql-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mysqlnd-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-odbc-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-opcache-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pdo-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pgsql-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-process-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pspell-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-recode-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-snmp-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-soap-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-tidy-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xml-5.6.8-1.111.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xmlrpc-5.6.8-1.111.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php56 / php56-bcmath / php56-cli / php56-common / php56-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:41", "description": "16 Apr 2015, **PHP 5.6.8**\n\nCore :\n\n - Fixed bug #66609 (php crashes with __get() and ++ operator in some cases). (Dmitry, Laruence)\n\n - Fixed bug #68021 (get_browser() browser_name_regex returns non-utf-8 characters). (Tjerk)\n\n - Fixed bug #68917 (parse_url fails on some partial urls). (Wei Dai)\n\n - Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options). (Anatol Belski)\n\n - Additional fix for bug #69152 (Type confusion vulnerability in exception::getTraceAsString). (Stas)\n\n - Fixed bug #69210 (serialize function return corrupted data when sleep has non-string values). (Juan Basso)\n\n - Fixed bug #69212 (Leaking VIA_HANDLER func when exception thrown in __call/... arg passing). (Nikita)\n\n - Fixed bug #69221 (Segmentation fault when using a generator in combination with an Iterator). (Nikita)\n\n - Fixed bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability). (Stas)\n\n - Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions). (Stas)\n\nApache2handler :\n\n - Fixed bug #69218 (potential remote code execution with apache 2.4 apache2handler). (Gerrit Venema)\n\ncURL :\n\n - Implemented FR#69278 (HTTP2 support). (Masaki Kagaya)\n\n - Fixed bug #68739 (Missing break / control flow).\n (Laruence)\n\n - Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER). (Laruence)\n\nDate :\n\n - Fixed bug #69336 (Issues with 'last day of <monthname>'). (Derick Rethans)\n\nEnchant :\n\n - Fixed bug #65406 (Enchant broker plugins are in the wrong place in windows builds). (Anatol)\n\nEreg :\n\n - Fixed bug #68740 (NULL pointer Dereference). (Laruence)\n\nFileinfo :\n\n - Fixed bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault). (Anatol Belski)\n\nFilter :\n\n - Fixed bug #69202: (FILTER_FLAG_STRIP_BACKTICK ignored unless other flags are used). (Jeff Welch)\n\n - Fixed bug #69203 (FILTER_FLAG_STRIP_HIGH doesn't strip ASCII 127). (Jeff Welch)\n\nOPCache :\n\n - Fixed bug #69297 (function_exists strange behavior with OPCache on disabled function). (Laruence)\n\n - Fixed bug #69281 (opcache_is_script_cached no longer works). (danack)\n\n - Fixed bug #68677 (Use After Free). (CVE-2015-1351) (Laruence)\n\nOpenSSL\n\n - Fixed bugs #68853, #65137 (Buffered crypto stream data breaks IO polling in stream_select() contexts) (Chris Wright)\n\n - Fixed bug #69197 (openssl_pkcs7_sign handles default value incorrectly) (Daniel Lowrey)\n\n - Fixed bug #69215 (Crypto servers should send client CA list) (Daniel Lowrey)\n\n - Add a check for RAND_egd to allow compiling against LibreSSL (Leigh)\n\nPhar :\n\n - Fixed bug #64343 (PharData::extractTo fails for tarball created by BSD tar). (Mike)\n\n - Fixed bug #64931 (phar_add_file is too restrictive on filename). (Mike)\n\n - Fixed bug #65467 (Call to undefined method cli_arg_typ_string). (Mike)\n\n - Fixed bug #67761 (Phar::mapPhar fails for Phars inside a path containing '.tar'). (Mike)\n\n - Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar). (Stas)\n\n - Fixed bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode). (Stas)\n\nPostgres :\n\n - Fixed bug #68741 (NULL pointer dereference).\n (CVE-2015-1352) (Laruence)\n\nSPL :\n\n - Fixed bug #69227 (Use after free in zval_scan caused by spl_object_storage_get_gc). (adam dot scarr at 99designs dot com)\n\nSOAP :\n\n - Fixed bug #69293 (NEW segfault when using SoapClient::__setSoapHeader (bisected, regression)).\n (Laruence)\n\nSqlite3 :\n\n - Fixed bug #68760 (SQLITE segfaults if custom collator throws an exception). (Dan Ackroyd)\n\n - Fixed bug #69287 (Upgrade bundled libsqlite to 3.8.8.3). (Anatol)\n\n - Fixed bug #66550 (SQLite prepared statement use-after-free). (Sean Heelan)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-04-24T00:00:00", "type": "nessus", "title": "Fedora 21 : php-5.6.8-1.fc21 (2015-6407)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1351", "CVE-2015-1352", "CVE-2015-2783"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-6407.NASL", "href": "https://www.tenable.com/plugins/nessus/83044", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-6407.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83044);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1351\", \"CVE-2015-1352\", \"CVE-2015-2783\");\n script_xref(name:\"FEDORA\", value:\"2015-6407\");\n\n script_name(english:\"Fedora 21 : php-5.6.8-1.fc21 (2015-6407)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"16 Apr 2015, **PHP 5.6.8**\n\nCore :\n\n - Fixed bug #66609 (php crashes with __get() and ++\n operator in some cases). (Dmitry, Laruence)\n\n - Fixed bug #68021 (get_browser() browser_name_regex\n returns non-utf-8 characters). (Tjerk)\n\n - Fixed bug #68917 (parse_url fails on some partial\n urls). (Wei Dai)\n\n - Fixed bug #69134 (Per Directory Values overrides\n PHP_INI_SYSTEM configuration options). (Anatol Belski)\n\n - Additional fix for bug #69152 (Type confusion\n vulnerability in exception::getTraceAsString). (Stas)\n\n - Fixed bug #69210 (serialize function return corrupted\n data when sleep has non-string values). (Juan Basso)\n\n - Fixed bug #69212 (Leaking VIA_HANDLER func when\n exception thrown in __call/... arg passing). (Nikita)\n\n - Fixed bug #69221 (Segmentation fault when using a\n generator in combination with an Iterator). (Nikita)\n\n - Fixed bug #69337 (php_stream_url_wrap_http_ex()\n type-confusion vulnerability). (Stas)\n\n - Fixed bug #69353 (Missing null byte checks for paths\n in various PHP extensions). (Stas)\n\nApache2handler :\n\n - Fixed bug #69218 (potential remote code execution with\n apache 2.4 apache2handler). (Gerrit Venema)\n\ncURL :\n\n - Implemented FR#69278 (HTTP2 support). (Masaki Kagaya)\n\n - Fixed bug #68739 (Missing break / control flow).\n (Laruence)\n\n - Fixed bug #69316 (Use-after-free in php_curl related\n to CURLOPT_FILE/_INFILE/_WRITEHEADER). (Laruence)\n\nDate :\n\n - Fixed bug #69336 (Issues with 'last day of\n <monthname>'). (Derick Rethans)\n\nEnchant :\n\n - Fixed bug #65406 (Enchant broker plugins are in the\n wrong place in windows builds). (Anatol)\n\nEreg :\n\n - Fixed bug #68740 (NULL pointer Dereference). (Laruence)\n\nFileinfo :\n\n - Fixed bug #68819 (Fileinfo on specific file causes\n spurious OOM and/or segfault). (Anatol Belski)\n\nFilter :\n\n - Fixed bug #69202: (FILTER_FLAG_STRIP_BACKTICK ignored\n unless other flags are used). (Jeff Welch)\n\n - Fixed bug #69203 (FILTER_FLAG_STRIP_HIGH doesn't strip\n ASCII 127). (Jeff Welch)\n\nOPCache :\n\n - Fixed bug #69297 (function_exists strange behavior with\n OPCache on disabled function). (Laruence)\n\n - Fixed bug #69281 (opcache_is_script_cached no longer\n works). (danack)\n\n - Fixed bug #68677 (Use After Free). (CVE-2015-1351)\n (Laruence)\n\nOpenSSL\n\n - Fixed bugs #68853, #65137 (Buffered crypto stream data\n breaks IO polling in stream_select() contexts) (Chris\n Wright)\n\n - Fixed bug #69197 (openssl_pkcs7_sign handles default\n value incorrectly) (Daniel Lowrey)\n\n - Fixed bug #69215 (Crypto servers should send client CA\n list) (Daniel Lowrey)\n\n - Add a check for RAND_egd to allow compiling against\n LibreSSL (Leigh)\n\nPhar :\n\n - Fixed bug #64343 (PharData::extractTo fails for tarball\n created by BSD tar). (Mike)\n\n - Fixed bug #64931 (phar_add_file is too restrictive on\n filename). (Mike)\n\n - Fixed bug #65467 (Call to undefined method\n cli_arg_typ_string). (Mike)\n\n - Fixed bug #67761 (Phar::mapPhar fails for Phars inside\n a path containing '.tar'). (Mike)\n\n - Fixed bug #69324 (Buffer Over-read in unserialize when\n parsing Phar). (Stas)\n\n - Fixed bug #69441 (Buffer Overflow when parsing\n tar/zip/phar in phar_set_inode). (Stas)\n\nPostgres :\n\n - Fixed bug #68741 (NULL pointer dereference).\n (CVE-2015-1352) (Laruence)\n\nSPL :\n\n - Fixed bug #69227 (Use after free in zval_scan caused by\n spl_object_storage_get_gc). (adam dot scarr at 99designs\n dot com)\n\nSOAP :\n\n - Fixed bug #69293 (NEW segfault when using\n SoapClient::__setSoapHeader (bisected, regression)).\n (Laruence)\n\nSqlite3 :\n\n - Fixed bug #68760 (SQLITE segfaults if custom collator\n throws an exception). (Dan Ackroyd)\n\n - Fixed bug #69287 (Upgrade bundled libsqlite to\n 3.8.8.3). (Anatol)\n\n - Fixed bug #66550 (SQLite prepared statement\n use-after-free). (Sean Heelan)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185900\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1185904\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213407\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213416\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213442\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1213446\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-April/155932.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7e19a0be\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"php-5.6.8-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:44:30", "description": "According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.7. It is, therefore, affected by multiple vulnerabilities :\n\n - A use-after-free error exists related to function 'unserialize', which can allow a remote attacker to execute arbitrary code. Note that this issue is due to an incomplete fix for CVE-2014-8142. (CVE-2015-0231)\n\n - An integer overflow error exists in function 'regcomp' in the Henry Spencer regex library, due to improper validation of user-supplied input. An attacker can exploit this to cause a denial of service or to execute arbitrary code. (CVE-2015-2305)\n\n - An integer overflow error exists in the '_zip_cdir_new' function, due to improper validation of user-supplied input. An attacker, using a crafted ZIP archive, can exploit this to cause a denial of service or to execute arbitrary code. (CVE-2015-2331)\n\n - A filter bypass vulnerability exists due to a flaw in the move_uploaded_file() function in which pathnames are truncated when a NULL byte is encountered. This allows a remote attacker, via a crafted second argument, to bypass intended extension restrictions and create files with unexpected names. (CVE-2015-2348)\n\n - A user-after-free error exists in the process_nested_data() function. This allows a remote attacker, via a crafted unserialize call, to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2015-2787)\n\nNote that the scanner has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-01-09T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8142", "CVE-2015-0231", "CVE-2015-2305", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-2787", "CVE-2015-4147", "CVE-2015-4148"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98830", "href": "https://www.tenable.com/plugins/was/98830", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:15", "description": "According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.7. It is, therefore, affected by multiple vulnerabilities :\n\n - A use-after-free error exists related to function 'unserialize', which can allow a remote attacker to execute arbitrary code. Note that this issue is due to an incomplete fix for CVE-2014-8142. (CVE-2015-0231)\n\n - An integer overflow error exists in function 'regcomp' in the Henry Spencer regex library, due to improper validation of user-supplied input. An attacker can exploit this to cause a denial of service or to execute arbitrary code. (CVE-2015-2305)\n\n - An integer overflow error exists in the '_zip_cdir_new' function, due to improper validation of user-supplied input. An attacker, using a crafted ZIP archive, can exploit this to cause a denial of service or to execute arbitrary code. (CVE-2015-2331)\n\n - A filter bypass vulnerability exists due to a flaw in the move_uploaded_file() function in which pathnames are truncated when a NULL byte is encountered. This allows a remote attacker, via a crafted second argument, to bypass intended extension restrictions and create files with unexpected names. (CVE-2015-2348)\n\n - A user-after-free error exists in the process_nested_data() function. This allows a remote attacker, via a crafted unserialize call, to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2015-2787)\n\n - A type confusion vulnerability in the SoapClient's __call() function in ext/soap/soap.c could allow a remote attacker to execute arbitrary code by providing crafted serialized data with an unexpected data type (CVE-2015-4147, CVE-2015-4148)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2015-03-24T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8142", "CVE-2015-0231", "CVE-2015-2305", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-2787", "CVE-2015-4147", "CVE-2015-4148"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_6_7.NASL", "href": "https://www.tenable.com/plugins/nessus/82027", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82027);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2015-0231\",\n \"CVE-2015-2305\",\n \"CVE-2015-2331\",\n \"CVE-2015-2348\",\n \"CVE-2015-2787\",\n \"CVE-2015-4147\",\n \"CVE-2015-4148\"\n );\n script_bugtraq_id(\n 72539,\n 73182,\n 73357,\n 73381,\n 73383,\n 73385,\n 73431,\n 73434,\n 75103\n );\n\n script_name(english:\"PHP 5.6.x < 5.6.7 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.6.x installed on the\nremote host is prior to 5.6.7. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A use-after-free error exists related to function\n 'unserialize', which can allow a remote attacker to\n execute arbitrary code. Note that this issue is due to\n an incomplete fix for CVE-2014-8142. (CVE-2015-0231)\n\n - An integer overflow error exists in function 'regcomp'\n in the Henry Spencer regex library, due to improper\n validation of user-supplied input. An attacker can\n exploit this to cause a denial of service or to execute\n arbitrary code. (CVE-2015-2305)\n\n - An integer overflow error exists in the '_zip_cdir_new'\n function, due to improper validation of user-supplied\n input. An attacker, using a crafted ZIP archive, can\n exploit this to cause a denial of service or to execute\n arbitrary code. (CVE-2015-2331)\n\n - A filter bypass vulnerability exists due to a flaw in\n the move_uploaded_file() function in which pathnames are\n truncated when a NULL byte is encountered. This allows a\n remote attacker, via a crafted second argument, to\n bypass intended extension restrictions and create files\n with unexpected names. (CVE-2015-2348)\n\n - A user-after-free error exists in the\n process_nested_data() function. This allows a remote\n attacker, via a crafted unserialize call, to dereference\n already freed memory, resulting in the execution of\n arbitrary code. (CVE-2015-2787)\n\n - A type confusion vulnerability in the\n SoapClient's __call() function in ext/soap/soap.c\n could allow a remote attacker to execute arbitrary\n code by providing crafted serialized data with an\n unexpected data type (CVE-2015-4147, CVE-2015-4148)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.6.7\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=69207\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68976\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.6.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4147\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.6)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.6\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.6.x\", port);\n\nif (version =~ \"^5\\.6\\.[0-6]($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.6.7' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:47", "description": "According to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.39. It is, therefore, affected by multiple vulnerabilities :\n\n - A use-after-free error exists related to function 'unserialize', which can allow a remote attacker to execute arbitrary code. Note that this issue is due to an incomplete fix for CVE-2014-8142. (CVE-2015-0231)\n\n - An integer overflow error exists in function 'regcomp' in the Henry Spencer regex library, due to improper validation of user-supplied input. An attacker can exploit this to cause a denial of service or to execute arbitrary code. (CVE-2015-2305)\n\n - An integer overflow error exists in the '_zip_cdir_new' function, due to improper validation of user-supplied input. An attacker, using a crafted ZIP archive, can exploit this to cause a denial of service or to execute arbitrary code. (CVE-2015-2331)\n\n - A filter bypass vulnerability exists due to a flaw in the move_uploaded_file() function in which pathnames are truncated when a NULL byte is encountered. This allows a remote attacker, via a crafted second argument, to bypass intended extension restrictions and create files with unexpected names. (CVE-2015-2348)\n\n - A user-after-free error exists in the process_nested_data() function. This allows a remote attacker, via a crafted unserialize call, to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2015-2787)\n\n - A type confusion vulnerability in the SoapClient's __call() function in ext/soap/soap.c could allow a remote attacker to execute arbitrary code by providing crafted serialized data with an unexpected data type (CVE-2015-4147, CVE-2015-4148)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2015-03-24T00:00:00", "type": "nessus", "title": "PHP 5.4.x < 5.4.39 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8142", "CVE-2015-0231", "CVE-2015-2305", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-2787", "CVE-2015-4147", "CVE-2015-4148"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_4_39.NASL", "href": "https://www.tenable.com/plugins/nessus/82025", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82025);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2015-0231\",\n \"CVE-2015-2305\",\n \"CVE-2015-2331\",\n \"CVE-2015-2348\",\n \"CVE-2015-2787\",\n \"CVE-2015-4147\",\n \"CVE-2015-4148\"\n );\n script_bugtraq_id(\n 72539,\n 73182,\n 73357,\n 73381,\n 73383,\n 73385,\n 73431,\n 73434,\n 75103\n );\n\n script_name(english:\"PHP 5.4.x < 5.4.39 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.4.x installed on the\nremote host is prior to 5.4.39. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A use-after-free error exists related to function\n 'unserialize', which can allow a remote attacker to\n execute arbitrary code. Note that this issue is due to\n an incomplete fix for CVE-2014-8142. (CVE-2015-0231)\n\n - An integer overflow error exists in function 'regcomp'\n in the Henry Spencer regex library, due to improper\n validation of user-supplied input. An attacker can\n exploit this to cause a denial of service or to execute\n arbitrary code. (CVE-2015-2305)\n\n - An integer overflow error exists in the '_zip_cdir_new'\n function, due to improper validation of user-supplied\n input. An attacker, using a crafted ZIP archive, can\n exploit this to cause a denial of service or to execute\n arbitrary code. (CVE-2015-2331)\n\n - A filter bypass vulnerability exists due to a flaw in\n the move_uploaded_file() function in which pathnames are\n truncated when a NULL byte is encountered. This allows a\n remote attacker, via a crafted second argument, to\n bypass intended extension restrictions and create files\n with unexpected names. (CVE-2015-2348)\n\n - A user-after-free error exists in the\n process_nested_data() function. This allows a remote\n attacker, via a crafted unserialize call, to dereference\n already freed memory, resulting in the execution of\n arbitrary code. (CVE-2015-2787)\n\n - A type confusion vulnerability in the\n SoapClient's __call() function in ext/soap/soap.c\n could allow a remote attacker to execute arbitrary\n code by providing crafted serialized data with an\n unexpected data type (CVE-2015-4147, CVE-2015-4148)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.4.39\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=69207\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68976\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.4.39 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4147\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.4)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.4\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.4.x\", port);\n\nif (version =~ \"^5\\.4\\.([0-9]|[12][0-9]|3[0-8])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.4.39' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:14", "description": "According to its banner, the version of PHP 5.5.x installed on the remote host is prior to 5.5.23. It is, therefore, affected by multiple vulnerabilities :\n\n - A use-after-free error exists related to function 'unserialize', which can allow a remote attacker to execute arbitrary code. Note that this issue is due to an incomplete fix for CVE-2014-8142. (CVE-2015-0231)\n\n - An integer overflow error exists in function 'regcomp' in the Henry Spencer regex library, due to improper validation of user-supplied input. An attacker can exploit this to cause a denial of service or to execute arbitrary code. (CVE-2015-2305)\n\n - An integer overflow error exists in the '_zip_cdir_new' function, due to improper validation of user-supplied input. An attacker, using a crafted ZIP archive, can exploit this to cause a denial of service or to execute arbitrary code. (CVE-2015-2331)\n\n - A filter bypass vulnerability exists due to a flaw in the move_uploaded_file() function in which pathnames are truncated when a NULL byte is encountered. This allows a remote attacker, via a crafted second argument, to bypass intended extension restrictions and create files with unexpected names. (CVE-2015-2348)\n\n - A user-after-free error exists in the process_nested_data() function. This allows a remote attacker, via a crafted unserialize call, to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2015-2787)\n\n - A type confusion vulnerability in the SoapClient's __call() function in ext/soap/soap.c could allow a remote attacker to execute arbitrary code by providing crafted serialized data with an unexpected data type (CVE-2015-4147, CVE-2015-4148)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2015-03-24T00:00:00", "type": "nessus", "title": "PHP 5.5.x < 5.5.23 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8142", "CVE-2015-0231", "CVE-2015-2305", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-2787", "CVE-2015-4147", "CVE-2015-4148"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_5_23.NASL", "href": "https://www.tenable.com/plugins/nessus/82026", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82026);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2015-0231\",\n \"CVE-2015-2305\",\n \"CVE-2015-2331\",\n \"CVE-2015-2348\",\n \"CVE-2015-2787\",\n \"CVE-2015-4147\",\n \"CVE-2015-4148\"\n );\n script_bugtraq_id(\n 72539,\n 73182,\n 73357,\n 73381,\n 73383,\n 73385,\n 73431,\n 73434,\n 75103\n );\n\n script_name(english:\"PHP 5.5.x < 5.5.23 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.5.x installed on the\nremote host is prior to 5.5.23. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A use-after-free error exists related to function\n 'unserialize', which can allow a remote attacker to\n execute arbitrary code. Note that this issue is due to\n an incomplete fix for CVE-2014-8142. (CVE-2015-0231)\n\n - An integer overflow error exists in function 'regcomp'\n in the Henry Spencer regex library, due to improper\n validation of user-supplied input. An attacker can\n exploit this to cause a denial of service or to execute\n arbitrary code. (CVE-2015-2305)\n\n - An integer overflow error exists in the '_zip_cdir_new'\n function, due to improper validation of user-supplied\n input. An attacker, using a crafted ZIP archive, can\n exploit this to cause a denial of service or to execute\n arbitrary code. (CVE-2015-2331)\n\n - A filter bypass vulnerability exists due to a flaw in\n the move_uploaded_file() function in which pathnames are\n truncated when a NULL byte is encountered. This allows a\n remote attacker, via a crafted second argument, to\n bypass intended extension restrictions and create files\n with unexpected names. (CVE-2015-2348)\n\n - A user-after-free error exists in the\n process_nested_data() function. This allows a remote\n attacker, via a crafted unserialize call, to dereference\n already freed memory, resulting in the execution of\n arbitrary code. (CVE-2015-2787)\n\n - A type confusion vulnerability in the\n SoapClient's __call() function in ext/soap/soap.c\n could allow a remote attacker to execute arbitrary\n code by providing crafted serialized data with an\n unexpected data type (CVE-2015-4147, CVE-2015-4148)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.5.23\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=69207\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=68976\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.5.23 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4147\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.5)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.5\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.5.x\", port);\n\nif (version =~ \"^5\\.5\\.([0-9]|1[0-9]|2[0-2])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.5.23' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:49", "description": "Versions of PHP 5.4.x earlier than 5.4.39, 5.5.x earlier than 5.5.23, or 5.6.x earlier than 5.6.7 are exposed to the following issues :\n\n - A use-after-free error exists related to function 'unserialize', which can allow a remote attacker to execute arbitrary code. Note that this issue exists due to an incomplete fix for CVE-2014-8142. (Bug 68594 / CVE-2015-0231)\n\n - A heap-based buffer overflow error exists in function 'regcomp' in the Henry Spencer regex library due to improper validation of user-supplied input. An attacker can exploit this to cause a denial of service or to execute arbitrary code. (Bug 69248 / CVE-2015-2305)\n\n - An integer overflow error exists in the '_zip_cdir_new' function, due to improper validation of user-supplied input. An attacker, using a crafted ZIP archive, can exploit this to cause a denial of service or to execute arbitrary code. (Bug 69253 / CVE-2015-2331)\n\n - A filter bypass vulnerability exists due to a flaw in the move_uploaded_file() function in which pathnames are truncated when a NULL byte is encountered. This allows a remote attacker, via a crafted second argument, to bypass intended extension restrictions and create files with unexpected names. (Bug 69207 / CVE-2015-2348)\n\n - A use-after-free error exists in the process_nested_data() function. This allows a remote attacker, via a crafted unserialize call, to dereference already freed memory, resulting in the execution of arbitrary code. (Bug 68976 / CVE-2015-2787)\n\n - A type confusion flaw exists in the __call() method and do_soap_call() function in SoapClient that is triggered when handling arrays. This may allow a remote attacker to execute arbitrary code. (CVE-2015-4147, CVE-2015-4148)", "cvss3": {}, "published": "2015-04-09T00:00:00", "type": "nessus", "title": "PHP 5.4.x < 5.4.39 / 5.5.x < 5.5.23 / 5.6.x < 5.6.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8142", "CVE-2015-0231", "CVE-2015-2305", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-2787", "CVE-2015-4147", "CVE-2015-4148"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "8681.PRM", "href": "https://www.tenable.com/plugins/nnm/8681", "sourceData": "Binary data 8681.prm", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:21", "description": "The remote host is affected by the vulnerability described in GLSA-201503-03 (PHP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker can leverage these vulnerabilities to execute arbitrary code or cause Denial of Service.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2015-03-09T00:00:00", "type": "nessus", "title": "GLSA-201503-03 : PHP: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3710", "CVE-2014-8142", "CVE-2014-9425", "CVE-2014-9427", "CVE-2015-0231", "CVE-2015-0232"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:php", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201503-03.NASL", "href": "https://www.tenable.com/plugins/nessus/81688", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201503-03.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81688);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3710\", \"CVE-2014-8142\", \"CVE-2014-9425\", \"CVE-2014-9427\", \"CVE-2015-0231\", \"CVE-2015-0232\");\n script_bugtraq_id(70807, 71791, 71800, 71833, 72539, 72541);\n script_xref(name:\"GLSA\", value:\"201503-03\");\n\n script_name(english:\"GLSA-201503-03 : PHP: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201503-03\n(PHP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PHP. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can leverage these vulnerabilities to execute\n arbitrary code or cause Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201503-03\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All PHP 5.5 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.5.21'\n All PHP 5.4 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.4.37'\n All PHP 5.3 users should upgrade to the latest version. This branch is\n currently past the end of life and it will no longer receive security\n fixes. All PHP 5.3 users are strongly recommended to upgrade to the\n current stable version of PHP 5.5 or previous stable version of PHP 5.4,\n which are supported till at least 2016 and 2015 respectively.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/php\", unaffected:make_list(\"ge 5.5.21\", \"rge 5.4.37\", \"rge 5.4.38\", \"rge 5.4.39\", \"rge 5.4.40\", \"rge 5.4.41\", \"rge 5.4.42\", \"rge 5.4.43\", \"rge 5.4.44\", \"rge 5.4.45\"), vulnerable:make_list(\"lt 5.5.21\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PHP\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:08", "description": "Thomas Jarosch discovered that PHP incorrectly limited recursion in the fileinfo extension. A remote attacker could possibly use this issue to cause PHP to consume resources or crash, resulting in a denial of service. (CVE-2014-8117)\n\nS. Paraschoudis discovered that PHP incorrectly handled memory in the enchant binding. A remote attacker could use this issue to cause PHP to crash,