{"id": "REDHAT-RHSA-2015-0021.NASL", "bulletinFamily": "scanner", "title": "RHEL 6 : php (RHSA-2015:0021)", "description": "Updated php packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 6.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.", "published": "2015-01-09T00:00:00", "modified": "2021-01-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/80440", "reporter": "This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/security/cve/cve-2014-3669", "https://access.redhat.com/errata/RHSA-2015:0021", "https://access.redhat.com/security/cve/cve-2014-3670"], "cvelist": ["CVE-2014-3669", "CVE-2014-3670"], "type": "nessus", "lastseen": "2021-01-01T05:05:08", "edition": 26, "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["SOL15866"]}, {"type": "cve", "idList": ["CVE-2014-3670", "CVE-2014-3669"]}, {"type": "redhat", "idList": ["RHSA-2014:1765", "RHSA-2014:1767", "RHSA-2014:1766", "RHSA-2014:1824", "RHSA-2014:1768", "RHSA-2015:0021"]}, {"type": "gentoo", "idList": ["GLSA-201411-04"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120347", "OPENVAS:1361412562310120348", "OPENVAS:1361412562310871287", "OPENVAS:1361412562310805409", "OPENVAS:703064", "OPENVAS:1361412562310882072", "OPENVAS:1361412562310703064", "OPENVAS:1361412562310121279", "OPENVAS:1361412562310882077", "OPENVAS:1361412562310123257"]}, {"type": "centos", "idList": ["CESA-2014:1767", "CESA-2014:1768", "CESA-2014:1824"]}, {"type": "amazon", "idList": ["ALAS-2014-434", "ALAS-2014-435"]}, {"type": "slackware", "idList": ["SSA-2014-307-03"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1135", "ELSA-2014-1767", "ELSA-2014-1768", "ELSA-2014-1824"]}, {"type": "debian", "idList": ["DEBIAN:DLA-94-1:92D05", "DEBIAN:DSA-3064-1:BB7D1"]}, {"type": "threatpost", "idList": ["THREATPOST:24B2243A9CE72574CE8C218BC61048D9"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31326", "SECURITYVULNS:VULN:14056", "SECURITYVULNS:VULN:14366", "SECURITYVULNS:DOC:31890", "SECURITYVULNS:DOC:31310"]}, {"type": "nessus", "idList": ["OPENSUSE-2014-645.NASL", "REDHAT-RHSA-2014-1824.NASL", "PHP_5_5_18.NASL", "PHP_5_6_2.NASL", "SL_20141106_PHP_ON_SL5_X.NASL", "CENTOS_RHSA-2014-1824.NASL", "OPENSUSE-2014-636.NASL", "PHP_5_4_34.NASL", "ALA_ALAS-2014-435.NASL", "ORACLELINUX_ELSA-2014-1824.NASL"]}, {"type": "ubuntu", "idList": ["USN-2391-1"]}, {"type": "hackerone", "idList": ["H1:104012"]}, {"type": "fedora", "idList": ["FEDORA:EE5BE60DC923", "FEDORA:3079E60D68D9", "FEDORA:27DD261EADCB"]}, {"type": "suse", "idList": ["SUSE-SU-2016:1638-1"]}], "modified": "2021-01-01T05:05:08", "rev": 2}, "score": {"value": 8.0, "vector": "NONE", "modified": "2021-01-01T05:05:08", "rev": 2}, "vulnersScore": 8.0}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0021. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80440);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/10/24 15:35:39\");\n\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\");\n script_bugtraq_id(70611, 70665);\n script_xref(name:\"RHSA\", value:\"2015:0021\");\n\n script_name(english:\"RHEL 6 : php (RHSA-2015:0021)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 6.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:0021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3670\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6\\.5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.5\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:0021\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-bcmath-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-bcmath-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-bcmath-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-cli-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-cli-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-cli-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-common-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-common-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-common-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-dba-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-dba-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-dba-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-debuginfo-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-debuginfo-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-debuginfo-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-devel-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-devel-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-devel-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-embedded-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-embedded-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-embedded-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-enchant-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-enchant-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-enchant-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-fpm-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-fpm-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-fpm-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-gd-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-gd-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-gd-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-imap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-imap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-imap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-intl-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-intl-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-intl-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-ldap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-ldap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-ldap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-mbstring-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-mbstring-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-mbstring-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-mysql-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-mysql-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-mysql-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-odbc-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-odbc-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-odbc-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-pdo-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-pdo-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-pdo-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-pgsql-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-pgsql-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-pgsql-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-process-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-process-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-process-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-pspell-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-pspell-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-pspell-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-recode-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-recode-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-recode-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-snmp-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-snmp-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-snmp-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-soap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-soap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-soap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-tidy-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-tidy-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-tidy-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-xml-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-xml-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-xml-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-xmlrpc-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-xmlrpc-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-zts-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-zts-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-zts-5.3.3-27.el6_5.3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n }\n}\n", "naslFamily": "Red Hat Local Security Checks", "pluginID": "80440", "cpe": ["p-cpe:/a:redhat:enterprise_linux:php-debuginfo", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-pgsql", "p-cpe:/a:redhat:enterprise_linux:php-xml", "cpe:/o:redhat:enterprise_linux:6.5", "p-cpe:/a:redhat:enterprise_linux:php-embedded", "p-cpe:/a:redhat:enterprise_linux:php-tidy", "p-cpe:/a:redhat:enterprise_linux:php-ldap", "p-cpe:/a:redhat:enterprise_linux:php-intl", "p-cpe:/a:redhat:enterprise_linux:php-soap", "p-cpe:/a:redhat:enterprise_linux:php-common", "p-cpe:/a:redhat:enterprise_linux:php-pspell", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-odbc", "p-cpe:/a:redhat:enterprise_linux:php-imap", "p-cpe:/a:redhat:enterprise_linux:php-xmlrpc", "p-cpe:/a:redhat:enterprise_linux:php-mysql", "p-cpe:/a:redhat:enterprise_linux:php-snmp", "p-cpe:/a:redhat:enterprise_linux:php-pdo", "p-cpe:/a:redhat:enterprise_linux:php", "p-cpe:/a:redhat:enterprise_linux:php-recode", "p-cpe:/a:redhat:enterprise_linux:php-process", "p-cpe:/a:redhat:enterprise_linux:php-zts", "p-cpe:/a:redhat:enterprise_linux:php-fpm", "p-cpe:/a:redhat:enterprise_linux:php-cli", "p-cpe:/a:redhat:enterprise_linux:php-enchant", "p-cpe:/a:redhat:enterprise_linux:php-dba", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-gd"], "scheme": null}

{"f5": [{"lastseen": "2016-09-26T17:23:10", "bulletinFamily": "software", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "edition": 1, "description": "Recommended Action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2014-11-26T00:00:00", "published": "2014-11-26T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/800/sol15866.html", "id": "SOL15866", "title": "SOL15866 - Multiple PHP vulnerabilities CVE-2014-3668, CVE-2014-3669, and CVE-2014-3670", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2020-12-09T19:58:24", "description": "Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value.", "edition": 5, "cvss3": {}, "published": "2014-10-29T10:55:00", "title": "CVE-2014-3669", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3669"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/a:php:php:5.5.15", "cpe:/a:php:php:5.6.0", "cpe:/a:php:php:5.4.12", "cpe:/a:php:php:5.5.10", "cpe:/a:php:php:5.4.1", "cpe:/a:php:php:5.4.30", "cpe:/a:php:php:5.4.8", "cpe:/a:php:php:5.5.12", "cpe:/a:php:php:5.4.24", "cpe:/a:php:php:5.4.32", "cpe:/a:php:php:5.4.4", "cpe:/a:php:php:5.6.1", "cpe:/a:php:php:5.4.0", "cpe:/a:php:php:5.5.13", "cpe:/a:php:php:5.5.4", "cpe:/a:php:php:5.4.23", "cpe:/a:php:php:5.4.5", "cpe:/a:php:php:5.4.19", "cpe:/a:php:php:5.4.17", "cpe:/a:php:php:5.5.7", "cpe:/a:php:php:5.4.29", "cpe:/a:php:php:5.4.20", "cpe:/a:php:php:5.4.26", "cpe:/a:php:php:5.5.3", "cpe:/a:php:php:5.4.11", "cpe:/a:php:php:5.4.7", "cpe:/a:php:php:5.4.9", "cpe:/a:php:php:5.5.16", "cpe:/a:php:php:5.4.16", "cpe:/a:php:php:5.4.28", "cpe:/a:php:php:5.5.0", "cpe:/a:php:php:5.5.1", "cpe:/a:php:php:5.4.22", "cpe:/a:php:php:5.4.15", "cpe:/a:php:php:5.4.13", "cpe:/a:php:php:5.4.10", "cpe:/a:php:php:5.4.33", "cpe:/a:php:php:5.4.2", "cpe:/a:php:php:5.4.18", "cpe:/a:php:php:5.4.27", "cpe:/a:php:php:5.4.21", "cpe:/a:php:php:5.5.5", "cpe:/a:php:php:5.5.17", "cpe:/a:php:php:5.4.25", "cpe:/a:php:php:5.4.31", "cpe:/a:php:php:5.5.2", "cpe:/a:php:php:5.4.6", "cpe:/a:php:php:5.5.8", "cpe:/a:php:php:5.5.11", "cpe:/a:php:php:5.5.6", "cpe:/a:php:php:5.5.14", "cpe:/a:php:php:5.5.9", "cpe:/a:php:php:5.4.3", "cpe:/a:php:php:5.4.14"], "id": "CVE-2014-3669", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3669", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.29:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.31:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.32:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.30:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.33:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:58:24", "description": "The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function.", "edition": 5, "cvss3": {}, "published": "2014-10-29T10:55:00", "title": "CVE-2014-3670", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3670"], "modified": "2016-10-18T03:44:00", "cpe": ["cpe:/a:php:php:5.5.15", "cpe:/a:php:php:5.6.0", "cpe:/a:php:php:5.4.12", "cpe:/a:php:php:5.5.10", "cpe:/a:php:php:5.4.1", "cpe:/a:php:php:5.4.30", "cpe:/a:php:php:5.4.8", "cpe:/a:php:php:5.5.12", "cpe:/a:php:php:5.4.24", "cpe:/a:php:php:5.4.32", "cpe:/a:php:php:5.4.4", "cpe:/a:php:php:5.6.1", "cpe:/a:php:php:5.4.0", "cpe:/a:php:php:5.5.13", "cpe:/a:php:php:5.5.4", "cpe:/a:php:php:5.4.23", "cpe:/a:php:php:5.4.5", "cpe:/a:php:php:5.4.19", "cpe:/a:php:php:5.4.17", "cpe:/a:php:php:5.5.7", "cpe:/a:php:php:5.4.29", "cpe:/a:php:php:5.4.20", "cpe:/a:php:php:5.4.26", "cpe:/a:php:php:5.5.3", "cpe:/a:php:php:5.4.11", "cpe:/a:php:php:5.4.7", "cpe:/a:php:php:5.4.9", "cpe:/a:php:php:5.5.16", "cpe:/a:php:php:5.4.16", "cpe:/a:php:php:5.4.28", "cpe:/a:php:php:5.5.0", "cpe:/a:php:php:5.5.1", "cpe:/a:php:php:5.4.22", "cpe:/a:php:php:5.4.15", "cpe:/a:php:php:5.4.13", "cpe:/a:php:php:5.4.10", "cpe:/a:php:php:5.4.33", "cpe:/a:php:php:5.4.2", "cpe:/a:php:php:5.4.18", "cpe:/a:php:php:5.4.27", "cpe:/a:php:php:5.4.21", "cpe:/a:php:php:5.5.5", "cpe:/a:php:php:5.5.17", "cpe:/a:php:php:5.4.25", "cpe:/a:php:php:5.4.31", "cpe:/a:php:php:5.5.2", "cpe:/a:php:php:5.4.6", "cpe:/a:php:php:5.5.8", "cpe:/a:php:php:5.5.11", "cpe:/a:php:php:5.5.6", "cpe:/a:php:php:5.5.14", "cpe:/a:php:php:5.5.9", "cpe:/a:php:php:5.4.3", "cpe:/a:php:php:5.4.14"], "id": "CVE-2014-3670", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3670", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.29:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.31:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.32:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.30:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.33:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*"]}], "redhat": [{"lastseen": "2019-08-13T18:45:59", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3669", "CVE-2014-3670"], "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\n", "modified": "2016-09-04T02:14:25", "published": "2015-01-08T05:00:00", "id": "RHSA-2015:0021", "href": "https://access.redhat.com/errata/RHSA-2015:0021", "type": "redhat", "title": "(RHSA-2015:0021) Important: php security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:12", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3669", "CVE-2014-3670", "CVE-2014-8626"], "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\n", "modified": "2017-09-08T12:14:57", "published": "2014-11-06T05:00:00", "id": "RHSA-2014:1824", "href": "https://access.redhat.com/errata/RHSA-2014:1824", "type": "redhat", "title": "(RHSA-2014:1824) Important: php security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:44:54", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710"], "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF) files.\nA remote attacker could use this flaw to crash a PHP application using\nfileinfo via a specially crafted ELF file. (CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php53 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\n", "modified": "2017-09-08T12:18:18", "published": "2014-10-30T04:00:00", "id": "RHSA-2014:1768", "href": "https://access.redhat.com/errata/RHSA-2014:1768", "type": "redhat", "title": "(RHSA-2014:1768) Important: php53 security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:25", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710"], "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF) files.\nA remote attacker could use this flaw to crash a PHP application using\nfileinfo via a specially crafted ELF file. (CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\n", "modified": "2018-06-07T08:57:35", "published": "2014-10-30T04:00:00", "id": "RHSA-2014:1767", "href": "https://access.redhat.com/errata/RHSA-2014:1767", "type": "redhat", "title": "(RHSA-2014:1767) Important: php security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:56", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0207", "CVE-2014-0237", "CVE-2014-0238", "CVE-2014-2497", "CVE-2014-3478", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3515", "CVE-2014-3538", "CVE-2014-3587", "CVE-2014-3597", "CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710", "CVE-2014-4049", "CVE-2014-4670", "CVE-2014-4698", "CVE-2014-4721", "CVE-2014-5120"], "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code. (CVE-2014-3670)\n\nMultiple buffer overflow flaws were found in the way PHP parsed DNS\nresponses. A malicious DNS server or a man-in-the-middle attacker could\nuse these flaws to crash or, possibly, execute arbitrary code with the\nprivileges of a PHP application that uses the dns_get_record() function.\n(CVE-2014-4049, CVE-2014-3597)\n\nMultiple denial of service flaws were found in the File Information\n(fileinfo) extension. A remote attacker could use these flaws to cause a\nPHP application using fileinfo to consume an excessive amount of CPU and\npossibly crash. (CVE-2014-0237, CVE-2014-0238, CVE-2014-3538)\n\nMultiple boundary check flaws were found in the File Information (fileinfo)\nextension. A remote attacker could use these flaws to cause a PHP\napplication using fileinfo to crash. (CVE-2014-0207, CVE-2014-3478,\nCVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3587, CVE-2014-3710)\n\nA type confusion issue was found in PHP's phpinfo() function. A malicious\nscript author could possibly use this flaw to disclose certain portions of\nserver memory. (CVE-2014-4721)\n\nA type confusion issue was found in the SPL ArrayObject and\nSPLObjectStorage classes' unserialize() method. A remote attacker able to\nsubmit specially crafted input to a PHP application, which would then\nunserialize this input using one of the aforementioned methods, could use\nthis flaw to execute arbitrary code with the privileges of the user running\nthat PHP application. (CVE-2014-3515)\n\nTwo use-after-free flaws were found in the way PHP handled certain Standard\nPHP Library (SPL) Iterators and ArrayIterators. A malicious script author\ncould possibly use either of these flaws to disclose certain portions of\nserver memory. (CVE-2014-4670, CVE-2014-4698)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nIt was found that PHP's gd extension did not properly handle file names\nwith a null character. A remote attacker could possibly use this flaw to\nmake a PHP application access unexpected files and bypass intended file\nsystem access restrictions. (CVE-2014-5120)\n\nA NULL pointer dereference flaw was found in the gdImageCreateFromXpm()\nfunction of PHP's gd extension. A remote attacker could use this flaw to\ncrash a PHP application using gd via a specially crafted X PixMap (XPM)\nfile. (CVE-2014-2497)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478,\nCVE-2014-3479, CVE-2014-3480, CVE-2014-3487, and CVE-2014-3710 issues were\ndiscovered by Francisco Alonso of Red Hat Product Security; the\nCVE-2014-3538 issue was discovered by Jan Kalu\u017ea of the Red Hat Web Stack\nTeam; the CVE-2014-3597 issue was discovered by David Kut\u00e1lek of Red Hat\nBaseOS QE.\n\nAll php55-php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd24-httpd service must be restarted for the\nupdate to take effect.\n", "modified": "2018-06-13T01:28:25", "published": "2014-10-30T04:00:00", "id": "RHSA-2014:1766", "href": "https://access.redhat.com/errata/RHSA-2014:1766", "type": "redhat", "title": "(RHSA-2014:1766) Important: php55-php security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:48", "bulletinFamily": "unix", "cvelist": ["CVE-2013-6712", "CVE-2013-7345", "CVE-2014-0207", "CVE-2014-0237", "CVE-2014-0238", "CVE-2014-1943", "CVE-2014-2270", "CVE-2014-2497", "CVE-2014-3478", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3515", "CVE-2014-3538", "CVE-2014-3587", "CVE-2014-3597", "CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710", "CVE-2014-4049", "CVE-2014-4670", "CVE-2014-4698", "CVE-2014-4721", "CVE-2014-5120"], "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code. (CVE-2014-3670)\n\nMultiple buffer overflow flaws were found in the way PHP parsed DNS\nresponses. A malicious DNS server or a man-in-the-middle attacker could\nuse these flaws to crash or, possibly, execute arbitrary code with the\nprivileges of a PHP application that uses the dns_get_record() function.\n(CVE-2014-4049, CVE-2014-3597)\n\nMultiple denial of service flaws were found in the File Information\n(fileinfo) extension. A remote attacker could use these flaws to cause a\nPHP application using fileinfo to consume an excessive amount of CPU and\npossibly crash. (CVE-2013-7345, CVE-2014-0237, CVE-2014-0238,\nCVE-2014-1943, CVE-2014-3538)\n\nMultiple boundary check flaws were found in the File Information\n(fileinfo) extension. A remote attacker could use these flaws to cause a\nPHP application using fileinfo to crash. (CVE-2014-0207, CVE-2014-2270,\nCVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3587,\nCVE-2014-3710)\n\nA type confusion issue was found in PHP's phpinfo() function. A malicious\nscript author could possibly use this flaw to disclose certain portions of\nserver memory. (CVE-2014-4721)\n\nA type confusion issue was found in the SPL ArrayObject and\nSPLObjectStorage classes' unserialize() method. A remote attacker able to\nsubmit specially crafted input to a PHP application, which would then\nunserialize this input using one of the aforementioned methods, could use\nthis flaw to execute arbitrary code with the privileges of the user running\nthat PHP application. (CVE-2014-3515)\n\nTwo use-after-free flaws were found in the way PHP handled certain Standard\nPHP Library (SPL) Iterators and ArrayIterators. A malicious script author\ncould possibly use either of these flaws to disclose certain portions of\nserver memory. (CVE-2014-4670, CVE-2014-4698)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nIt was found that PHP's gd extension did not properly handle file names\nwith a null character. A remote attacker could possibly use this flaw to\nmake a PHP application access unexpected files and bypass intended file\nsystem access restrictions. (CVE-2014-5120)\n\nA NULL pointer dereference flaw was found in the gdImageCreateFromXpm()\nfunction of PHP's gd extension. A remote attacker could use this flaw to\ncrash a PHP application using gd via a specially crafted X PixMap (XPM)\nfile. (CVE-2014-2497)\n\nA buffer over-read flaw was found in the way the DateInterval class parsed\ninterval specifications. An attacker able to make a PHP application parse a\nspecially crafted specification using DateInterval could possibly cause the\nPHP interpreter to crash. (CVE-2013-6712)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478,\nCVE-2014-3479, CVE-2014-3480, CVE-2014-3487, and CVE-2014-3710 issues were\ndiscovered by Francisco Alonso of Red Hat Product Security; the\nCVE-2014-3538 issue was discovered by Jan Kalu\u017ea of the Red Hat Web Stack\nTeam; the CVE-2014-3597 issue was discovered by David Kut\u00e1lek of Red Hat\nBaseOS QE.\n\nAll php54-php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd service must be restarted for the update to\ntake effect.\n", "modified": "2018-06-13T01:28:16", "published": "2014-10-30T04:00:00", "id": "RHSA-2014:1765", "href": "https://access.redhat.com/errata/RHSA-2014:1765", "type": "redhat", "title": "(RHSA-2014:1765) Important: php54-php security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:20", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "description": "### Background\n\nPHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. \n\n### Description\n\nMultiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker can possibly execute arbitrary code or create a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll PHP 5.5 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-5.5.18\"\n \n\nAll PHP 5.4 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-5.4.34\"\n \n\nAll PHP 5.3 users should upgrade to the latest version. This release marks the end of life of the PHP 5.3 series. Future releases of this series are not planned. All PHP 5.3 users are encouraged to upgrade to the current stable version of PHP 5.5 or previous stable version of PHP 5.4, which are supported till at least 2016 and 2015 respectively. \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-5.3.29\"", "edition": 1, "modified": "2015-08-22T00:00:00", "published": "2014-11-09T00:00:00", "id": "GLSA-201411-04", "href": "https://security.gentoo.org/glsa/201411-04", "type": "gentoo", "title": "PHP: Multiple vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-05-29T18:37:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3669", "CVE-2014-8626", "CVE-2014-3670"], "description": "Check the version of php", "modified": "2019-03-08T00:00:00", "published": "2014-11-07T00:00:00", "id": "OPENVAS:1361412562310882077", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882077", "type": "openvas", "title": "CentOS Update for php CESA-2014:1824 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2014:1824 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882077\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-07 06:18:06 +0100 (Fri, 07 Nov 2014)\");\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for php CESA-2014:1824 centos5\");\n\n script_tag(name:\"summary\", value:\"Check the version of php\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language\ncommonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\");\n script_tag(name:\"affected\", value:\"php on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:1824\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-November/020743.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3669", "CVE-2014-8626", "CVE-2014-3670"], "description": "Oracle Linux Local Security Checks ELSA-2014-1824", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123257", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123257", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-1824", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-1824.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123257\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:01:22 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-1824\");\n script_tag(name:\"insight\", value:\"ELSA-2014-1824 - php security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-1824\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-1824.html\");\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3669", "CVE-2014-8626", "CVE-2014-3670"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2014-11-07T00:00:00", "id": "OPENVAS:1361412562310871287", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871287", "type": "openvas", "title": "RedHat Update for php RHSA-2014:1824-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2014:1824-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871287\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-07 06:17:40 +0100 (Fri, 07 Nov 2014)\");\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for php RHSA-2014:1824-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\");\n script_tag(name:\"affected\", value:\"php on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:1824-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-November/msg00018.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-28T10:48:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "description": "Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. It has been\ndecided to follow the stable 5.4.x releases for the Wheezy PHP packages.\nConsequently the vulnerabilities are addressed by upgrading PHP to a new\nupstream version 5.4.34, which includes additional bug fixes, new\nfeatures and possibly incompatible changes. Please refer to the upstream\nchangelog for more information:\n\nhttp://php.net/ChangeLog-5.php#5.4.34", "modified": "2017-07-13T00:00:00", "published": "2014-11-04T00:00:00", "id": "OPENVAS:703064", "href": "http://plugins.openvas.org/nasl.php?oid=703064", "type": "openvas", "title": "Debian Security Advisory DSA 3064-1 (php5 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3064.nasl 6715 2017-07-13 09:57:40Z teissa $\n# Auto-generated from advisory DSA 3064-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703064);\n script_version(\"$Revision: 6715 $\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_name(\"Debian Security Advisory DSA 3064-1 (php5 - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-13 11:57:40 +0200 (Thu, 13 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-11-04 00:00:00 +0100 (Tue, 04 Nov 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-3064.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"php5 on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package is a metapackage that, when installed, guarantees that you\nhave at least one of the four server-side versions of the PHP5 interpreter\ninstalled. Removing this package won't remove PHP5 from your system, however\nit may remove other packages that depend on this one.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy), these problems have been fixed in\nversion 5.4.34-0+deb7u1.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. It has been\ndecided to follow the stable 5.4.x releases for the Wheezy PHP packages.\nConsequently the vulnerabilities are addressed by upgrading PHP to a new\nupstream version 5.4.34, which includes additional bug fixes, new\nfeatures and possibly incompatible changes. Please refer to the upstream\nchangelog for more information:\n\nhttp://php.net/ChangeLog-5.php#5.4.34\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:01:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120347", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120347", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-434)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120347\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:24:18 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-434)\");\n script_tag(name:\"insight\", value:\"An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-3668 )An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669 )A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3670 )\");\n script_tag(name:\"solution\", value:\"Run yum update php54 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-434.html\");\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3668\", \"CVE-2014-3670\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php54-debuginfo\", rpm:\"php54-debuginfo~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mbstring\", rpm:\"php54-mbstring~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54\", rpm:\"php54~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-xml\", rpm:\"php54-xml~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-devel\", rpm:\"php54-devel~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-bcmath\", rpm:\"php54-bcmath~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-odbc\", rpm:\"php54-odbc~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-snmp\", rpm:\"php54-snmp~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-gd\", rpm:\"php54-gd~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-soap\", rpm:\"php54-soap~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-xmlrpc\", rpm:\"php54-xmlrpc~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-intl\", rpm:\"php54-intl~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-fpm\", rpm:\"php54-fpm~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pdo\", rpm:\"php54-pdo~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mssql\", rpm:\"php54-mssql~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-imap\", rpm:\"php54-imap~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mysql\", rpm:\"php54-mysql~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pgsql\", rpm:\"php54-pgsql~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-embedded\", rpm:\"php54-embedded~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pspell\", rpm:\"php54-pspell~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-enchant\", rpm:\"php54-enchant~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-common\", rpm:\"php54-common~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-recode\", rpm:\"php54-recode~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-dba\", rpm:\"php54-dba~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-ldap\", rpm:\"php54-ldap~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-cli\", rpm:\"php54-cli~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-tidy\", rpm:\"php54-tidy~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mcrypt\", rpm:\"php54-mcrypt~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mysqlnd\", rpm:\"php54-mysqlnd~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-process\", rpm:\"php54-process~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "description": "This host is installed with PHP and is\n prone to multiple vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2015-01-06T00:00:00", "id": "OPENVAS:1361412562310805409", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805409", "type": "openvas", "title": "PHP Multiple Vulnerabilities - 01 - Jan15", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_mult_vuln01_jan15.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# PHP Multiple Vulnerabilities - 01 - Jan15\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805409\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2014-3670\", \"CVE-2014-3669\", \"CVE-2014-3668\");\n script_bugtraq_id(70611, 70665, 70666);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-06 17:18:33 +0530 (Tue, 06 Jan 2015)\");\n script_name(\"PHP Multiple Vulnerabilities - 01 - Jan15\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is\n prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - The exif_ifd_make_value function in exif.c in the EXIF extension in PHP\n operates on floating-point arrays incorrectly.\n\n - Integer overflow in the object_custom function in ext/standard/var\n _unserializer.c in PHP.\n\n - Buffer overflow in the date_from_ISO8601 function in the mkgmtime\n implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service or possibly execute arbitrary code\n via different crafted dimensions.\");\n\n script_tag(name:\"affected\", value:\"PHP versions 5.4.x before 5.4.34, 5.5.x\n before 5.5.18, and 5.6.x before 5.6.2\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.34 or 5.5.18\n or 5.6.2 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"https://bugs.php.net/bug.php?id=68044\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(phpVer =~ \"^5\\.[4-6]\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.4.0\", test_version2:\"5.4.33\")||\n version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.17\")||\n version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.1\")) {\n report = report_fixed_ver(installed_version:phpVer, fixed_version:\"5.4.34/5.5.18/5.6.2\");\n security_message(data:report, port:phpPort);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "description": "Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. It has been\ndecided to follow the stable 5.4.x releases for the Wheezy PHP packages.\nConsequently the vulnerabilities are addressed by upgrading PHP to a new\nupstream version 5.4.34, which includes additional bug fixes, new\nfeatures and possibly incompatible changes.", "modified": "2019-03-19T00:00:00", "published": "2014-11-04T00:00:00", "id": "OPENVAS:1361412562310703064", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703064", "type": "openvas", "title": "Debian Security Advisory DSA 3064-1 (php5 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3064.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 3064-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703064\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_name(\"Debian Security Advisory DSA 3064-1 (php5 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-04 00:00:00 +0100 (Tue, 04 Nov 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-3064.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"php5 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 5.4.34-0+deb7u1.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. It has been\ndecided to follow the stable 5.4.x releases for the Wheezy PHP packages.\nConsequently the vulnerabilities are addressed by upgrading PHP to a new\nupstream version 5.4.34, which includes additional bug fixes, new\nfeatures and possibly incompatible changes.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "description": "Gentoo Linux Local Security Checks GLSA 201411-04", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121279", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121279", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201411-04", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201411-04.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121279\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:27:58 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201411-04\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201411-04\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201411-04\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.5.18\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.34\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.3.29\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.36\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.37\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.38\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.39\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.35\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.40\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.41\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.42\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.43\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.44\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.45\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.46\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(), vulnerable: make_list(\"lt 5.5.18\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T23:00:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120348", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120348", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-435)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120348\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:24:20 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-435)\");\n script_tag(name:\"insight\", value:\"An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-3668 )An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669 )A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3670 )\");\n script_tag(name:\"solution\", value:\"Run yum update php55 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-435.html\");\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3668\", \"CVE-2014-3670\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php55-pdo\", rpm:\"php55-pdo~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-embedded\", rpm:\"php55-embedded~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mcrypt\", rpm:\"php55-mcrypt~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-ldap\", rpm:\"php55-ldap~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-common\", rpm:\"php55-common~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-process\", rpm:\"php55-process~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-devel\", rpm:\"php55-devel~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-bcmath\", rpm:\"php55-bcmath~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-xmlrpc\", rpm:\"php55-xmlrpc~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-recode\", rpm:\"php55-recode~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pgsql\", rpm:\"php55-pgsql~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-imap\", rpm:\"php55-imap~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-fpm\", rpm:\"php55-fpm~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-cli\", rpm:\"php55-cli~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mysqlnd\", rpm:\"php55-mysqlnd~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55\", rpm:\"php55~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-gd\", rpm:\"php55-gd~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mssql\", rpm:\"php55-mssql~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-odbc\", rpm:\"php55-odbc~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pspell\", rpm:\"php55-pspell~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-xml\", rpm:\"php55-xml~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-gmp\", rpm:\"php55-gmp~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-snmp\", rpm:\"php55-snmp~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mbstring\", rpm:\"php55-mbstring~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-tidy\", rpm:\"php55-tidy~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-opcache\", rpm:\"php55-opcache~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-debuginfo\", rpm:\"php55-debuginfo~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-intl\", rpm:\"php55-intl~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-soap\", rpm:\"php55-soap~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-dba\", rpm:\"php55-dba~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-enchant\", rpm:\"php55-enchant~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "description": "Check the version of php53", "modified": "2019-03-08T00:00:00", "published": "2014-11-01T00:00:00", "id": "OPENVAS:1361412562310882072", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882072", "type": "openvas", "title": "CentOS Update for php53 CESA-2014:1768 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php53 CESA-2014:1768 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882072\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-01 05:44:15 +0100 (Sat, 01 Nov 2014)\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for php53 CESA-2014:1768 centos5\");\n\n script_tag(name:\"summary\", value:\"Check the version of php53\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language\ncommonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF) files.\nA remote attacker could use this flaw to crash a PHP application using\nfileinfo via a specially crafted ELF file. (CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php53 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\");\n script_tag(name:\"affected\", value:\"php53 on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:1768\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-October/020724.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:26:26", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3669", "CVE-2014-8626", "CVE-2014-3670"], "description": "**CentOS Errata and Security Advisory** CESA-2014:1824\n\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-November/032781.html\n\n**Affected packages:**\nphp\nphp-bcmath\nphp-cli\nphp-common\nphp-dba\nphp-devel\nphp-gd\nphp-imap\nphp-ldap\nphp-mbstring\nphp-mysql\nphp-ncurses\nphp-odbc\nphp-pdo\nphp-pgsql\nphp-snmp\nphp-soap\nphp-xml\nphp-xmlrpc\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1824.html", "edition": 3, "modified": "2014-11-06T18:30:07", "published": "2014-11-06T18:30:07", "href": "http://lists.centos.org/pipermail/centos-announce/2014-November/032781.html", "id": "CESA-2014:1824", "title": "php security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-20T18:27:14", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "description": "**CentOS Errata and Security Advisory** CESA-2014:1767\n\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF) files.\nA remote attacker could use this flaw to crash a PHP application using\nfileinfo via a specially crafted ELF file. (CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-October/032761.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-October/032764.html\n\n**Affected packages:**\nphp\nphp-bcmath\nphp-cli\nphp-common\nphp-dba\nphp-devel\nphp-embedded\nphp-enchant\nphp-fpm\nphp-gd\nphp-imap\nphp-intl\nphp-ldap\nphp-mbstring\nphp-mysql\nphp-mysqlnd\nphp-odbc\nphp-pdo\nphp-pgsql\nphp-process\nphp-pspell\nphp-recode\nphp-snmp\nphp-soap\nphp-tidy\nphp-xml\nphp-xmlrpc\nphp-zts\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1767.html", "edition": 3, "modified": "2014-10-31T15:18:33", "published": "2014-10-31T13:14:51", "href": "http://lists.centos.org/pipermail/centos-announce/2014-October/032761.html", "id": "CESA-2014:1767", "title": "php security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-20T18:27:17", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "description": "**CentOS Errata and Security Advisory** CESA-2014:1768\n\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF) files.\nA remote attacker could use this flaw to crash a PHP application using\nfileinfo via a specially crafted ELF file. (CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php53 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-October/032762.html\n\n**Affected packages:**\nphp53\nphp53-bcmath\nphp53-cli\nphp53-common\nphp53-dba\nphp53-devel\nphp53-gd\nphp53-imap\nphp53-intl\nphp53-ldap\nphp53-mbstring\nphp53-mysql\nphp53-odbc\nphp53-pdo\nphp53-pgsql\nphp53-process\nphp53-pspell\nphp53-snmp\nphp53-soap\nphp53-xml\nphp53-xmlrpc\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1768.html", "edition": 3, "modified": "2014-10-31T14:37:09", "published": "2014-10-31T14:37:09", "href": "http://lists.centos.org/pipermail/centos-announce/2014-October/032762.html", "id": "CESA-2014:1768", "title": "php53 security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:35:18", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "description": "**Issue Overview:**\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. ([CVE-2014-3668 __](<https://access.redhat.com/security/cve/CVE-2014-3668>))\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. ([CVE-2014-3669 __](<https://access.redhat.com/security/cve/CVE-2014-3669>))\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. ([CVE-2014-3670 __](<https://access.redhat.com/security/cve/CVE-2014-3670>))\n\n \n**Affected Packages:** \n\n\nphp54\n\n \n**Issue Correction:** \nRun _yum update php54_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n php54-debuginfo-5.4.34-1.62.amzn1.i686 \n php54-mbstring-5.4.34-1.62.amzn1.i686 \n php54-5.4.34-1.62.amzn1.i686 \n php54-xml-5.4.34-1.62.amzn1.i686 \n php54-devel-5.4.34-1.62.amzn1.i686 \n php54-bcmath-5.4.34-1.62.amzn1.i686 \n php54-odbc-5.4.34-1.62.amzn1.i686 \n php54-snmp-5.4.34-1.62.amzn1.i686 \n php54-gd-5.4.34-1.62.amzn1.i686 \n php54-soap-5.4.34-1.62.amzn1.i686 \n php54-xmlrpc-5.4.34-1.62.amzn1.i686 \n php54-intl-5.4.34-1.62.amzn1.i686 \n php54-fpm-5.4.34-1.62.amzn1.i686 \n php54-pdo-5.4.34-1.62.amzn1.i686 \n php54-mssql-5.4.34-1.62.amzn1.i686 \n php54-imap-5.4.34-1.62.amzn1.i686 \n php54-mysql-5.4.34-1.62.amzn1.i686 \n php54-pgsql-5.4.34-1.62.amzn1.i686 \n php54-embedded-5.4.34-1.62.amzn1.i686 \n php54-pspell-5.4.34-1.62.amzn1.i686 \n php54-enchant-5.4.34-1.62.amzn1.i686 \n php54-common-5.4.34-1.62.amzn1.i686 \n php54-recode-5.4.34-1.62.amzn1.i686 \n php54-dba-5.4.34-1.62.amzn1.i686 \n php54-ldap-5.4.34-1.62.amzn1.i686 \n php54-cli-5.4.34-1.62.amzn1.i686 \n php54-tidy-5.4.34-1.62.amzn1.i686 \n php54-mcrypt-5.4.34-1.62.amzn1.i686 \n php54-mysqlnd-5.4.34-1.62.amzn1.i686 \n php54-process-5.4.34-1.62.amzn1.i686 \n \n src: \n php54-5.4.34-1.62.amzn1.src \n \n x86_64: \n php54-fpm-5.4.34-1.62.amzn1.x86_64 \n php54-5.4.34-1.62.amzn1.x86_64 \n php54-mssql-5.4.34-1.62.amzn1.x86_64 \n php54-debuginfo-5.4.34-1.62.amzn1.x86_64 \n php54-gd-5.4.34-1.62.amzn1.x86_64 \n php54-imap-5.4.34-1.62.amzn1.x86_64 \n php54-embedded-5.4.34-1.62.amzn1.x86_64 \n php54-mcrypt-5.4.34-1.62.amzn1.x86_64 \n php54-pdo-5.4.34-1.62.amzn1.x86_64 \n php54-pgsql-5.4.34-1.62.amzn1.x86_64 \n php54-common-5.4.34-1.62.amzn1.x86_64 \n php54-dba-5.4.34-1.62.amzn1.x86_64 \n php54-tidy-5.4.34-1.62.amzn1.x86_64 \n php54-bcmath-5.4.34-1.62.amzn1.x86_64 \n php54-odbc-5.4.34-1.62.amzn1.x86_64 \n php54-mysql-5.4.34-1.62.amzn1.x86_64 \n php54-cli-5.4.34-1.62.amzn1.x86_64 \n php54-ldap-5.4.34-1.62.amzn1.x86_64 \n php54-process-5.4.34-1.62.amzn1.x86_64 \n php54-snmp-5.4.34-1.62.amzn1.x86_64 \n php54-devel-5.4.34-1.62.amzn1.x86_64 \n php54-mbstring-5.4.34-1.62.amzn1.x86_64 \n php54-soap-5.4.34-1.62.amzn1.x86_64 \n php54-enchant-5.4.34-1.62.amzn1.x86_64 \n php54-pspell-5.4.34-1.62.amzn1.x86_64 \n php54-mysqlnd-5.4.34-1.62.amzn1.x86_64 \n php54-intl-5.4.34-1.62.amzn1.x86_64 \n php54-xml-5.4.34-1.62.amzn1.x86_64 \n php54-xmlrpc-5.4.34-1.62.amzn1.x86_64 \n php54-recode-5.4.34-1.62.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-10-28T17:09:00", "published": "2014-10-28T17:09:00", "id": "ALAS-2014-434", "href": "https://alas.aws.amazon.com/ALAS-2014-434.html", "title": "Important: php54", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-10T12:36:59", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "description": "**Issue Overview:**\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. ([CVE-2014-3668 __](<https://access.redhat.com/security/cve/CVE-2014-3668>))\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. ([CVE-2014-3669 __](<https://access.redhat.com/security/cve/CVE-2014-3669>))\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. ([CVE-2014-3670 __](<https://access.redhat.com/security/cve/CVE-2014-3670>))\n\n \n**Affected Packages:** \n\n\nphp55\n\n \n**Issue Correction:** \nRun _yum update php55_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n php55-pdo-5.5.18-1.92.amzn1.i686 \n php55-embedded-5.5.18-1.92.amzn1.i686 \n php55-mcrypt-5.5.18-1.92.amzn1.i686 \n php55-ldap-5.5.18-1.92.amzn1.i686 \n php55-common-5.5.18-1.92.amzn1.i686 \n php55-process-5.5.18-1.92.amzn1.i686 \n php55-devel-5.5.18-1.92.amzn1.i686 \n php55-bcmath-5.5.18-1.92.amzn1.i686 \n php55-xmlrpc-5.5.18-1.92.amzn1.i686 \n php55-recode-5.5.18-1.92.amzn1.i686 \n php55-pgsql-5.5.18-1.92.amzn1.i686 \n php55-imap-5.5.18-1.92.amzn1.i686 \n php55-fpm-5.5.18-1.92.amzn1.i686 \n php55-cli-5.5.18-1.92.amzn1.i686 \n php55-mysqlnd-5.5.18-1.92.amzn1.i686 \n php55-5.5.18-1.92.amzn1.i686 \n php55-gd-5.5.18-1.92.amzn1.i686 \n php55-mssql-5.5.18-1.92.amzn1.i686 \n php55-odbc-5.5.18-1.92.amzn1.i686 \n php55-pspell-5.5.18-1.92.amzn1.i686 \n php55-xml-5.5.18-1.92.amzn1.i686 \n php55-gmp-5.5.18-1.92.amzn1.i686 \n php55-snmp-5.5.18-1.92.amzn1.i686 \n php55-mbstring-5.5.18-1.92.amzn1.i686 \n php55-tidy-5.5.18-1.92.amzn1.i686 \n php55-opcache-5.5.18-1.92.amzn1.i686 \n php55-debuginfo-5.5.18-1.92.amzn1.i686 \n php55-intl-5.5.18-1.92.amzn1.i686 \n php55-soap-5.5.18-1.92.amzn1.i686 \n php55-dba-5.5.18-1.92.amzn1.i686 \n php55-enchant-5.5.18-1.92.amzn1.i686 \n \n src: \n php55-5.5.18-1.92.amzn1.src \n \n x86_64: \n php55-5.5.18-1.92.amzn1.x86_64 \n php55-soap-5.5.18-1.92.amzn1.x86_64 \n php55-enchant-5.5.18-1.92.amzn1.x86_64 \n php55-pspell-5.5.18-1.92.amzn1.x86_64 \n php55-ldap-5.5.18-1.92.amzn1.x86_64 \n php55-debuginfo-5.5.18-1.92.amzn1.x86_64 \n php55-xml-5.5.18-1.92.amzn1.x86_64 \n php55-opcache-5.5.18-1.92.amzn1.x86_64 \n php55-cli-5.5.18-1.92.amzn1.x86_64 \n php55-mbstring-5.5.18-1.92.amzn1.x86_64 \n php55-gmp-5.5.18-1.92.amzn1.x86_64 \n php55-process-5.5.18-1.92.amzn1.x86_64 \n php55-pgsql-5.5.18-1.92.amzn1.x86_64 \n php55-intl-5.5.18-1.92.amzn1.x86_64 \n php55-fpm-5.5.18-1.92.amzn1.x86_64 \n php55-embedded-5.5.18-1.92.amzn1.x86_64 \n php55-devel-5.5.18-1.92.amzn1.x86_64 \n php55-tidy-5.5.18-1.92.amzn1.x86_64 \n php55-gd-5.5.18-1.92.amzn1.x86_64 \n php55-recode-5.5.18-1.92.amzn1.x86_64 \n php55-xmlrpc-5.5.18-1.92.amzn1.x86_64 \n php55-bcmath-5.5.18-1.92.amzn1.x86_64 \n php55-dba-5.5.18-1.92.amzn1.x86_64 \n php55-mysqlnd-5.5.18-1.92.amzn1.x86_64 \n php55-odbc-5.5.18-1.92.amzn1.x86_64 \n php55-mssql-5.5.18-1.92.amzn1.x86_64 \n php55-imap-5.5.18-1.92.amzn1.x86_64 \n php55-common-5.5.18-1.92.amzn1.x86_64 \n php55-snmp-5.5.18-1.92.amzn1.x86_64 \n php55-mcrypt-5.5.18-1.92.amzn1.x86_64 \n php55-pdo-5.5.18-1.92.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-10-28T17:10:00", "published": "2014-10-28T17:10:00", "id": "ALAS-2014-435", "href": "https://alas.aws.amazon.com/ALAS-2014-435.html", "title": "Important: php55", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2020-10-25T16:36:02", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "description": "New php packages are available for Slackware 14.0, 14.1, and -current to\nfix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/php-5.4.34-i486-1_slack14.1.txz: Upgraded.\n This update fixes bugs and security issues.\n #68044 (Integer overflow in unserialize() (32-bits only)). (CVE-2014-3669)\n #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670)\n #68027 (Global buffer overflow in mkgmtime() function). (CVE-2014-3668)\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.34-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.34-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.34-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.34-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.4.34-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.4.34-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n7e7e571cc654d59f78e8c650392c7c40 php-5.4.34-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n7fa64e0f2eb45700f4fb28901634c9d0 php-5.4.34-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\naa9822fa92fb6737b933bf6958786252 php-5.4.34-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\nb14ba84a31138448e3264d801900b946 php-5.4.34-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n8500f42aa302e18e87b50c2106c156a4 n/php-5.4.34-i486-1.txz\n\nSlackware x86_64 -current package:\nef1909db4e6538cbd26db0fb70cf4160 n/php-5.4.34-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg php-5.4.34-i486-1_slack14.1.txz\n\nThen, restart Apache httpd:\n > /etc/rc.d/rc.httpd stop\n > /etc/rc.d/rc.httpd start", "modified": "2014-11-04T01:25:39", "published": "2014-11-04T01:25:39", "id": "SSA-2014-307-03", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.403317", "type": "slackware", "title": "[slackware-security] php", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:57", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3669", "CVE-2014-8626", "CVE-2014-3670"], "description": "[5.1.6-45]\n- core: fix integer overflow in unserialize() CVE-2014-3669\n- exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670\n- xmlrpc: fix buffer overflow in date parser #1155607", "edition": 4, "modified": "2014-11-06T00:00:00", "published": "2014-11-06T00:00:00", "id": "ELSA-2014-1824", "href": "http://linux.oracle.com/errata/ELSA-2014-1824.html", "title": "php security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:25", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "description": "[5.4.16-23.3]\n- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710\n[5.4.16-23.2]\n- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668\n- core: fix integer overflow in unserialize() CVE-2014-3669\n- exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670", "edition": 4, "modified": "2014-10-30T00:00:00", "published": "2014-10-30T00:00:00", "id": "ELSA-2014-1767", "href": "http://linux.oracle.com/errata/ELSA-2014-1767.html", "title": "php security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:59", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "description": "[5.3.3-26]\n- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710\n[5.3.3-25]\n- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668\n- core: fix integer overflow in unserialize() CVE-2014-3669\n- exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670", "edition": 4, "modified": "2014-10-30T00:00:00", "published": "2014-10-30T00:00:00", "id": "ELSA-2014-1768", "href": "http://linux.oracle.com/errata/ELSA-2014-1768.html", "title": "php53 security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:15", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2348", "CVE-2014-9705", "CVE-2015-2787", "CVE-2015-0232", "CVE-2015-4601", "CVE-2013-7345", "CVE-2015-2783", "CVE-2015-3329", "CVE-2014-3478", "CVE-2015-3330", "CVE-2015-2301", "CVE-2014-3587", "CVE-2012-1571", "CVE-2014-9709", "CVE-2014-4670", "CVE-2014-3668", "CVE-2015-0273", "CVE-2014-8142", "CVE-2015-4148", "CVE-2015-4605", "CVE-2015-3307", "CVE-2015-4025", "CVE-2014-3669", "CVE-2015-4024", "CVE-2015-4021", "CVE-2014-3538", "CVE-2014-5120", "CVE-2014-3597", "CVE-2014-3710", "CVE-2015-4602", "CVE-2015-4026", "CVE-2014-4698", "CVE-2015-4147", "CVE-2015-3411", "CVE-2014-4049", "CVE-2015-4604", "CVE-2014-3670", "CVE-2015-4600", "CVE-2015-4022", "CVE-2014-9652", "CVE-2015-3412", "CVE-2014-2497", "CVE-2015-4603", "CVE-2015-4599", "CVE-2015-4598", "CVE-2015-0231"], "description": "[5.4.16-36]\n- fix more functions accept paths with NUL character #1213407\n[5.4.16-35]\n- core: fix multipart/form-data request can use excessive\n amount of CPU usage CVE-2015-4024\n- fix various functions accept paths with NUL character\n CVE-2015-4025, CVE-2015-4026, #1213407\n- fileinfo: fix denial of service when processing a crafted\n file #1213442\n- ftp: fix integer overflow leading to heap overflow when\n reading FTP file listing CVE-2015-4022\n- phar: fix buffer over-read in metadata parsing CVE-2015-2783\n- phar: invalid pointer free() in phar_tar_process_metadata()\n CVE-2015-3307\n- phar: fix buffer overflow in phar_set_inode() CVE-2015-3329\n- phar: fix memory corruption in phar_parse_tarfile caused by\n empty entry file name CVE-2015-4021\n- soap: fix type confusion through unserialize #1222538\n- apache2handler: fix pipelined request executed in deinitialized\n interpreter under httpd 2.4 CVE-2015-3330\n[5.4.16-34]\n- fix memory corruption in fileinfo module on big endian\n machines #1082624\n- fix segfault in pdo_odbc on x86_64 #1159892\n- fix segfault in gmp allocator #1154760\n[5.4.16-33]\n- core: use after free vulnerability in unserialize()\n CVE-2014-8142 and CVE-2015-0231\n- core: fix use-after-free in unserialize CVE-2015-2787\n- core: fix NUL byte injection in file name argument of\n move_uploaded_file() CVE-2015-2348\n- date: use after free vulnerability in unserialize CVE-2015-0273\n- enchant: fix heap buffer overflow in enchant_broker_request_dict\n CVE-2014-9705\n- exif: free called on unitialized pointer CVE-2015-0232\n- fileinfo: fix out of bounds read in mconvert CVE-2014-9652\n- gd: fix buffer read overflow in gd_gif_in.c CVE-2014-9709\n- phar: use after free in phar_object.c CVE-2015-2301\n- soap: fix type confusion through unserialize\n[5.4.16-31]\n- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710\n[5.4.16-29]\n- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668\n- core: fix integer overflow in unserialize() CVE-2014-3669\n- exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670\n[5.4.16-27]\n- gd: fix NULL pointer dereference in gdImageCreateFromXpm().\n CVE-2014-2497\n- gd: fix NUL byte injection in file names. CVE-2014-5120\n- fileinfo: fix extensive backtracking in regular expression\n (incomplete fix for CVE-2013-7345). CVE-2014-3538\n- fileinfo: fix mconvert incorrect handling of truncated\n pascal string size. CVE-2014-3478\n- fileinfo: fix cdf_read_property_info\n (incomplete fix for CVE-2012-1571). CVE-2014-3587\n- spl: fix use-after-free in ArrayIterator due to object\n change during sorting. CVE-2014-4698\n- spl: fix use-after-free in SPL Iterators. CVE-2014-4670\n- network: fix segfault in dns_get_record\n (incomplete fix for CVE-2014-4049). CVE-2014-3597\n[5.4.16-25]\n- fix segfault after startup on aarch64 (#1107567)\n- compile php with -O3 on ppc64le (#1123499)", "edition": 4, "modified": "2015-06-23T00:00:00", "published": "2015-06-23T00:00:00", "id": "ELSA-2015-1135", "href": "http://linux.oracle.com/errata/ELSA-2015-1135.html", "title": "php security and bug fix update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2019-05-30T02:22:42", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3064-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nNovember 04, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : php5\nCVE ID : CVE-2014-3668 CVE-2014-3669 CVE-2014-3670\n\nSeveral vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. It has been\ndecided to follow the stable 5.4.x releases for the Wheezy PHP packages.\nConsequently the vulnerabilities are addressed by upgrading PHP to a new\nupstream version 5.4.34, which includes additional bug fixes, new\nfeatures and possibly incompatible changes. Please refer to the upstream\nchangelog for more information:\n\n http://php.net/ChangeLog-5.php#5.4.34\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 5.4.34-0+deb7u1.\n\nWe recommend that you upgrade your php5 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2014-11-04T16:08:34", "published": "2014-11-04T16:08:34", "id": "DEBIAN:DSA-3064-1:BB7D1", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00252.html", "title": "[SECURITY] [DSA 3064-1] php5 security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-11T13:12:01", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "description": "Package : php5\nVersion : 5.3.3-7+squeeze23\nCVE ID : CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 CVE-2014-3710\n\nCVE-2014-3668\n\n Fix bug #68027 - fix date parsing in XMLRPC lib\n\nCVE-2014-3669\n\n Fix bug #68044: Integer overflow in unserialize() (32-bits only)\n\nCVE-2014-3670\n\n Fix bug #68113 (Heap corruption in exif_thumbnail())\n\nCVE-2014-3710\n\n Fix bug #68283: fileinfo: out-of-bounds read in elf note headers\n\nAdditional bugfix\n\n Fix null byte handling in LDAP bindings in ldap-fix.patch\n\n\n\n", "edition": 7, "modified": "2014-11-25T22:00:28", "published": "2014-11-25T22:00:28", "id": "DEBIAN:DLA-94-1:92D05", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201411/msg00013.html", "title": "[SECURITY] [DLA 94-1] php5 security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:57", "bulletinFamily": "software", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "description": "exif_thumbnail&#40;&#41; memory corruption on JPEG parsing. XMLRPC buffer overflow. object_custom function&#40;&#41; integer overflow.", "edition": 1, "modified": "2014-11-03T00:00:00", "published": "2014-11-03T00:00:00", "id": "SECURITYVULNS:VULN:14056", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14056", "title": "PHP memory corruption", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:55", "bulletinFamily": "software", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2391-1\r\nOctober 30, 2014\r\n\r\nphp5 vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 14.10\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in PHP.\r\n\r\nSoftware Description:\r\n- php5: HTML-embedded scripting language interpreter\r\n\r\nDetails:\r\n\r\nSymeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime\r\nfunction. A remote attacker could possibly use this issue to cause PHP to\r\ncrash, resulting in a denial of service. &#40;CVE-2014-3668&#41;\r\n\r\nSymeon Paraschoudis discovered that PHP incorrectly handled unserializing\r\nobjects. A remote attacker could possibly use this issue to cause PHP to\r\ncrash, resulting in a denial of service. &#40;CVE-2014-3669&#41;\r\n\r\nOtto Ebeling discovered that PHP incorrectly handled the exif_thumbnail\r\nfunction. A remote attacker could use this issue to cause PHP to crash,\r\nresulting in a denial of service, or possibly execute arbitrary code.\r\n&#40;CVE-2014-3670&#41;\r\n\r\nFrancisco Alonso that PHP incorrectly handled ELF files in the fileinfo\r\nextension. A remote attacker could possibly use this issue to cause PHP to\r\ncrash, resulting in a denial of service. &#40;CVE-2014-3710&#41;\r\n\r\nIt was discovered that PHP incorrectly handled NULL bytes when processing\r\ncertain URLs with the curl functions. A remote attacker could possibly use\r\nthis issue to bypass filename restrictions and obtain access to sensitive\r\nfiles. &#40;No CVE number&#41;\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 14.10:\r\n libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.1\r\n php5-cgi 5.5.12+dfsg-2ubuntu4.1\r\n php5-cli 5.5.12+dfsg-2ubuntu4.1\r\n php5-curl 5.5.12+dfsg-2ubuntu4.1\r\n php5-fpm 5.5.12+dfsg-2ubuntu4.1\r\n php5-xmlrpc 5.5.12+dfsg-2ubuntu4.1\r\n\r\nUbuntu 14.04 LTS:\r\n libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.5\r\n php5-cgi 5.5.9+dfsg-1ubuntu4.5\r\n php5-cli 5.5.9+dfsg-1ubuntu4.5\r\n php5-curl 5.5.9+dfsg-1ubuntu4.5\r\n php5-fpm 5.5.9+dfsg-1ubuntu4.5\r\n php5-xmlrpc 5.5.9+dfsg-1ubuntu4.5\r\n\r\nUbuntu 12.04 LTS:\r\n libapache2-mod-php5 5.3.10-1ubuntu3.15\r\n php5-cgi 5.3.10-1ubuntu3.15\r\n php5-cli 5.3.10-1ubuntu3.15\r\n php5-curl 5.3.10-1ubuntu3.15\r\n php5-fpm 5.3.10-1ubuntu3.15\r\n php5-xmlrpc 5.3.10-1ubuntu3.15\r\n\r\nUbuntu 10.04 LTS:\r\n libapache2-mod-php5 5.3.2-1ubuntu4.28\r\n php5-cgi 5.3.2-1ubuntu4.28\r\n php5-cli 5.3.2-1ubuntu4.28\r\n php5-curl 5.3.2-1ubuntu4.28\r\n php5-xmlrpc 5.3.2-1ubuntu4.28\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2391-1\r\n CVE-2014-3668, CVE-2014-3669, CVE-2014-3670, CVE-2014-3710\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/php5/5.5.12+dfsg-2ubuntu4.1\r\n https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.5\r\n https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.15\r\n https://launchpad.net/ubuntu/+source/php5/5.3.2-1ubuntu4.28\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "modified": "2014-11-03T00:00:00", "published": "2014-11-03T00:00:00", "id": "SECURITYVULNS:DOC:31326", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31326", "title": "[USN-2391-1] php5 vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:55", "bulletinFamily": "software", "cvelist": ["CVE-2014-3670"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2014:202\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : php\r\n Date : October 23, 2014\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been discovered and corrected in php:\r\n \r\n A heap corruption issue was reported in PHP&#039;s exif_thumbnail&#40;&#41;\r\n function. A specially-crafted JPEG image could cause the PHP\r\n interpreter to crash or, potentially, execute arbitrary code\r\n &#40;CVE-2014-3670&#41;.\r\n \r\n The updated php packages have been upgraded to the 5.5.18 version\r\n resolve this security flaw.\r\n \r\n Additionally, php-apc has been rebuilt against the updated php\r\n packages.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670\r\n http://php.net/ChangeLog-5.php#5.5.18\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n b84db9e325102ccc20006f5e6ccb74a1 mbs1/x86_64/apache-mod_php-5.5.18-1.mbs1.x86_64.rpm\r\n 3ae59a3a698c2739ec14f1f148b92f29 mbs1/x86_64/lib64php5_common5-5.5.18-1.mbs1.x86_64.rpm\r\n ade8aaab55f610c54bc39aa68e56d153 mbs1/x86_64/php-apc-3.1.15-1.12.mbs1.x86_64.rpm\r\n 78169707954ef896c52611c354b79368 mbs1/x86_64/php-apc-admin-3.1.15-1.12.mbs1.x86_64.rpm\r\n ab9faf90ad2cbee0d595c3536757b1b2 mbs1/x86_64/php-bcmath-5.5.18-1.mbs1.x86_64.rpm\r\n bc0cc28f753e3d389b49974795ce2ccc mbs1/x86_64/php-bz2-5.5.18-1.mbs1.x86_64.rpm\r\n 1162526089cb1fb9fce42c26646e605d mbs1/x86_64/php-calendar-5.5.18-1.mbs1.x86_64.rpm\r\n 5760732b5f73910e6465e8ccbb765c1d mbs1/x86_64/php-cgi-5.5.18-1.mbs1.x86_64.rpm\r\n 6e38ac768c2085960c3aa0dc39e4d7a0 mbs1/x86_64/php-cli-5.5.18-1.mbs1.x86_64.rpm\r\n 985a2cae71704a360f607b4c2850eb2c mbs1/x86_64/php-ctype-5.5.18-1.mbs1.x86_64.rpm\r\n c8d1546ad51a8a5cd74d578333d89e0f mbs1/x86_64/php-curl-5.5.18-1.mbs1.x86_64.rpm\r\n 366687605290ff08a905f7b4ae67e5ca mbs1/x86_64/php-dba-5.5.18-1.mbs1.x86_64.rpm\r\n 0ae24b75bb2c73d57455610579ca6438 mbs1/x86_64/php-devel-5.5.18-1.mbs1.x86_64.rpm\r\n 18c5288d2420077c3d472c0eff231372 mbs1/x86_64/php-doc-5.5.18-1.mbs1.noarch.rpm\r\n 53fe9ddfe1ecc35b09da6ab4042844cb mbs1/x86_64/php-dom-5.5.18-1.mbs1.x86_64.rpm\r\n 78b98a326094e361314deba320d73584 mbs1/x86_64/php-enchant-5.5.18-1.mbs1.x86_64.rpm\r\n 8746b68c71c917878ec07c9891672c80 mbs1/x86_64/php-exif-5.5.18-1.mbs1.x86_64.rpm\r\n 8c998a6b4af589404d9d34a6a3cb8784 mbs1/x86_64/php-fileinfo-5.5.18-1.mbs1.x86_64.rpm\r\n a9215efa31cdcd8ca97e33f189aad25b mbs1/x86_64/php-filter-5.5.18-1.mbs1.x86_64.rpm\r\n 6dc0b37ef6ecf4f72176457a412d971b mbs1/x86_64/php-fpm-5.5.18-1.mbs1.x86_64.rpm\r\n 141583776c38c25fe198f42fe99ee2c4 mbs1/x86_64/php-ftp-5.5.18-1.mbs1.x86_64.rpm\r\n 3f3f9dea5d6e1ec1561d0b108ec6a0ba mbs1/x86_64/php-gd-5.5.18-1.mbs1.x86_64.rpm\r\n a9951b26680e9e4652101113007febf2 mbs1/x86_64/php-gettext-5.5.18-1.mbs1.x86_64.rpm\r\n 29c8abcd2df356cac390194290ce7c3b mbs1/x86_64/php-gmp-5.5.18-1.mbs1.x86_64.rpm\r\n 3194410dd2d76511732211bb40d5d9b0 mbs1/x86_64/php-hash-5.5.18-1.mbs1.x86_64.rpm\r\n 2e3953de46a8334dbcec5264a4f0a12e mbs1/x86_64/php-iconv-5.5.18-1.mbs1.x86_64.rpm\r\n 2928e4e3fe91bb55562b6b65aaba3ae7 mbs1/x86_64/php-imap-5.5.18-1.mbs1.x86_64.rpm\r\n d7d3c35bfbccca665919bc5943397bb5 mbs1/x86_64/php-ini-5.5.18-1.mbs1.x86_64.rpm\r\n 0913099a2defd61e8398fe0e20f66c4d mbs1/x86_64/php-intl-5.5.18-1.mbs1.x86_64.rpm\r\n 8ba4ebc4f791d030de275468938617df mbs1/x86_64/php-json-5.5.18-1.mbs1.x86_64.rpm\r\n 141fcf13af5eab6ca869017a7d59c8c9 mbs1/x86_64/php-ldap-5.5.18-1.mbs1.x86_64.rpm\r\n 961df415435d9b4b38693119edabcd0b mbs1/x86_64/php-mbstring-5.5.18-1.mbs1.x86_64.rpm\r\n 60ffb2d50b6c5ed1abaa5654ef259c9e mbs1/x86_64/php-mcrypt-5.5.18-1.mbs1.x86_64.rpm\r\n ab32e34ee6f479669be75492b62b1f82 mbs1/x86_64/php-mssql-5.5.18-1.mbs1.x86_64.rpm\r\n 7681ccf2b0a6111cb104be83467b260e mbs1/x86_64/php-mysql-5.5.18-1.mbs1.x86_64.rpm\r\n 9de3dec1b62dc2044861723730167bc4 mbs1/x86_64/php-mysqli-5.5.18-1.mbs1.x86_64.rpm\r\n 11c665b60f7e37c08d93d4b6b8f5cfcf mbs1/x86_64/php-mysqlnd-5.5.18-1.mbs1.x86_64.rpm\r\n c4fed88774a92ce914db7abe80a9a61d mbs1/x86_64/php-odbc-5.5.18-1.mbs1.x86_64.rpm\r\n c14cb622659a9931e2700ed236e68ae9 mbs1/x86_64/php-opcache-5.5.18-1.mbs1.x86_64.rpm\r\n fcd7e445e2212b08a8383f954a1df018 mbs1/x86_64/php-openssl-5.5.18-1.mbs1.x86_64.rpm\r\n 5d47874839404826e411554318711555 mbs1/x86_64/php-pcntl-5.5.18-1.mbs1.x86_64.rpm\r\n 0866b98e77b01c6f76618e9f3d76306d mbs1/x86_64/php-pdo-5.5.18-1.mbs1.x86_64.rpm\r\n 0a0f637484a3ddadccdfb11057f1fb5a mbs1/x86_64/php-pdo_dblib-5.5.18-1.mbs1.x86_64.rpm\r\n e357a83cbf035c367440c873d25ba4f2 mbs1/x86_64/php-pdo_mysql-5.5.18-1.mbs1.x86_64.rpm\r\n 0f1836cc0696ee375249aef058f0f245 mbs1/x86_64/php-pdo_odbc-5.5.18-1.mbs1.x86_64.rpm\r\n 98bc2715b3c1bf0cdcad9f492227abae mbs1/x86_64/php-pdo_pgsql-5.5.18-1.mbs1.x86_64.rpm\r\n 41c360d01b68b3bc77a21a6086ef194e mbs1/x86_64/php-pdo_sqlite-5.5.18-1.mbs1.x86_64.rpm\r\n 299d6a500a7e011b3b5be40c1a7735f5 mbs1/x86_64/php-pgsql-5.5.18-1.mbs1.x86_64.rpm\r\n da24102ba2f7a63eaaef0fecaa55beb5 mbs1/x86_64/php-phar-5.5.18-1.mbs1.x86_64.rpm\r\n efc3c6b8de4b15d79ea4bdc519fc8a8a mbs1/x86_64/php-posix-5.5.18-1.mbs1.x86_64.rpm\r\n d79178dae1c847185d8f7a5051a44825 mbs1/x86_64/php-readline-5.5.18-1.mbs1.x86_64.rpm\r\n 368cea97143ba8c8d72c9e59e1c50913 mbs1/x86_64/php-recode-5.5.18-1.mbs1.x86_64.rpm\r\n 68a93e38ecad3eaa241bc3cb2c0347cf mbs1/x86_64/php-session-5.5.18-1.mbs1.x86_64.rpm\r\n 9a0029d4250c30677ead8089acaf0c51 mbs1/x86_64/php-shmop-5.5.18-1.mbs1.x86_64.rpm\r\n 8c76cd1bf9e440e9648c619724417371 mbs1/x86_64/php-snmp-5.5.18-1.mbs1.x86_64.rpm\r\n 8f5693203a0d60f48e5619dbab2db416 mbs1/x86_64/php-soap-5.5.18-1.mbs1.x86_64.rpm\r\n 01790d54888a2d87b15bd3331c571449 mbs1/x86_64/php-sockets-5.5.18-1.mbs1.x86_64.rpm\r\n 85e4e04669bbe9c6e9de1ff78ff49274 mbs1/x86_64/php-sqlite3-5.5.18-1.mbs1.x86_64.rpm\r\n fc2bd0f9b54861470671f37a580a1d46 mbs1/x86_64/php-sybase_ct-5.5.18-1.mbs1.x86_64.rpm\r\n c3610251005ac7b319ed8f7bed344486 mbs1/x86_64/php-sysvmsg-5.5.18-1.mbs1.x86_64.rpm\r\n 4b82dbc9eaeaa45cbf32ce5756b5c3d0 mbs1/x86_64/php-sysvsem-5.5.18-1.mbs1.x86_64.rpm\r\n 3374366b7ea2ccc20308ed2adc8ec221 mbs1/x86_64/php-sysvshm-5.5.18-1.mbs1.x86_64.rpm\r\n 636bc7a540ccd06282de2d7ed0ab3690 mbs1/x86_64/php-tidy-5.5.18-1.mbs1.x86_64.rpm\r\n 16a11f259002930ee920440669445ff9 mbs1/x86_64/php-tokenizer-5.5.18-1.mbs1.x86_64.rpm\r\n a512fe6c82be2f4432b1ded3489edcbd mbs1/x86_64/php-wddx-5.5.18-1.mbs1.x86_64.rpm\r\n ef4e52504eb75fae14f3cc3c38bd4603 mbs1/x86_64/php-xml-5.5.18-1.mbs1.x86_64.rpm\r\n 4dea2a8396ac039df6d5959b9c39b63a mbs1/x86_64/php-xmlreader-5.5.18-1.mbs1.x86_64.rpm\r\n 947eb1384492d4aad886727ec8d9389c mbs1/x86_64/php-xmlrpc-5.5.18-1.mbs1.x86_64.rpm\r\n b2ebbda90c808ae5fe8d842f94fe8364 mbs1/x86_64/php-xmlwriter-5.5.18-1.mbs1.x86_64.rpm\r\n a8412459476cc34131aad1002580c909 mbs1/x86_64/php-xsl-5.5.18-1.mbs1.x86_64.rpm\r\n cc4d955eb39fb64cc5206d24aab0acaa mbs1/x86_64/php-zip-5.5.18-1.mbs1.x86_64.rpm\r\n 0da49615c744294db6a8e603b833a91a mbs1/x86_64/php-zlib-5.5.18-1.mbs1.x86_64.rpm \r\n a6e71411ed5b80fa7e5b428eefb0cc4d mbs1/SRPMS/php-5.5.18-1.mbs1.src.rpm\r\n b62ae9619949646fb87897dd48a59142 mbs1/SRPMS/php-apc-3.1.15-1.12.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFUSMrXmqjQ0CJFipgRAplJAJsHiEWftELp+nDph3P7sO+yESmQiQCfb02E\r\nOQ8AXlipI1KEvmS9qbcotMs=\r\n=xNV7\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2014-10-27T00:00:00", "published": "2014-10-27T00:00:00", "id": "SECURITYVULNS:DOC:31310", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31310", "title": "[ MDVSA-2014:202 ] php", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:59", "bulletinFamily": "software", "cvelist": ["CVE-2015-1144", "CVE-2015-1117", "CVE-2015-1102", "CVE-2014-4405", "CVE-2015-1096", "CVE-2014-3478", "CVE-2014-0231", "CVE-2014-3572", "CVE-2014-0237", "CVE-2014-3571", "CVE-2013-5704", "CVE-2014-3587", "CVE-2015-1132", "CVE-2014-3479", "CVE-2014-4670", "CVE-2015-1091", "CVE-2015-1148", "CVE-2015-1143", "CVE-2014-9298", "CVE-2014-3668", "CVE-2015-1149", "CVE-2014-8830", "CVE-2015-1145", "CVE-2014-0098", "CVE-2014-3480", "CVE-2015-1138", "CVE-2014-3981", "CVE-2015-1140", "CVE-2013-0118", "CVE-2014-0207", "CVE-2014-8275", "CVE-2014-3570", "CVE-2013-6438", "CVE-2015-1147", "CVE-2014-3669", "CVE-2015-1093", "CVE-2015-1545", "CVE-2014-3487", "CVE-2014-3538", "CVE-2014-5120", "CVE-2014-3597", "CVE-2015-1130", "CVE-2015-1136", "CVE-2015-1142", "CVE-2014-3710", "CVE-2015-1139", "CVE-2014-4698", "CVE-2014-3523", "CVE-2014-4049", "CVE-2014-3670", "CVE-2015-1546", "CVE-2015-0204", "CVE-2015-1105", "CVE-2015-1099", "CVE-2015-1146", "CVE-2015-1135", "CVE-2014-2497", "CVE-2015-1118", "CVE-2014-0118", "CVE-2015-1131", "CVE-2015-1137", "CVE-2015-1101", "CVE-2015-1103", "CVE-2015-1104", "CVE-2014-4404", "CVE-2015-1089", "CVE-2015-1133", "CVE-2015-1141", "CVE-2014-0117", "CVE-2015-1088", "CVE-2013-6712", "CVE-2015-1069", "CVE-2014-4380", "CVE-2015-1095", "CVE-2015-1098", "CVE-2014-3569", "CVE-2015-1100", "CVE-2014-0238", "CVE-2014-0226", "CVE-2015-1134"], "description": "80 different vulnerabilities.", "edition": 1, "modified": "2015-04-13T00:00:00", "published": "2015-04-13T00:00:00", "id": "SECURITYVULNS:VULN:14366", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14366", "title": "Apple Mac OS X multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:58", "bulletinFamily": "software", "cvelist": ["CVE-2015-1144", "CVE-2015-1117", "CVE-2015-1102", "CVE-2014-4405", "CVE-2015-1096", "CVE-2014-3478", "CVE-2014-0231", "CVE-2014-3572", "CVE-2014-0237", "CVE-2014-3571", "CVE-2013-5704", "CVE-2014-3587", "CVE-2015-1132", "CVE-2014-3479", "CVE-2014-4670", "CVE-2015-1091", "CVE-2015-1067", "CVE-2015-1148", "CVE-2015-1143", "CVE-2014-9298", "CVE-2014-3668", "CVE-2014-8830", "CVE-2015-1145", "CVE-2014-0098", "CVE-2014-3480", "CVE-2015-1138", "CVE-2014-3981", "CVE-2015-1140", "CVE-2013-0118", "CVE-2014-0207", "CVE-2014-8275", "CVE-2014-3570", "CVE-2013-6438", "CVE-2015-1147", "CVE-2014-3669", "CVE-2015-1093", "CVE-2015-1545", "CVE-2014-3487", "CVE-2014-3538", "CVE-2014-5120", "CVE-2014-3597", "CVE-2015-1130", "CVE-2015-1136", "CVE-2015-1142", "CVE-2014-3710", "CVE-2015-1139", "CVE-2014-4698", "CVE-2014-3523", "CVE-2014-4049", "CVE-2014-3670", "CVE-2015-1546", "CVE-2015-0204", "CVE-2015-1105", "CVE-2015-1099", "CVE-2015-1146", "CVE-2015-1135", "CVE-2014-2497", "CVE-2015-1118", "CVE-2014-0118", "CVE-2015-1131", "CVE-2015-1137", "CVE-2015-1101", "CVE-2015-1103", "CVE-2015-1104", "CVE-2014-4404", "CVE-2015-1089", "CVE-2015-1133", "CVE-2015-1141", "CVE-2014-0117", "CVE-2015-1088", "CVE-2013-6712", "CVE-2015-1069", "CVE-2014-4380", "CVE-2015-1095", "CVE-2015-1098", "CVE-2014-3569", "CVE-2015-1100", "CVE-2014-0238", "CVE-2014-0226", "CVE-2015-1134"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004\r\n\r\nOS X Yosemite 10.10.3 and Security Update 2015-004 are now available\r\nand address the following:\r\n\r\nAdmin Framework\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A process may gain admin privileges without properly\r\nauthenticating\r\nDescription: An issue existed when checking XPC entitlements. This\r\nissue was addressed with improved entitlement checking.\r\nCVE-ID\r\nCVE-2015-1130 : Emil Kvarnhammar at TrueSec\r\n\r\napache\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Multiple vulnerabilities in Apache\r\nDescription: Multiple vulnerabilities existed in Apache versions\r\nprior to 2.4.10 and 2.2.29, including one that may allow a remote\r\nattacker to execute arbitrary code. These issues were addressed by\r\nupdating Apache to versions 2.4.10 and 2.2.29\r\nCVE-ID\r\nCVE-2013-0118\r\nCVE-2013-5704\r\nCVE-2013-6438\r\nCVE-2014-0098\r\nCVE-2014-0117\r\nCVE-2014-0118\r\nCVE-2014-0226\r\nCVE-2014-0231\r\nCVE-2014-3523\r\n\r\nATS\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: Multiple input validation issues existed in fontd.\r\nThese issues were addressed through improved input validation.\r\nCVE-ID\r\nCVE-2015-1131 : Ian Beer of Google Project Zero\r\nCVE-2015-1132 : Ian Beer of Google Project Zero\r\nCVE-2015-1133 : Ian Beer of Google Project Zero\r\nCVE-2015-1134 : Ian Beer of Google Project Zero\r\nCVE-2015-1135 : Ian Beer of Google Project Zero\r\n\r\nCertificate Trust Policy\r\nImpact: Update to the certificate trust policy\r\nDescription: The certificate trust policy was updated. The complete\r\nlist of certificates may be viewed at https://support.apple.com/en-\r\nus/HT202858.\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Cookies belonging to one origin may be sent to another\r\norigin\r\nDescription: A cross-domain cookie issue existed in redirect\r\nhandling. Cookies set in a redirect response could be passed on to a\r\nredirect target belonging to another origin. The issue was address\r\nthrough improved handling of redirects.\r\nCVE-ID\r\nCVE-2015-1089 : Niklas Keller\r\n\r\nCFNetwork Session\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Authentication credentials may be sent to a server on\r\nanother origin\r\nDescription: A cross-domain HTTP request headers issue existed in\r\nredirect handling. HTTP request headers sent in a redirect response\r\ncould be passed on to another origin. The issue was addressed through\r\nimproved handling of redirects.\r\nCVE-ID\r\nCVE-2015-1091 : Diego Torres &#40;http://dtorres.me&#41;\r\n\r\nCFURL\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: An input validation issue existed within URL\r\nprocessing. This issue was addressed through improved URL validation.\r\nCVE-ID\r\nCVE-2015-1088 : Luigi Galli\r\n\r\nCoreAnimation\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A use-after-free issue existed in CoreAnimation. This\r\nissue was addressed through improved mutex management.\r\nCVE-ID\r\nCVE-2015-1136 : Apple\r\n\r\nFontParser\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nprocessing of font files. These issues were addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-1093 : Marc Schoenefeld\r\n\r\nGraphics Driver\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A NULL pointer dereference existed in NVIDIA graphics\r\ndriver&#39;s handling of certain IOService userclient types. This issue\r\nwas addressed through additional context validation.\r\nCVE-ID\r\nCVE-2015-1137 :\r\nFrank Graziano and John Villamil of the Yahoo Pentest Team\r\n\r\nHypervisor\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A local application may be able to cause a denial of service\r\nDescription: An input validation issue existed in the hypervisor\r\nframework. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-1138 : Izik Eidus and Alex Fishman\r\n\r\nImageIO\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Processing a maliciously crafted .sgi file may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\n.sgi files. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-1139 : Apple\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A malicious HID device may be able to cause arbitrary code\r\nexecution\r\nDescription: A memory corruption issue existed in an IOHIDFamily\r\nAPI. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1095 : Andrew Church\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A buffer overflow issue existed in IOHIDFamily. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1140 : lokihardt@ASRT working with HP&#39;s Zero Day Initiative,\r\nLuca Todesco\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed in IOHIDFamily that led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-1096 : Ilja van Sprundel of IOActive\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A heap buffer overflow existed in IOHIDFamily&#39;s\r\nhandling of key-mapping properties. This issue was addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2014-4404 : Ian Beer of Google Project Zero\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A null pointer dereference existed in IOHIDFamily&#39;s\r\nhandling of key-mapping properties. This issue was addressed through\r\nimproved validation of IOHIDFamily key-mapping properties.\r\nCVE-ID\r\nCVE-2014-4405 : Ian Beer of Google Project Zero\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5\r\nImpact: A user may be able to execute arbitrary code with system\r\nprivileges\r\nDescription: An out-of-bounds write issue exited in the IOHIDFamily\r\ndriver. The issue was addressed through improved input validation.\r\nCVE-ID\r\nCVE-2014-4380 : cunzhang from Adlab of Venustech\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to cause unexpected system shutdown\r\nDescription: An issue existed in the handling of virtual memory\r\noperations within the kernel. The issue is fixed through improved\r\nhandling of the mach_vm_read operation.\r\nCVE-ID\r\nCVE-2015-1141 : Ole Andre Vadla Ravnas of www.frida.re\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to cause a system denial of service\r\nDescription: A race condition existed in the kernel&#39;s setreuid\r\nsystem call. This issue was addressed through improved state\r\nmanagement.\r\nCVE-ID\r\nCVE-2015-1099 : Mark Mentovai of Google Inc.\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local application may escalate privileges using a\r\ncompromised service intended to run with reduced privileges\r\nDescription: setreuid and setregid system calls failed to drop\r\nprivileges permanently. This issue was addressed by correctly\r\ndropping privileges.\r\nCVE-ID\r\nCVE-2015-1117 : Mark Mentovai of Google Inc.\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: An attacker with a privileged network position may be able\r\nto redirect user traffic to arbitrary hosts\r\nDescription: ICMP redirects were enabled by default on OS X. This\r\nissue was addressed by disabling ICMP redirects.\r\nCVE-ID\r\nCVE-2015-1103 : Zimperium Mobile Security Labs\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: An attacker with a privileged network position may be able\r\nto cause a denial of service\r\nDescription: A state inconsistency existed in the processing of TCP\r\nheaders. This issue was addressed through improved state handling.\r\nCVE-ID\r\nCVE-2015-1102 : Andrey Khudyakov and Maxim Zhuravlev of Kaspersky Lab\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to cause unexpected system\r\ntermination or read kernel memory\r\nDescription: A out of bounds memory access issue existed in the\r\nkernel. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1100 : Maxime Villard of m00nbsd\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A remote attacker may be able to bypass network filters\r\nDescription: The system would treat some IPv6 packets from remote\r\nnetwork interfaces as local packets. The issue was addressed by\r\nrejecting these packets.\r\nCVE-ID\r\nCVE-2015-1104 : Stephen Roettger of the Google Security Team\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1101 : lokihardt@ASRT working with HP&#39;s Zero Day Initiative\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A remote attacker may be able to cause a denial of service\r\nDescription: A state inconsistency issue existed in the handling of\r\nTCP out of band data. This issue was addressed through improved state\r\nmanagement.\r\nCVE-ID\r\nCVE-2015-1105 : Kenton Varda of Sandstorm.io\r\n\r\nLaunchServices\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to cause the Finder to crash\r\nDescription: An input validation issue existed in LaunchServices&#39;s\r\nhandling of application localization data. This issue was addressed\r\nthrough improved validation of localization data.\r\nCVE-ID\r\nCVE-2015-1142\r\n\r\nLaunchServices\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A type confusion issue existed in LaunchServices&#39;s\r\nhandling of localized strings. This issue was addressed through\r\nadditional bounds checking.\r\nCVE-ID\r\nCVE-2015-1143 : Apple\r\n\r\nlibnetcore\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Processing a maliciously crafted configuration profile may\r\nlead to unexpected application termination\r\nDescription: A memory corruption issue existed in the handling of\r\nconfiguration profiles. This issue was addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-1118 : Zhaofeng Chen, Hui Xue, Yulong Zhang, and Tao Wei of\r\nFireEye, Inc.\r\n\r\nntp\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A remote attacker may brute force ntpd authentication keys\r\nDescription: The config_auth function in ntpd generated a weak key\r\nwhen an authentication key was not configured. This issue was\r\naddressed by improved key generation.\r\nCVE-ID\r\nCVE-2014-9298\r\n\r\nOpenLDAP\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A remote unauthenticated client may be able to cause a\r\ndenial of service\r\nDescription: Multiple input validation issues existed in OpenLDAP.\r\nThese issues were addressed by improved input validation.\r\nCVE-ID\r\nCVE-2015-1545 : Ryan Tandy\r\nCVE-2015-1546 : Ryan Tandy\r\n\r\nOpenSSL\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Multiple vulnerabilities in OpenSSL\r\nDescription: Multiple vulnerabilities existed in OpenSSL 0.9.8zc,\r\nincluding one that may allow an attacker to intercept connections to\r\na server that supports export-grade ciphers. These issues were\r\naddressed by updating OpenSSL to version 0.9.8zd.\r\nCVE-ID\r\nCVE-2014-3569\r\nCVE-2014-3570\r\nCVE-2014-3571\r\nCVE-2014-3572\r\nCVE-2014-8275\r\nCVE-2015-0204\r\n\r\nOpen Directory Client\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A password might be sent unencrypted over the network when\r\nusing Open Directory from OS X Server\r\nDescription: If an Open Directory client was bound to an OS X Server\r\nbut did not install the certificates of the OS X Server, and then a\r\nuser on that client changed their password, the password change\r\nrequest was sent over the network without encryption. This issue was\r\naddressed by having the client require encryption for this case.\r\nCVE-ID\r\nCVE-2015-1147 : Apple\r\n\r\nPHP\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Multiple vulnerabilities in PHP\r\nDescription: Multiple vulnerabilities existed in PHP versions prior\r\nto 5.3.29, 5.4.38, and 5.5.20, including one which may have led to\r\narbitrary code execution. This update addresses the issues by\r\nupdating PHP to versions 5.3.29, 5.4.38, and 5.5.20.\r\nCVE-ID\r\nCVE-2013-6712\r\nCVE-2014-0207\r\nCVE-2014-0237\r\nCVE-2014-0238\r\nCVE-2014-2497\r\nCVE-2014-3478\r\nCVE-2014-3479\r\nCVE-2014-3480\r\nCVE-2014-3487\r\nCVE-2014-3538\r\nCVE-2014-3587\r\nCVE-2014-3597\r\nCVE-2014-3668\r\nCVE-2014-3669\r\nCVE-2014-3670\r\nCVE-2014-3710\r\nCVE-2014-3981\r\nCVE-2014-4049\r\nCVE-2014-4670\r\nCVE-2014-4698\r\nCVE-2014-5120\r\n\r\nQuickLook\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Opening a maliciously crafted iWork file may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\niWork files. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-1098 : Christopher Hickstein\r\n\r\nSceneKit\r\nAvailable for: OS X Mountain Lion v10.8.5\r\nImpact: Viewing a maliciously crafted Collada file may lead to\r\narbitrary code execution\r\nDescription: A heap buffer overflow existed in SceneKit&#39;s handling\r\nof Collada files. Viewing a maliciously crafted Collada file may have\r\nled to arbitrary code execution. This issue was addressed through\r\nimproved validation of accessor elements.\r\nCVE-ID\r\nCVE-2014-8830 : Jose Duart of Google Security Team\r\n\r\nScreen Sharing\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A user&#39;s password may be logged to a local file\r\nDescription: In some circumstances, Screen Sharing may log a user&#39;s\r\npassword that is not readable by other users on the system. This\r\nissue was addressed by removing logging of credential.\r\nCVE-ID\r\nCVE-2015-1148 : Apple\r\n\r\nSecurity - Code Signing\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Tampered applications may not be prevented from launching\r\nDescription: Applications containing specially crafted bundles may\r\nhave been able to launch without a completely valid signature. This\r\nissue was addressed by adding additional checks.\r\nCVE-ID\r\nCVE-2015-1145\r\nCVE-2015-1146\r\n\r\nUniformTypeIdentifiers\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A buffer overflow existed in the way Uniform Type\r\nIdentifiers were handled. This issue was addressed with improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-1144 : Apple\r\n\r\nWebKit\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A memory corruption issue existed in WebKit. This\r\nissues was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1069 : lokihardt@ASRT working with HP&#39;s Zero Day Initiative\r\n\r\nSecurity Update 2015-004 &#40;available for OS X Mountain Lion v10.8.5\r\nand OS X Mavericks v10.9.5&#41; also addresses an issue caused by the fix\r\nfor CVE-2015-1067 in Security Update 2015-002. This issue prevented\r\nRemote Apple Events clients on any version from connecting to the\r\nRemote Apple Events server. In default configurations, Remote Apple\r\nEvents is not enabled.\r\n\r\nOS X Yosemite 10.10.3 includes the security content of Safari 8.0.5.\r\nhttps://support.apple.com/en-us/HT204658\r\n\r\nOS X Yosemite 10.10.3 and Security Update 2015-004 may be obtained\r\nfrom the Mac App Store or Apple&#39;s Software Downloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple&#39;s Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 &#40;Darwin&#41;\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJVJKj2AAoJEBcWfLTuOo7tDh4QAK0LxfwMRKcdOXOKpXsRz6lg\r\nlhZ+CLVcSepq8qBkFQ74f3B5CuhxD0IGQPaAuSXl51tWYdfN+92tkbmyZ9k8901l\r\n+I0vw6upeE+oqRnGtSRzq68UhcARbdV8V1+C0Xl3IIuuHc+xlEgvklDhF9Pc8XM6\r\nDudGiVNqt6MOqd5Oc4s4FFF0nnpnyG9+UJem3mi4Ee88PwI4x1Hev7utPPmaPDzj\r\ncjkVeislko3QArNJxtBpkYudErA4eR5OX8Tdf12jAmPTtjrXUb3VigEf78Nna0RW\r\nkHTOGdB5EZ+YFZ8KlyIQlENBjTtI8CGdCF4/S/2xDN83NTRsimd5Y7LSjdd0uANo\r\npqxAc3Gzn5xngWF1Qbb6V+XZBfz5NoeTq5BXBB5OHz4PSGaQuMsBA2RYFMzNLqWv\r\nD/T5U1JtzRLALt0lYAz63B0OhW7KXeLI9oer1Vo4wWF9O9cUFyuSI4JU5uYLQpJX\r\nkEpSFt4YPFFxMnlzCLzLkmVGax4w9M/tRHYeSKAnRlnsoPBtIGFItlNZE2RduD/R\r\n5n2APoJa3banQ8miycGORYP3WsktDRZzBy+2QPWuz8sE3AvAkO9xWp8PrQBkqf/b\r\n6CIG5UkCYITG2uzBXqnGbfDiEDvBLNN1Yq0ZZI23iYRxrdW0I0pv1CHio354q12G\r\nvVE37tYUU4PnLfwlcazq\r\n=MOsT\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2015-04-09T00:00:00", "published": "2015-04-09T00:00:00", "id": "SECURITYVULNS:DOC:31890", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31890", "title": "APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "threatpost": [{"lastseen": "2018-10-06T22:57:58", "bulletinFamily": "info", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "description": "**UPDATE** Developers at PHP recently pushed out a series of patches to fix a handful of vulnerabilities, including one that can lead to a heap-based buffer overflow.\n\nResearchers at the Swiss firm High-Tech Bridge dug up the vulnerabilities in versions 5.6.1, 5.5.17, and 5.4.33 of the framework.\n\nThe biggest and most serious bug, CVE-2014-3669, deals with the unserialize() function in 32-bit systems. While PHP was quick to patch the issue in late September, it wasn\u2019t until this week that High-Tech Bridge delved deeper into the flaw and published a step-by-step walkthrough of their proof of concept.\n\nLooking at code snippets from PHP through a debugger, researchers got PHP to crash when it came across \u201cthe frame zero line 356, followed by its caller at line 387.\u201d\n\nPlaying around with values, they were able to overflow the integer, which in turn got the code to point to an invalid memory address.\n\nIn [his write-up of the bug](<https://www.htbridge.com/blog/cve_2014_3669_integer_overflow_in_unserialize_php_function.html>), Symeon Paraschoudis, a researcher at the firm, dubs it a read access violation but admits that it\u2019s probably not exploitable.\n\nStefan Esser, an independent security consultant and PHP expert, echoed those thoughts, and concurred that this particular integer overflow is not exploitable as there are no writes inside unserialize() to that buffer.\n\nRegardless, the bug must have been a cause for concern for PHP developers; Paraschoudis disclosed the bug on Sept. 25 and [PHP pushed a patch just three days later](<https://bugs.php.net/bug.php?id=68044>).\n\nStanislav Malyshev, a PHP developer, called it a \u201creal bug,\u201d [at the time](<https://bugs.php.net/bug.php?id=68044>) and claimed that it could be leveraged to trigger at least crash, theoretically info disclosure.\u201d\n\nThe patch, which was included alongside two other issues (CVE-2014-3668 and CVE-2014-3670) in the framework for versions [5.6.2](<http://php.net/archive/2014.php#id2014-10-16-3>), [5.5.18](<http://php.net/archive/2014.php#id2014-10-16-1>) and [5.4.34](<http://php.net/archive/2014.php#id2014-10-16-2>) last week, both fixes the issue and prevents PHP from crashing or segfaulting, a memory access violation that can lead to crashing.\n\n_Note: This article was updated on October 27 to add comments from PHP security expert Stefan Esser._\n", "modified": "2014-10-27T20:30:01", "published": "2014-10-22T13:33:23", "id": "THREATPOST:24B2243A9CE72574CE8C218BC61048D9", "href": "https://threatpost.com/php-patches-vulnerabilities-including-remote-code-execution-flaw/108960/", "type": "threatpost", "title": "PHP Patches Buffer Overflow Vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-17T12:49:16", "description": "From Red Hat Security Advisory 2014:1824 :\n\nUpdated php packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted\nXML-RPC request or response could possibly cause a PHP application to\ncrash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.", "edition": 21, "published": "2014-11-07T00:00:00", "title": "Oracle Linux 5 : php (ELSA-2014-1824)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3669", "CVE-2014-8626", "CVE-2014-3670"], "modified": "2014-11-07T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:php-ldap", "p-cpe:/a:oracle:linux:php-devel", "p-cpe:/a:oracle:linux:php-common", "p-cpe:/a:oracle:linux:php-imap", "p-cpe:/a:oracle:linux:php-mbstring", "p-cpe:/a:oracle:linux:php-ncurses", "p-cpe:/a:oracle:linux:php-soap", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:php-snmp", "p-cpe:/a:oracle:linux:php", "p-cpe:/a:oracle:linux:php-gd", "p-cpe:/a:oracle:linux:php-mysql", "p-cpe:/a:oracle:linux:php-pdo", "p-cpe:/a:oracle:linux:php-xmlrpc", "p-cpe:/a:oracle:linux:php-bcmath", "p-cpe:/a:oracle:linux:php-dba", "p-cpe:/a:oracle:linux:php-odbc", "p-cpe:/a:oracle:linux:php-cli", "p-cpe:/a:oracle:linux:php-pgsql", "p-cpe:/a:oracle:linux:php-xml"], "id": "ORACLELINUX_ELSA-2014-1824.NASL", "href": "https://www.tenable.com/plugins/nessus/78908", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:1824 and \n# Oracle Linux Security Advisory ELSA-2014-1824 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78908);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n script_bugtraq_id(70611, 70665, 70928);\n script_xref(name:\"RHSA\", value:\"2014:1824\");\n\n script_name(english:\"Oracle Linux 5 : php (ELSA-2014-1824)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:1824 :\n\nUpdated php packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted\nXML-RPC request or response could possibly cause a PHP application to\ncrash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-November/004623.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"php-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-bcmath-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-cli-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-common-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-dba-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-devel-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-gd-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-imap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-ldap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-mbstring-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-mysql-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-ncurses-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-odbc-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-pdo-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-pgsql-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-snmp-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-soap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-xml-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-xmlrpc-5.1.6-45.el5_11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:48:32", "description": "A buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted\nXML-RPC request or response could possibly cause a PHP application to\ncrash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAfter installing the updated packages, the httpd daemon must be\nrestarted for the update to take effect.", "edition": 14, "published": "2014-11-10T00:00:00", "title": "Scientific Linux Security Update : php on SL5.x i386/x86_64 (20141106)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3669", "CVE-2014-8626", "CVE-2014-3670"], "modified": "2014-11-10T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:php-pgsql", "p-cpe:/a:fermilab:scientific_linux:php-xmlrpc", "p-cpe:/a:fermilab:scientific_linux:php-mbstring", "p-cpe:/a:fermilab:scientific_linux:php", "p-cpe:/a:fermilab:scientific_linux:php-cli", "p-cpe:/a:fermilab:scientific_linux:php-common", "p-cpe:/a:fermilab:scientific_linux:php-dba", "p-cpe:/a:fermilab:scientific_linux:php-debuginfo", "p-cpe:/a:fermilab:scientific_linux:php-soap", "p-cpe:/a:fermilab:scientific_linux:php-pdo", "p-cpe:/a:fermilab:scientific_linux:php-snmp", "p-cpe:/a:fermilab:scientific_linux:php-odbc", "p-cpe:/a:fermilab:scientific_linux:php-imap", "p-cpe:/a:fermilab:scientific_linux:php-ldap", "p-cpe:/a:fermilab:scientific_linux:php-xml", "p-cpe:/a:fermilab:scientific_linux:php-ncurses", "p-cpe:/a:fermilab:scientific_linux:php-bcmath", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:php-gd", "p-cpe:/a:fermilab:scientific_linux:php-mysql", "p-cpe:/a:fermilab:scientific_linux:php-devel"], "id": "SL_20141106_PHP_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/79082", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79082);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n\n script_name(english:\"Scientific Linux Security Update : php on SL5.x i386/x86_64 (20141106)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted\nXML-RPC request or response could possibly cause a PHP application to\ncrash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAfter installing the updated packages, the httpd daemon must be\nrestarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1411&L=scientific-linux-errata&T=0&P=2298\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?11798c86\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"php-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-bcmath-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-cli-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-common-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-dba-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-debuginfo-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-devel-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-gd-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-imap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-ldap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-mbstring-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-mysql-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-ncurses-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-odbc-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-pdo-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-pgsql-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-snmp-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-soap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-xml-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-xmlrpc-5.1.6-45.el5_11\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:29:51", "description": "Updated php packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted\nXML-RPC request or response could possibly cause a PHP application to\ncrash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.", "edition": 24, "published": "2014-11-07T00:00:00", "title": "CentOS 5 : php (CESA-2014:1824)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3669", "CVE-2014-8626", "CVE-2014-3670"], "modified": "2014-11-07T00:00:00", "cpe": ["p-cpe:/a:centos:centos:php-mbstring", "p-cpe:/a:centos:centos:php-bcmath", "p-cpe:/a:centos:centos:php-pgsql", "p-cpe:/a:centos:centos:php", "p-cpe:/a:centos:centos:php-ldap", "p-cpe:/a:centos:centos:php-snmp", "p-cpe:/a:centos:centos:php-xml", "p-cpe:/a:centos:centos:php-pdo", "p-cpe:/a:centos:centos:php-gd", "p-cpe:/a:centos:centos:php-mysql", "p-cpe:/a:centos:centos:php-cli", "p-cpe:/a:centos:centos:php-common", "p-cpe:/a:centos:centos:php-devel", "p-cpe:/a:centos:centos:php-odbc", "p-cpe:/a:centos:centos:php-imap", "p-cpe:/a:centos:centos:php-soap", "p-cpe:/a:centos:centos:php-dba", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:php-xmlrpc", "p-cpe:/a:centos:centos:php-ncurses"], "id": "CENTOS_RHSA-2014-1824.NASL", "href": "https://www.tenable.com/plugins/nessus/78895", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1824 and \n# CentOS Errata and Security Advisory 2014:1824 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78895);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n script_bugtraq_id(70611, 70665, 70928);\n script_xref(name:\"RHSA\", value:\"2014:1824\");\n\n script_name(english:\"CentOS 5 : php (CESA-2014:1824)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted\nXML-RPC request or response could possibly cause a PHP application to\ncrash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-November/020743.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?78f3ff81\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3669\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-bcmath-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-cli-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-common-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-dba-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-devel-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-gd-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-imap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-ldap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-mbstring-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-mysql-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-ncurses-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-odbc-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-pdo-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-pgsql-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-snmp-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-soap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-xml-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-xmlrpc-5.1.6-45.el5_11\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:15:07", "description": "Updated php packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted\nXML-RPC request or response could possibly cause a PHP application to\ncrash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.", "edition": 26, "published": "2014-11-07T00:00:00", "title": "RHEL 5 : php (RHSA-2014:1824)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3669", "CVE-2014-8626", "CVE-2014-3670"], "modified": "2014-11-07T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:php-debuginfo", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-pgsql", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:php-xml", "p-cpe:/a:redhat:enterprise_linux:php-ldap", "p-cpe:/a:redhat:enterprise_linux:php-soap", "p-cpe:/a:redhat:enterprise_linux:php-common", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-odbc", "p-cpe:/a:redhat:enterprise_linux:php-imap", "p-cpe:/a:redhat:enterprise_linux:php-xmlrpc", "p-cpe:/a:redhat:enterprise_linux:php-mysql", "p-cpe:/a:redhat:enterprise_linux:php-snmp", "p-cpe:/a:redhat:enterprise_linux:php-pdo", "p-cpe:/a:redhat:enterprise_linux:php-ncurses", "p-cpe:/a:redhat:enterprise_linux:php", "p-cpe:/a:redhat:enterprise_linux:php-cli", "p-cpe:/a:redhat:enterprise_linux:php-dba", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-gd"], "id": "REDHAT-RHSA-2014-1824.NASL", "href": "https://www.tenable.com/plugins/nessus/78909", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1824. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78909);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n script_bugtraq_id(70611, 70665, 70928);\n script_xref(name:\"RHSA\", value:\"2014:1824\");\n\n script_name(english:\"RHEL 5 : php (RHSA-2014:1824)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted\nXML-RPC request or response could possibly cause a PHP application to\ncrash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3670\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-8626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1824\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1824\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-bcmath-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-bcmath-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-bcmath-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-cli-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-cli-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-cli-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-common-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-common-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-common-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-dba-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-dba-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-dba-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-debuginfo-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-debuginfo-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-debuginfo-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-devel-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-devel-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-devel-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-gd-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-gd-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-gd-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-imap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-imap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-imap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-ldap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-ldap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-ldap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-mbstring-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-mbstring-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-mbstring-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-mysql-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-mysql-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-mysql-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-ncurses-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-ncurses-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-ncurses-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-odbc-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-odbc-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-odbc-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-pdo-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-pdo-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-pdo-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-pgsql-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-pgsql-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-pgsql-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-snmp-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-snmp-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-snmp-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-soap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-soap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-soap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-xml-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-xml-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-xml-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-xmlrpc-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-xmlrpc-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.1.6-45.el5_11\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T13:26:04", "description": "According to its banner, the version of PHP 5.6.x installed on the\nremote host is prior to 5.6.2. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - A buffer overflow error exists in the function\n 'mkgmtime' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3668)\n\n - An integer overflow error exists in the function\n 'unserialize' that can allow denial of service attacks.\n Note that this only affects 32-bit instances.\n (CVE-2014-3669)\n\n - A heap corruption error exists in the function\n 'exif_thumbnail' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3670)\n\n - An input-validation error exists in the cURL extension's\n file 'ext/curl/interface.c' and NULL option handling\n that can allow information disclosure. (Bug #68089)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.", "edition": 26, "published": "2014-10-17T00:00:00", "title": "PHP 5.6.x < 5.6.2 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2014-10-17T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_6_2.NASL", "href": "https://www.tenable.com/plugins/nessus/78547", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78547);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_bugtraq_id(70611, 70665, 70666);\n\n script_name(english:\"PHP 5.6.x < 5.6.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of PHP.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.6.x installed on the\nremote host is prior to 5.6.2. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - A buffer overflow error exists in the function\n 'mkgmtime' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3668)\n\n - An integer overflow error exists in the function\n 'unserialize' that can allow denial of service attacks.\n Note that this only affects 32-bit instances.\n (CVE-2014-3669)\n\n - A heap corruption error exists in the function\n 'exif_thumbnail' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3670)\n\n - An input-validation error exists in the cURL extension's\n file 'ext/curl/interface.c' and NULL option handling\n that can allow information disclosure. (Bug #68089)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.6.2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.6.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3669\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.6)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.6\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.6.x\", port);\n\nif (version =~ \"^5\\.6\\.[01]($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.6.2' + \n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T14:37:37", "description": "This update fixes the following vulnerabilities in php :\n\n - Heap corruption issue in exif_thumbnail().\n (CVE-2014-3670)\n\n - Integer overflow in unserialize(). (CVE-2014-3669)\n\n - Xmlrpc ISO8601 date format parsing out-of-bounds read in\n mkgmtime(). (CVE-2014-3668)", "edition": 17, "published": "2014-11-18T00:00:00", "title": "SuSE 11.3 Security Update : php53 (SAT Patch Number 9916)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2014-11-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:php53-fileinfo", "p-cpe:/a:novell:suse_linux:11:php53-ftp", "p-cpe:/a:novell:suse_linux:11:php53-mysql", "p-cpe:/a:novell:suse_linux:11:php53-calendar", "p-cpe:/a:novell:suse_linux:11:php53-curl", "p-cpe:/a:novell:suse_linux:11:php53-zlib", "p-cpe:/a:novell:suse_linux:11:php53-soap", "p-cpe:/a:novell:suse_linux:11:php53-sysvshm", "p-cpe:/a:novell:suse_linux:11:php53-xmlwriter", "p-cpe:/a:novell:suse_linux:11:php53-bz2", "p-cpe:/a:novell:suse_linux:11:php53-wddx", "p-cpe:/a:novell:suse_linux:11:php53-suhosin", "p-cpe:/a:novell:suse_linux:11:php53-sysvmsg", "p-cpe:/a:novell:suse_linux:11:php53-odbc", "p-cpe:/a:novell:suse_linux:11:php53-ldap", "p-cpe:/a:novell:suse_linux:11:php53-gd", "p-cpe:/a:novell:suse_linux:11:php53-xsl", "p-cpe:/a:novell:suse_linux:11:php53-ctype", "p-cpe:/a:novell:suse_linux:11:php53-pear", "p-cpe:/a:novell:suse_linux:11:php53-bcmath", "p-cpe:/a:novell:suse_linux:11:php53-pcntl", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:php53-dom", "p-cpe:/a:novell:suse_linux:11:php53-openssl", "p-cpe:/a:novell:suse_linux:11:php53-mbstring", "p-cpe:/a:novell:suse_linux:11:php53-intl", "p-cpe:/a:novell:suse_linux:11:php53-xmlrpc", "p-cpe:/a:novell:suse_linux:11:php53-sysvsem", "p-cpe:/a:novell:suse_linux:11:php53-iconv", "p-cpe:/a:novell:suse_linux:11:php53-pspell", "p-cpe:/a:novell:suse_linux:11:php53-exif", "p-cpe:/a:novell:suse_linux:11:php53-pdo", "p-cpe:/a:novell:suse_linux:11:php53-tokenizer", "p-cpe:/a:novell:suse_linux:11:php53-zip", "p-cpe:/a:novell:suse_linux:11:php53-dba", "p-cpe:/a:novell:suse_linux:11:php53-fastcgi", "p-cpe:/a:novell:suse_linux:11:apache2-mod_php53", "p-cpe:/a:novell:suse_linux:11:php53-pgsql", "p-cpe:/a:novell:suse_linux:11:php53-xmlreader", "p-cpe:/a:novell:suse_linux:11:php53-gmp", "p-cpe:/a:novell:suse_linux:11:php53-mcrypt", "p-cpe:/a:novell:suse_linux:11:php53", "p-cpe:/a:novell:suse_linux:11:php53-json", "p-cpe:/a:novell:suse_linux:11:php53-shmop", "p-cpe:/a:novell:suse_linux:11:php53-gettext", "p-cpe:/a:novell:suse_linux:11:php53-snmp"], "id": "SUSE_11_APACHE2-MOD_PHP53-141028.NASL", "href": "https://www.tenable.com/plugins/nessus/79307", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79307);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n\n script_name(english:\"SuSE 11.3 Security Update : php53 (SAT Patch Number 9916)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following vulnerabilities in php :\n\n - Heap corruption issue in exif_thumbnail().\n (CVE-2014-3670)\n\n - Integer overflow in unserialize(). (CVE-2014-3669)\n\n - Xmlrpc ISO8601 date format parsing out-of-bounds read in\n mkgmtime(). (CVE-2014-3668)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=902357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=902360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=902368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3668.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3669.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3670.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9916.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"apache2-mod_php53-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-bcmath-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-bz2-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-calendar-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ctype-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-curl-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-dba-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-dom-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-exif-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-fastcgi-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-fileinfo-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ftp-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gd-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gettext-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gmp-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-iconv-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-intl-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-json-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ldap-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mbstring-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mcrypt-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mysql-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-odbc-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-openssl-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pcntl-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pdo-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pear-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pgsql-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pspell-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-shmop-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-snmp-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-soap-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-suhosin-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvmsg-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvsem-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvshm-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-tokenizer-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-wddx-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlreader-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlrpc-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlwriter-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xsl-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-zip-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-zlib-5.3.17-0.31.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:28:01", "description": " - security update :\n\n - CVE-2014-3670 [bnc#902357]\n\n - CVE-2014-3669 [bnc#902360]\n\n - CVE-2014-3668 [bnc#902368]\n\n - added patches :\n\n - php-CVE-2014-3670.patch\n\n - php-CVE-2014-3669.patch\n\n - php-CVE-2014-3668.patch", "edition": 16, "published": "2014-11-11T00:00:00", "title": "openSUSE Security Update : php5 (openSUSE-SU-2014:1377-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2014-11-11T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "cpe:/o:novell:opensuse:13.1", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-ldap"], "id": "OPENSUSE-2014-636.NASL", "href": "https://www.tenable.com/plugins/nessus/79102", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-636.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79102);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-SU-2014:1377-1)\");\n script_summary(english:\"Check for the openSUSE-2014-636 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - security update :\n\n - CVE-2014-3670 [bnc#902357]\n\n - CVE-2014-3669 [bnc#902360]\n\n - CVE-2014-3668 [bnc#902368]\n\n - added patches :\n\n - php-CVE-2014-3670.patch\n\n - php-CVE-2014-3669.patch\n\n - php-CVE-2014-3668.patch\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-11/msg00024.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_php5-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_php5-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bcmath-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bcmath-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bz2-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bz2-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-calendar-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-calendar-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ctype-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ctype-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-curl-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-curl-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dba-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dba-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-debugsource-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-devel-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dom-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dom-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-enchant-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-enchant-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-exif-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-exif-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fastcgi-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fastcgi-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fileinfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fileinfo-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fpm-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fpm-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ftp-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ftp-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gd-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gd-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gettext-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gettext-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gmp-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gmp-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-iconv-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-iconv-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-imap-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-imap-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-intl-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-intl-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-json-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-json-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ldap-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ldap-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mbstring-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mbstring-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mcrypt-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mcrypt-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mssql-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mssql-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mysql-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mysql-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-odbc-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-odbc-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-openssl-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-openssl-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pcntl-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pcntl-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pdo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pdo-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pear-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pgsql-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pgsql-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-phar-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-phar-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-posix-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-posix-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pspell-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pspell-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-readline-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-readline-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-shmop-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-shmop-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-snmp-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-snmp-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-soap-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-soap-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sockets-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sockets-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sqlite-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sqlite-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-suhosin-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-suhosin-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvmsg-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvmsg-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvsem-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvsem-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvshm-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvshm-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tidy-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tidy-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tokenizer-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tokenizer-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-wddx-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-wddx-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlreader-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlreader-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlrpc-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlrpc-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlwriter-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlwriter-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xsl-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xsl-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zip-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zip-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zlib-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zlib-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debugsource-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-devel-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pear-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-debuginfo-5.4.20-34.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T13:25:53", "description": "According to its banner, the version of PHP 5.4.x installed on the\nremote host is prior to 5.4.34. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - A buffer overflow error exists in the function\n 'mkgmtime' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3668)\n\n - An integer overflow error exists in the function\n 'unserialize' that can allow denial of service attacks.\n Note that this only affects 32-bit instances.\n (CVE-2014-3669)\n\n - A heap corruption error exists in the function\n 'exif_thumbnail' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3670)\n\n - An input-validation error exists in the cURL extension's\n file 'ext/curl/interface.c' and NULL option handling\n that can allow information disclosure. (Bug #68089)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.", "edition": 26, "published": "2014-10-17T00:00:00", "title": "PHP 5.4.x < 5.4.34 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2014-10-17T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_4_34.NASL", "href": "https://www.tenable.com/plugins/nessus/78545", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78545);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_bugtraq_id(70611, 70665, 70666);\n\n script_name(english:\"PHP 5.4.x < 5.4.34 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of PHP.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.4.x installed on the\nremote host is prior to 5.4.34. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - A buffer overflow error exists in the function\n 'mkgmtime' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3668)\n\n - An integer overflow error exists in the function\n 'unserialize' that can allow denial of service attacks.\n Note that this only affects 32-bit instances.\n (CVE-2014-3669)\n\n - A heap corruption error exists in the function\n 'exif_thumbnail' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3670)\n\n - An input-validation error exists in the cURL extension's\n file 'ext/curl/interface.c' and NULL option handling\n that can allow information disclosure. (Bug #68089)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.4.34\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.4.34 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3669\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.4)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.4\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.4.x\", port);\n\nif (version =~ \"^5\\.4\\.([0-9]|[12][0-9]|3[0-3])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.4.34' + \n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T01:18:56", "description": "An out of bounds read flaw was found in the way the xmlrpc extension\nparsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)", "edition": 23, "published": "2014-11-03T00:00:00", "title": "Amazon Linux AMI : php55 (ALAS-2014-435)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php55-debuginfo", "p-cpe:/a:amazon:linux:php55-mssql", "p-cpe:/a:amazon:linux:php55-fpm", "p-cpe:/a:amazon:linux:php55-pspell", "p-cpe:/a:amazon:linux:php55", "p-cpe:/a:amazon:linux:php55-tidy", "p-cpe:/a:amazon:linux:php55-opcache", "p-cpe:/a:amazon:linux:php55-gd", "p-cpe:/a:amazon:linux:php55-odbc", "p-cpe:/a:amazon:linux:php55-mcrypt", "p-cpe:/a:amazon:linux:php55-recode", "p-cpe:/a:amazon:linux:php55-embedded", "p-cpe:/a:amazon:linux:php55-gmp", "p-cpe:/a:amazon:linux:php55-mbstring", "p-cpe:/a:amazon:linux:php55-pdo", "p-cpe:/a:amazon:linux:php55-cli", "p-cpe:/a:amazon:linux:php55-soap", "p-cpe:/a:amazon:linux:php55-imap", "p-cpe:/a:amazon:linux:php55-dba", "p-cpe:/a:amazon:linux:php55-xml", "p-cpe:/a:amazon:linux:php55-devel", "p-cpe:/a:amazon:linux:php55-intl", "p-cpe:/a:amazon:linux:php55-common", "p-cpe:/a:amazon:linux:php55-enchant", "p-cpe:/a:amazon:linux:php55-pgsql", "p-cpe:/a:amazon:linux:php55-process", "p-cpe:/a:amazon:linux:php55-snmp", "p-cpe:/a:amazon:linux:php55-xmlrpc", "p-cpe:/a:amazon:linux:php55-ldap", "p-cpe:/a:amazon:linux:php55-bcmath", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:php55-mysqlnd"], "id": "ALA_ALAS-2014-435.NASL", "href": "https://www.tenable.com/plugins/nessus/78778", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-435.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78778);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_xref(name:\"ALAS\", value:\"2014-435\");\n\n script_name(english:\"Amazon Linux AMI : php55 (ALAS-2014-435)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An out of bounds read flaw was found in the way the xmlrpc extension\nparsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-435.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php55' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php55-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-bcmath-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-cli-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-common-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-dba-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-debuginfo-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-devel-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-embedded-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-enchant-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-fpm-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-gd-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-gmp-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-imap-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-intl-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-ldap-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mbstring-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mcrypt-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mssql-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mysqlnd-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-odbc-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-opcache-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pdo-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pgsql-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-process-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pspell-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-recode-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-snmp-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-soap-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-tidy-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-xml-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-xmlrpc-5.5.18-1.92.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php55 / php55-bcmath / php55-cli / php55-common / php55-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:28:01", "description": " - security update :\n\n - CVE-2014-3670 [bnc#902357]\n\n - CVE-2014-3669 [bnc#902360]\n\n - CVE-2014-3668 [bnc#902368]\n\n - added patches :\n\n - php-CVE-2014-3670.patch\n\n - php-CVE-2014-3669.patch\n\n - php-CVE-2014-3668.patch", "edition": 16, "published": "2014-11-12T00:00:00", "title": "openSUSE Security Update : php5 (openSUSE-SU-2014:1391-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2014-11-12T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-opcache", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:php5-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-opcache-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-ldap"], "id": "OPENSUSE-2014-645.NASL", "href": "https://www.tenable.com/plugins/nessus/79198", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-645.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79198);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-SU-2014:1391-1)\");\n script_summary(english:\"Check for the openSUSE-2014-645 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - security update :\n\n - CVE-2014-3670 [bnc#902357]\n\n - CVE-2014-3669 [bnc#902360]\n\n - CVE-2014-3668 [bnc#902368]\n\n - added patches :\n\n - php-CVE-2014-3670.patch\n\n - php-CVE-2014-3669.patch\n\n - php-CVE-2014-3668.patch\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-11/msg00034.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debugsource-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-devel-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pear-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-debuginfo-5.6.1-4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:37:55", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "description": "Symeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime \nfunction. A remote attacker could possibly use this issue to cause PHP to \ncrash, resulting in a denial of service. (CVE-2014-3668)\n\nSymeon Paraschoudis discovered that PHP incorrectly handled unserializing \nobjects. A remote attacker could possibly use this issue to cause PHP to \ncrash, resulting in a denial of service. (CVE-2014-3669)\n\nOtto Ebeling discovered that PHP incorrectly handled the exif_thumbnail \nfunction. A remote attacker could use this issue to cause PHP to crash, \nresulting in a denial of service, or possibly execute arbitrary code. \n(CVE-2014-3670)\n\nFrancisco Alonso that PHP incorrectly handled ELF files in the fileinfo \nextension. A remote attacker could possibly use this issue to cause PHP to \ncrash, resulting in a denial of service. (CVE-2014-3710)\n\nIt was discovered that PHP incorrectly handled NULL bytes when processing \ncertain URLs with the curl functions. A remote attacker could possibly use \nthis issue to bypass filename restrictions and obtain access to sensitive \nfiles. (No CVE number)", "edition": 5, "modified": "2014-10-30T00:00:00", "published": "2014-10-30T00:00:00", "id": "USN-2391-1", "href": "https://ubuntu.com/security/notices/USN-2391-1", "title": "php5 vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "hackerone": [{"lastseen": "2018-08-31T00:39:13", "bulletinFamily": "bugbounty", "bounty": 500.0, "cvelist": ["CVE-2014-3669"], "description": "https://bugs.php.net/bug.php?id=68044", "modified": "2015-10-15T00:00:00", "published": "2015-09-18T00:00:00", "id": "H1:104012", "href": "https://hackerone.com/reports/104012", "type": "hackerone", "title": "PHP (IBB): Integer overflow in unserialize() (32-bits only)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3670"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server. ", "modified": "2014-11-01T16:41:03", "published": "2014-11-01T16:41:03", "id": "FEDORA:27DD261EADCB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: php-5.6.2-1.fc21", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-6420", "CVE-2014-0185", "CVE-2014-3670"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server. ", "modified": "2014-10-23T06:23:25", "published": "2014-10-23T06:23:25", "id": "FEDORA:EE5BE60DC923", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: php-5.5.18-1.fc20", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4718", "CVE-2013-4113", "CVE-2013-4248", "CVE-2013-6420", "CVE-2014-0185", "CVE-2014-3670"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server. ", "modified": "2014-10-28T06:35:04", "published": "2014-10-28T06:35:04", "id": "FEDORA:3079E60D68D9", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: php-5.5.18-1.fc19", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-09-04T12:09:51", "bulletinFamily": "unix", "cvelist": ["CVE-2014-9705", "CVE-2015-2787", "CVE-2015-0232", "CVE-2015-4601", "CVE-2014-9767", "CVE-2016-4342", "CVE-2015-2783", "CVE-2015-8873", "CVE-2015-5161", "CVE-2015-3329", "CVE-2014-3478", "CVE-2016-4540", "CVE-2016-4538", "CVE-2015-4644", "CVE-2015-8879", "CVE-2015-1352", "CVE-2016-3185", "CVE-2016-4544", "CVE-2015-2301", "CVE-2014-3515", "CVE-2014-3479", "CVE-2015-8867", "CVE-2014-9709", "CVE-2014-4670", "CVE-2015-2305", "CVE-2016-4543", "CVE-2014-3668", "CVE-2015-0273", "CVE-2016-4542", "CVE-2016-4541", "CVE-2014-3480", "CVE-2014-8142", "CVE-2015-4148", "CVE-2006-7243", "CVE-2014-0207", "CVE-2016-2554", "CVE-2014-3669", "CVE-2015-4024", "CVE-2015-8835", "CVE-2015-4021", "CVE-2014-3487", "CVE-2014-3597", "CVE-2015-6836", "CVE-2015-3152", "CVE-2015-4602", "CVE-2015-4026", "CVE-2015-6833", "CVE-2014-4721", "CVE-2016-4070", "CVE-2014-4698", "CVE-2015-8874", "CVE-2015-3411", "CVE-2015-4116", "CVE-2014-4049", "CVE-2015-6831", "CVE-2014-3670", "CVE-2015-5590", "CVE-2015-4600", "CVE-2015-4022", "CVE-2014-9652", "CVE-2015-3412", "CVE-2016-4539", "CVE-2015-6837", "CVE-2016-5093", "CVE-2016-5094", "CVE-2016-5095", "CVE-2016-4073", "CVE-2015-7803", "CVE-2014-5459", "CVE-2015-4603", "CVE-2015-4599", "CVE-2016-5096", "CVE-2015-4598", "CVE-2015-8866", "CVE-2015-5589", "CVE-2016-3141", "CVE-2015-4643", "CVE-2015-8838", "CVE-2016-4346", "CVE-2015-0231", "CVE-2016-5114", "CVE-2004-1019", "CVE-2016-3142", "CVE-2015-6838", "CVE-2016-4537"], "edition": 1, "description": "This update for php53 to version 5.3.17 fixes the following issues:\n\n These security issues were fixed:\n - CVE-2016-5093: get_icu_value_internal out-of-bounds read (bnc#982010).\n - CVE-2016-5094: Don't create strings with lengths outside int range\n (bnc#982011).\n - CVE-2016-5095: Don't create strings with lengths outside int range\n (bnc#982012).\n - CVE-2016-5096: int/size_t confusion in fread (bsc#982013).\n - CVE-2016-5114: fpm_log.c memory leak and buffer overflow (bnc#982162).\n - CVE-2015-8879: The odbc_bindcols function in ext/odbc/php_odbc.c in PHP\n mishandles driver behavior for SQL_WVARCHAR columns, which allowed\n remote attackers to cause a denial of service (application crash) in\n opportunistic circumstances by leveraging use of the odbc_fetch_array\n function to access a certain type of Microsoft SQL Server table\n (bsc#981050).\n - CVE-2015-4116: Use-after-free vulnerability in the spl_ptr_heap_insert\n function in ext/spl/spl_heap.c in PHP allowed remote attackers to\n execute arbitrary code by triggering a failed SplMinHeap::compare\n operation (bsc#980366).\n - CVE-2015-8874: Stack consumption vulnerability in GD in PHP allowed\n remote attackers to cause a denial of service via a crafted\n imagefilltoborder call (bsc#980375).\n - CVE-2015-8873: Stack consumption vulnerability in Zend/zend_exceptions.c\n in PHP allowed remote attackers to cause a denial of service\n (segmentation fault) via recursive method calls (bsc#980373).\n - CVE-2016-4540: The grapheme_stripos function in\n ext/intl/grapheme/grapheme_string.c in PHP allowed remote attackers to\n cause a denial of service (out-of-bounds read) or possibly have\n unspecified other impact via a negative offset (bsc#978829).\n - CVE-2016-4541: The grapheme_strpos function in\n ext/intl/grapheme/grapheme_string.c in PHP allowed remote attackers to\n cause a denial of service (out-of-bounds read) or possibly have\n unspecified other impact via a negative offset (bsc#978829.\n - CVE-2016-4542: The exif_process_IFD_TAG function in ext/exif/exif.c in\n PHP did not properly construct spprintf arguments, which allowed remote\n attackers to cause a denial of service (out-of-bounds read) or possibly\n have unspecified other impact via crafted header data (bsc#978830).\n - CVE-2016-4543: The exif_process_IFD_in_JPEG function in ext/exif/exif.c\n in PHP did not validate IFD sizes, which allowed remote attackers to\n cause a denial of service (out-of-bounds read) or possibly have\n unspecified other impact via crafted header data (bsc#978830.\n - CVE-2016-4544: The exif_process_TIFF_in_JPEG function in ext/exif/exif.c\n in PHP did not validate TIFF start data, which allowed remote attackers\n to cause a denial of service (out-of-bounds read) or possibly have\n unspecified other impact via crafted header data (bsc#978830.\n - CVE-2016-4537: The bcpowmod function in ext/bcmath/bcmath.c in PHP\n accepted a negative integer for the scale argument, which allowed remote\n attackers to cause a denial of service or possibly have unspecified\n other impact via a crafted call (bsc#978827).\n - CVE-2016-4538: The bcpowmod function in ext/bcmath/bcmath.c in PHP\n modified certain data structures without considering whether they are\n copies of the _zero_, _one_, or _two_ global variable, which allowed\n remote attackers to cause a denial of service or possibly have\n unspecified other impact via a crafted call (bsc#978827).\n - CVE-2016-4539: The xml_parse_into_struct function in ext/xml/xml.c in\n PHP allowed remote attackers to cause a denial of service (buffer\n under-read and segmentation fault) or possibly have unspecified other\n impact via crafted XML data in the second argument, leading to a parser\n level of zero (bsc#978828).\n - CVE-2016-4342: ext/phar/phar_object.c in PHP mishandles zero-length\n uncompressed data, which allowed remote attackers to cause a denial of\n service (heap memory corruption) or possibly have unspecified other\n impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive (bsc#977991).\n - CVE-2016-4346: Integer overflow in the str_pad function in\n ext/standard/string.c in PHP allowed remote attackers to cause a denial\n of service or possibly have unspecified other impact via a long string,\n leading to a heap-based buffer overflow (bsc#977994).\n - CVE-2016-4073: Multiple integer overflows in the mbfl_strcut function in\n ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP allowed remote attackers to\n cause a denial of service (application crash) or possibly execute\n arbitrary code via a crafted mb_strcut call (bsc#977003).\n - CVE-2015-8867: The openssl_random_pseudo_bytes function in\n ext/openssl/openssl.c in PHP incorrectly relied on the deprecated\n RAND_pseudo_bytes function, which made it easier for remote attackers to\n defeat cryptographic protection mechanisms via unspecified vectors\n (bsc#977005).\n - CVE-2016-4070: Integer overflow in the php_raw_url_encode function in\n ext/standard/url.c in PHP allowed remote attackers to cause a denial of\n service (application crash) via a long string to the rawurlencode\n function (bsc#976997).\n - CVE-2015-8866: ext/libxml/libxml.c in PHP when PHP-FPM is used, did not\n isolate each thread from libxml_disable_entity_loader changes in other\n threads, which allowed remote attackers to conduct XML External Entity\n (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document,\n a related issue to CVE-2015-5161 (bsc#976996).\n - CVE-2015-8838: ext/mysqlnd/mysqlnd.c in PHP used a client SSL option to\n mean that SSL is optional, which allowed man-in-the-middle attackers to\n spoof servers via a cleartext-downgrade attack, a related issue to\n CVE-2015-3152 (bsc#973792).\n - CVE-2015-8835: The make_http_soap_request function in\n ext/soap/php_http.c in PHP did not properly retrieve keys, which allowed\n remote attackers to cause a denial of service (NULL pointer dereference,\n type confusion, and application crash) or possibly execute arbitrary\n code via crafted serialized data representing a numerically indexed\n _cookies array, related to the SoapClient::__call method in\n ext/soap/soap.c (bsc#973351).\n - CVE-2016-3141: Use-after-free vulnerability in wddx.c in the WDDX\n extension in PHP allowed remote attackers to cause a denial of service\n (memory corruption and application crash) or possibly have unspecified\n other impact by triggering a wddx_deserialize call on XML data\n containing a crafted var element (bsc#969821).\n - CVE-2016-3142: The phar_parse_zipfile function in zip.c in the PHAR\n extension in PHP allowed remote attackers to obtain sensitive\n information from process memory or cause a denial of service\n (out-of-bounds read and application crash) by placing a PK\\x05\\x06\n signature at an invalid location (bsc#971912).\n - CVE-2014-9767: Directory traversal vulnerability in the\n ZipArchive::extractTo function in ext/zip/php_zip.c in PHP\n ext/zip/ext_zip.cpp in HHVM allowed remote attackers to create arbitrary\n empty directories via a crafted ZIP archive (bsc#971612).\n - CVE-2016-3185: The make_http_soap_request function in\n ext/soap/php_http.c in PHP allowed remote attackers to obtain sensitive\n information from process memory or cause a denial of service (type\n confusion and application crash) via crafted serialized _cookies data,\n related to the SoapClient::__call method in ext/soap/soap.c (bsc#971611).\n - CVE-2016-2554: Stack-based buffer overflow in ext/phar/tar.c in PHP\n allowed remote attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a crafted TAR\n archive (bsc#968284).\n - CVE-2015-7803: The phar_get_entry_data function in ext/phar/util.c in\n PHP allowed remote attackers to cause a denial of service (NULL pointer\n dereference and application crash) via a .phar file with a crafted TAR\n archive entry in which the Link indicator references a file that did not\n exist (bsc#949961).\n - CVE-2015-6831: Multiple use-after-free vulnerabilities in SPL in PHP\n allowed remote attackers to execute arbitrary code via vectors involving\n (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList,\n which are mishandled during unserialization (bsc#942291).\n - CVE-2015-6833: Directory traversal vulnerability in the PharData class\n in PHP allowed remote attackers to write to arbitrary files via a ..\n (dot dot) in a ZIP archive entry that is mishandled during an extractTo\n call (bsc#942296.\n - CVE-2015-6836: The SoapClient __call method in ext/soap/soap.c in PHP\n did not properly manage headers, which allowed remote attackers to\n execute arbitrary code via crafted serialized data that triggers a &quot;type\n confusion&quot; in the serialize_function_call function (bsc#945428).\n - CVE-2015-6837: The xsl_ext_function_php function in\n ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did not consider\n the possibility of a NULL valuePop return value proceeding with a free\n operation during initial error checking, which allowed remote attackers\n to cause a denial of service (NULL pointer dereference and application\n crash) via a crafted XML document, a different vulnerability than\n CVE-2015-6838 (bsc#945412).\n - CVE-2015-6838: The xsl_ext_function_php function in\n ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did not consider\n the possibility of a NULL valuePop return value proceeding with a free\n operation after the principal argument loop, which allowed remote\n attackers to cause a denial of service (NULL pointer dereference and\n application crash) via a crafted XML document, a different vulnerability\n than CVE-2015-6837 (bsc#945412).\n - CVE-2015-5590: Stack-based buffer overflow in the phar_fix_filepath\n function in ext/phar/phar.c in PHP allowed remote attackers to cause a\n denial of service or possibly have unspecified other impact via a large\n length value, as demonstrated by mishandling of an e-mail attachment by\n the imap PHP extension (bsc#938719).\n - CVE-2015-5589: The phar_convert_to_other function in\n ext/phar/phar_object.c in PHP did not validate a file pointer a close\n operation, which allowed remote attackers to cause a denial of service\n (segmentation fault) or possibly have unspecified other impact via a\n crafted TAR archive that is mishandled in a Phar::convertToData call\n (bsc#938721).\n - CVE-2015-4602: The __PHP_Incomplete_Class function in\n ext/standard/incomplete_class.c in PHP allowed remote attackers to cause\n a denial of service (application crash) or possibly execute arbitrary\n code via an unexpected data type, related to a &quot;type confusion&quot; issue\n (bsc#935224).\n - CVE-2015-4599: The SoapFault::__toString method in ext/soap/soap.c in\n PHP allowed remote attackers to obtain sensitive information, cause a\n denial of service (application crash), or possibly execute arbitrary\n code via an unexpected data type, related to a &quot;type confusion&quot; issue\n (bsc#935226).\n - CVE-2015-4600: The SoapClient implementation in PHP allowed remote\n attackers to cause a denial of service (application crash) or possibly\n execute arbitrary code via an unexpected data type, related to &quot;type\n confusion&quot; issues in the (1) SoapClient::__getLastRequest, (2)\n SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders,\n (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies,\n and (6) SoapClient::__setCookie methods (bsc#935226).\n - CVE-2015-4601: PHP allowed remote attackers to cause a denial of service\n (application crash) or possibly execute arbitrary code via an unexpected\n data type, related to &quot;type confusion&quot; issues in (1)\n ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3)\n ext/soap/soap.c, a different issue than CVE-2015-4600 (bsc#935226.\n - CVE-2015-4603: The exception::getTraceAsString function in\n Zend/zend_exceptions.c in PHP allowed remote attackers to execute\n arbitrary code via an unexpected data type, related to a &quot;type\n confusion&quot; issue (bsc#935234).\n - CVE-2015-4644: The php_pgsql_meta_data function in pgsql.c in the\n PostgreSQL (aka pgsql) extension in PHP did not validate token\n extraction for table names, which might allowed remote attackers to\n cause a denial of service (NULL pointer dereference and application\n crash) via a crafted name. NOTE: this vulnerability exists because of an\n incomplete fix for CVE-2015-1352 (bsc#935274).\n - CVE-2015-4643: Integer overflow in the ftp_genlist function in\n ext/ftp/ftp.c in PHP allowed remote FTP servers to execute arbitrary\n code via a long reply to a LIST command, leading to a heap-based buffer\n overflow. NOTE: this vulnerability exists because of an incomplete fix\n for CVE-2015-4022 (bsc#935275).\n - CVE-2015-3411: PHP did not ensure that pathnames lack %00 sequences,\n which might have allowed remote attackers to read or write to arbitrary\n files via crafted input to an application that calls (1) a DOMDocument\n load method, (2) the xmlwriter_open_uri function, (3) the finfo_file\n function, or (4) the hash_hmac_file function, as demonstrated by a\n filename\\0.xml attack that bypasses an intended configuration in which\n client users may read only .xml files (bsc#935227).\n - CVE-2015-3412: PHP did not ensure that pathnames lack %00 sequences,\n which might have allowed remote attackers to read arbitrary files via\n crafted input to an application that calls the\n stream_resolve_include_path function in ext/standard/streamsfuncs.c, as\n demonstrated by a filename\\0.extension attack that bypasses an intended\n configuration in which client users may read files with only one\n specific extension (bsc#935229).\n - CVE-2015-4598: PHP did not ensure that pathnames lack %00 sequences,\n which might have allowed remote attackers to read or write to arbitrary\n files via crafted input to an application that calls (1) a DOMDocument\n save method or (2) the GD imagepsloadfont function, as demonstrated by a\n filename\\0.html attack that bypasses an intended configuration in which\n client users may write to only .html files (bsc#935232).\n - CVE-2015-4148: The do_soap_call function in ext/soap/soap.c in PHP did\n not verify that the uri property is a string, which allowed remote\n attackers to obtain sensitive information by providing crafted\n serialized data with an int data type, related to a &quot;type confusion&quot;\n issue (bsc#933227).\n - CVE-2015-4024: Algorithmic complexity vulnerability in the\n multipart_buffer_headers function in main/rfc1867.c in PHP allowed\n remote attackers to cause a denial of service (CPU consumption) via\n crafted form data that triggers an improper order-of-growth outcome\n (bsc#931421).\n - CVE-2015-4026: The pcntl_exec implementation in PHP truncates a pathname\n upon encountering a \\x00 character, which might allowed remote attackers\n to bypass intended extension restrictions and execute files with\n unexpected names via a crafted first argument. NOTE: this vulnerability\n exists because of an incomplete fix for CVE-2006-7243 (bsc#931776).\n - CVE-2015-4022: Integer overflow in the ftp_genlist function in\n ext/ftp/ftp.c in PHP allowed remote FTP servers to execute arbitrary\n code via a long reply to a LIST command, leading to a heap-based buffer\n overflow (bsc#931772).\n - CVE-2015-4021: The phar_parse_tarfile function in ext/phar/tar.c in PHP\n did not verify that the first character of a filename is different from\n the \\0 character, which allowed remote attackers to cause a denial of\n service (integer underflow and memory corruption) via a crafted entry in\n a tar archive (bsc#931769).\n - CVE-2015-3329: Multiple stack-based buffer overflows in the\n phar_set_inode function in phar_internal.h in PHP allowed remote\n attackers to execute arbitrary code via a crafted length value in a (1)\n tar, (2) phar, or (3) ZIP archive (bsc#928506).\n - CVE-2015-2783: ext/phar/phar.c in PHP allowed remote attackers to obtain\n sensitive information from process memory or cause a denial of service\n (buffer over-read and application crash) via a crafted length value in\n conjunction with crafted serialized data in a phar archive, related to\n the phar_parse_metadata and phar_parse_pharfile functions (bsc#928511).\n - CVE-2015-2787: Use-after-free vulnerability in the process_nested_data\n function in ext/standard/var_unserializer.re in PHP allowed remote\n attackers to execute arbitrary code via a crafted unserialize call that\n leverages use of the unset function within an __wakeup function, a\n related issue to CVE-2015-0231 (bsc#924972).\n - CVE-2014-9709: The GetCode_ function in gd_gif_in.c in GD 2.1.1 and\n earlier, as used in PHP allowed remote attackers to cause a denial of\n service (buffer over-read and application crash) via a crafted GIF image\n that is improperly handled by the gdImageCreateFromGif function\n (bsc#923945).\n - CVE-2015-2301: Use-after-free vulnerability in the phar_rename_archive\n function in phar_object.c in PHP allowed remote attackers to cause a\n denial of service or possibly have unspecified other impact via vectors\n that trigger an attempted renaming of a Phar archive to the name of an\n existing file (bsc#922452).\n - CVE-2015-2305: Integer overflow in the regcomp implementation in the\n Henry Spencer BSD regex library (aka rxspencer) 32-bit platforms might\n have allowed context-dependent attackers to execute arbitrary code via a\n large regular expression that leads to a heap-based buffer overflow\n (bsc#921950).\n - CVE-2014-9705: Heap-based buffer overflow in the\n enchant_broker_request_dict function in ext/enchant/enchant.c in PHP\n allowed remote attackers to execute arbitrary code via vectors that\n trigger creation of multiple dictionaries (bsc#922451).\n - CVE-2015-0273: Multiple use-after-free vulnerabilities in\n ext/date/php_date.c in PHP allowed remote attackers to execute arbitrary\n code via crafted serialized input containing a (1) R or (2) r type\n specifier in (a) DateTimeZone data handled by the\n php_date_timezone_initialize_from_hash function or (b) DateTime data\n handled by the php_date_initialize_from_hash function (bsc#918768).\n - CVE-2014-9652: The mconvert function in softmagic.c in file as used in\n the Fileinfo component in PHP did not properly handle a certain\n string-length field during a copy of a truncated version of a Pascal\n string, which might allowed remote attackers to cause a denial of\n service (out-of-bounds memory access and application crash) via a\n crafted file (bsc#917150).\n - CVE-2014-8142: Use-after-free vulnerability in the process_nested_data\n function in ext/standard/var_unserializer.re in PHP allowed remote\n attackers to execute arbitrary code via a crafted unserialize call that\n leverages improper handling of duplicate keys within the serialized\n properties of an object, a different vulnerability than CVE-2004-1019\n (bsc#910659).\n - CVE-2015-0231: Use-after-free vulnerability in the process_nested_data\n function in ext/standard/var_unserializer.re in PHP allowed remote\n attackers to execute arbitrary code via a crafted unserialize call that\n leverages improper handling of duplicate numerical keys within the\n serialized properties of an object. NOTE: this vulnerability exists\n because of an incomplete fix for CVE-2014-8142 (bsc#910659).\n - CVE-2014-8142: Use-after-free vulnerability in the process_nested_data\n function in ext/standard/var_unserializer.re in PHP allowed remote\n attackers to execute arbitrary code via a crafted unserialize call that\n leverages improper handling of duplicate keys within the serialized\n properties of an object, a different vulnerability than CVE-2004-1019\n (bsc#910659).\n - CVE-2015-0232: The exif_process_unicode function in ext/exif/exif.c in\n PHP allowed remote attackers to execute arbitrary code or cause a denial\n of service (uninitialized pointer free and application crash) via\n crafted EXIF data in a JPEG image (bsc#914690).\n - CVE-2014-3670: The exif_ifd_make_value function in exif.c in the EXIF\n extension in PHP operates on floating-point arrays incorrectly, which\n allowed remote attackers to cause a denial of service (heap memory\n corruption and application crash) or possibly execute arbitrary code via\n a crafted JPEG image with TIFF thumbnail data that is improperly handled\n by the exif_thumbnail function (bsc#902357).\n - CVE-2014-3669: Integer overflow in the object_custom function in\n ext/standard/var_unserializer.c in PHP allowed remote attackers to cause\n a denial of service (application crash) or possibly execute arbitrary\n code via an argument to the unserialize function that triggers\n calculation of a large length value (bsc#902360).\n - CVE-2014-3668: Buffer overflow in the date_from_ISO8601 function in the\n mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in\n PHP allowed remote attackers to cause a denial of service (application\n crash) via (1) a crafted first argument to the xmlrpc_set_type function\n or (2) a crafted argument to the xmlrpc_decode function, related to an\n out-of-bounds read operation (bsc#902368).\n - CVE-2014-5459: The PEAR_REST class in REST.php in PEAR in PHP allowed\n local users to write to arbitrary files via a symlink attack on a (1)\n rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to\n the retrieveCacheFirst and useLocalCache functions (bsc#893849).\n - CVE-2014-3597: Multiple buffer overflows in the php_parserr function in\n ext/standard/dns.c in PHP allowed remote DNS servers to cause a denial\n of service (application crash) or possibly execute arbitrary code via a\n crafted DNS record, related to the dns_get_record function and the\n dn_expand function. NOTE: this issue exists because of an incomplete fix\n for CVE-2014-4049 (bsc#893853).\n - CVE-2014-4670: Use-after-free vulnerability in ext/spl/spl_dllist.c in\n the SPL component in PHP allowed context-dependent attackers to cause a\n denial of service or possibly have unspecified other impact via crafted\n iterator usage within applications in certain web-hosting environments\n (bsc#886059).\n - CVE-2014-4698: Use-after-free vulnerability in ext/spl/spl_array.c in\n the SPL component in PHP allowed context-dependent attackers to cause a\n denial of service or possibly have unspecified other impact via crafted\n ArrayIterator usage within applications in certain web-hosting\n environments (bsc#886060).\n - CVE-2014-4721: The phpinfo implementation in ext/standard/info.c in PHP\n did not ensure use of the string data type for the PHP_AUTH_PW,\n PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might\n allowed context-dependent attackers to obtain sensitive information from\n process memory by using the integer data type with crafted values,\n related to a &quot;type confusion&quot; vulnerability, as demonstrated by reading\n a private SSL key in an Apache HTTP Server web-hosting environment with\n mod_ssl and a PHP 5.3.x mod_php (bsc#885961).\n - CVE-2014-0207: The cdf_read_short_sector function in cdf.c in file as\n used in the Fileinfo component in PHP allowed remote attackers to cause\n a denial of service (assertion failure and application exit) via a\n crafted CDF file (bsc#884986).\n - CVE-2014-3478: Buffer overflow in the mconvert function in softmagic.c\n in file as used in the Fileinfo component in PHP allowed remote\n attackers to cause a denial of service (application crash) via a crafted\n Pascal string in a FILE_PSTRING conversion (bsc#884987).\n - CVE-2014-3479: The cdf_check_stream_offset function in cdf.c in file as\n used in the Fileinfo component in PHP relies on incorrect sector-size\n data, which allowed remote attackers to cause a denial of service\n (application crash) via a crafted stream offset in a CDF file\n (bsc#884989).\n - CVE-2014-3480: The cdf_count_chain function in cdf.c in file as used in\n the Fileinfo component in PHP did not properly validate sector-count\n data, which allowed remote attackers to cause a denial of service\n (application crash) via a crafted CDF file (bsc#884990).\n - CVE-2014-3487: The cdf_read_property_info function in file as used in\n the Fileinfo component in PHP did not properly validate a stream offset,\n which allowed remote attackers to cause a denial of service (application\n crash) via a crafted CDF file (bsc#884991).\n - CVE-2014-3515: The SPL component in PHP incorrectly anticipates that\n certain data structures will have the array data type after\n unserialization, which allowed remote attackers to execute arbitrary\n code via a crafted string that triggers use of a Hashtable destructor,\n related to &quot;type confusion&quot; issues in (1) ArrayObject and (2)\n SPLObjectStorage (bsc#884992).\n\n These non-security issues were fixed:\n - bnc#935074: compare with SQL_NULL_DATA correctly\n - bnc#935074: fix segfault in odbc_fetch_array\n - bnc#919080: fix timezone map\n - bnc#925109: unserialize SoapClient type confusion\n\n", "modified": "2016-06-21T13:08:17", "published": "2016-06-21T13:08:17", "id": "SUSE-SU-2016:1638-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00041.html", "title": "Security update for php53 (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}