Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT_UNPATCHED_PHP-RHEL5.NASL
HistoryJun 03, 2024 - 12:00 a.m.

RHEL 5 : php (Unpatched Vulnerability)

2024-06-0300:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
1
redhat enterprise linux
unpatched vulnerability
php
buffer overflow
uninitialized read
ip2long function
cve-2016-2554
cve-2019-9641
cve-2006-4023
nessus scanner

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

Low

0.969 High

EPSS

Percentile

99.7%

JSON

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

  • php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554)

  • php: Uninitialized read in exif_process_IFD_in_TIFF (CVE-2019-9641)

  • The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers to obtain network information and facilitate other attacks, as demonstrated using SQL injection in the X-FORWARDED-FOR Header in index.php in MiniBB 2.0.
    NOTE: it could be argued that the ip2long behavior represents a risk for security-relevant issues in a way that is similar to strcpy’s role in buffer overflows, in which case this would be a class of implementation bugs that would require separate CVE items for each PHP application that uses ip2long in a security-relevant manner. (CVE-2006-4023)

Note that Nessus has not tested for these issues but has instead relied on the package manager’s report that the package is installed.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory php. The text
# itself is copyright (C) Red Hat, Inc.
##

include('compat.inc');

if (description)
{
  script_id(198485);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/04");

  script_cve_id(
    "CVE-2006-4023",
    "CVE-2010-4657",
    "CVE-2011-0753",
    "CVE-2011-1153",
    "CVE-2011-1657",
    "CVE-2011-4718",
    "CVE-2013-6501",
    "CVE-2014-3981",
    "CVE-2014-4721",
    "CVE-2014-9427",
    "CVE-2014-9767",
    "CVE-2014-9912",
    "CVE-2015-1353",
    "CVE-2015-2305",
    "CVE-2015-3211",
    "CVE-2015-3411",
    "CVE-2015-3412",
    "CVE-2015-4022",
    "CVE-2015-4024",
    "CVE-2015-4026",
    "CVE-2015-4116",
    "CVE-2015-4147",
    "CVE-2015-4148",
    "CVE-2015-4598",
    "CVE-2015-4599",
    "CVE-2015-4600",
    "CVE-2015-4601",
    "CVE-2015-4602",
    "CVE-2015-4603",
    "CVE-2015-4643",
    "CVE-2015-4644",
    "CVE-2015-5589",
    "CVE-2015-5590",
    "CVE-2015-6831",
    "CVE-2015-6832",
    "CVE-2015-6833",
    "CVE-2015-6835",
    "CVE-2015-6836",
    "CVE-2015-6837",
    "CVE-2015-6838",
    "CVE-2015-7803",
    "CVE-2015-7804",
    "CVE-2015-8835",
    "CVE-2015-8838",
    "CVE-2015-8866",
    "CVE-2015-8867",
    "CVE-2015-8873",
    "CVE-2015-8879",
    "CVE-2015-8935",
    "CVE-2016-2554",
    "CVE-2016-3141",
    "CVE-2016-3142",
    "CVE-2016-3185",
    "CVE-2016-4070",
    "CVE-2016-4072",
    "CVE-2016-4073",
    "CVE-2016-4342",
    "CVE-2016-4343",
    "CVE-2016-4537",
    "CVE-2016-4538",
    "CVE-2016-4539",
    "CVE-2016-4540",
    "CVE-2016-4541",
    "CVE-2016-4542",
    "CVE-2016-4543",
    "CVE-2016-4544",
    "CVE-2016-5093",
    "CVE-2016-5096",
    "CVE-2016-5385",
    "CVE-2016-5399",
    "CVE-2016-5767",
    "CVE-2016-5768",
    "CVE-2016-5771",
    "CVE-2016-5772",
    "CVE-2016-5773",
    "CVE-2016-6288",
    "CVE-2016-6289",
    "CVE-2016-6290",
    "CVE-2016-6291",
    "CVE-2016-6294",
    "CVE-2016-6296",
    "CVE-2016-6297",
    "CVE-2016-7124",
    "CVE-2016-7125",
    "CVE-2016-7126",
    "CVE-2016-7127",
    "CVE-2016-7128",
    "CVE-2016-7129",
    "CVE-2016-7130",
    "CVE-2016-7131",
    "CVE-2016-7132",
    "CVE-2016-7411",
    "CVE-2016-7412",
    "CVE-2016-7413",
    "CVE-2016-7414",
    "CVE-2016-7416",
    "CVE-2016-7417",
    "CVE-2016-7418",
    "CVE-2016-7478",
    "CVE-2016-7479",
    "CVE-2016-7480",
    "CVE-2016-9137",
    "CVE-2016-9138",
    "CVE-2016-9934",
    "CVE-2016-9935",
    "CVE-2016-9936",
    "CVE-2016-10158",
    "CVE-2016-10159",
    "CVE-2016-10160",
    "CVE-2016-10161",
    "CVE-2016-10162",
    "CVE-2016-10397",
    "CVE-2016-10712",
    "CVE-2017-5340",
    "CVE-2017-7272",
    "CVE-2017-7890",
    "CVE-2017-9118",
    "CVE-2017-9224",
    "CVE-2017-9226",
    "CVE-2017-9227",
    "CVE-2017-9228",
    "CVE-2017-9229",
    "CVE-2017-11143",
    "CVE-2017-11144",
    "CVE-2017-11145",
    "CVE-2017-11147",
    "CVE-2017-11362",
    "CVE-2017-11628",
    "CVE-2017-12933",
    "CVE-2017-16642",
    "CVE-2018-5712",
    "CVE-2018-7584",
    "CVE-2018-10360",
    "CVE-2018-10546",
    "CVE-2018-10547",
    "CVE-2018-10548",
    "CVE-2018-14851",
    "CVE-2018-14883",
    "CVE-2018-17082",
    "CVE-2018-19518",
    "CVE-2019-9637",
    "CVE-2019-9640",
    "CVE-2019-9641",
    "CVE-2019-11034",
    "CVE-2019-11035",
    "CVE-2019-11036"
  );

  script_name(english:"RHEL 5 : php (Unpatched Vulnerability)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat 5 host is affected by multiple vulnerabilities that will not be patched.");
  script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple
vulnerabilities that have been acknowledged by the vendor but will not be patched.

  - php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554)

  - php: Uninitialized read in exif_process_IFD_in_TIFF (CVE-2019-9641)

  - The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a
    valid network IP address, which allows remote attackers to obtain network information and facilitate other
    attacks, as demonstrated using SQL injection in the X-FORWARDED-FOR Header in index.php in MiniBB 2.0.
    NOTE: it could be argued that the ip2long behavior represents a risk for security-relevant issues in a way
    that is similar to strcpy's role in buffer overflows, in which case this would be a class of
    implementation bugs that would require separate CVE items for each PHP application that uses ip2long in a
    security-relevant manner. (CVE-2006-4023)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package
is installed.");
  script_set_attribute(attribute:"solution", value:
"The vendor has acknowledged the vulnerabilities but no solution has been provided. Refer to the vendor for remediation
guidance.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-2554");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2019-9641");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'php imap_open Remote Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2006/08/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/06/03");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql51-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql55-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php53");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');
include('rhel.inc');

if (!get_kb_item("global_settings/vendor_unpatched"))
exit(0, "Unpatched Vulnerabilities Detection not active.");

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '5')) audit(AUDIT_OS_NOT, 'Red Hat 5.x', 'Red Hat ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);

var constraints = [
  {
    'pkgs': [
      {'reference':'mysql', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'unpatched_pkg':'mysql', 'cves':['CVE-2015-2305']},
      {'reference':'mysql51-mysql', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'unpatched_pkg':'mysql51-mysql', 'cves':['CVE-2015-2305']},
      {'reference':'mysql55-mysql', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'unpatched_pkg':'mysql55-mysql', 'cves':['CVE-2015-2305']},
      {'reference':'php', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'unpatched_pkg':'php', 'cves':['CVE-2006-4023', 'CVE-2010-4657', 'CVE-2011-0753', 'CVE-2011-4718', 'CVE-2013-6501', 'CVE-2014-3981', 'CVE-2014-4721', 'CVE-2014-9427', 'CVE-2014-9912', 'CVE-2015-1353', 'CVE-2015-2305', 'CVE-2015-3211', 'CVE-2015-3411', 'CVE-2015-3412', 'CVE-2015-4022', 'CVE-2015-4024', 'CVE-2015-4026', 'CVE-2015-4147', 'CVE-2015-4148', 'CVE-2015-4598', 'CVE-2015-4599', 'CVE-2015-4600', 'CVE-2015-4601', 'CVE-2015-4602', 'CVE-2015-4603', 'CVE-2015-4643', 'CVE-2015-5589', 'CVE-2015-5590', 'CVE-2015-6831', 'CVE-2015-6832', 'CVE-2015-6835', 'CVE-2015-6836', 'CVE-2015-6837', 'CVE-2015-6838', 'CVE-2015-7803', 'CVE-2015-7804', 'CVE-2015-8835', 'CVE-2015-8838', 'CVE-2015-8866', 'CVE-2015-8867', 'CVE-2015-8873', 'CVE-2015-8879', 'CVE-2015-8935', 'CVE-2016-3141', 'CVE-2016-3185', 'CVE-2016-4070', 'CVE-2016-4073', 'CVE-2016-4537', 'CVE-2016-4538', 'CVE-2016-4539', 'CVE-2016-4542', 'CVE-2016-4543', 'CVE-2016-4544', 'CVE-2016-5096', 'CVE-2016-5385', 'CVE-2016-5399', 'CVE-2016-5767', 'CVE-2016-5768', 'CVE-2016-5771', 'CVE-2016-5772', 'CVE-2016-6288', 'CVE-2016-6289', 'CVE-2016-6290', 'CVE-2016-6291', 'CVE-2016-6296', 'CVE-2016-7124', 'CVE-2016-7125', 'CVE-2016-7126', 'CVE-2016-7127', 'CVE-2016-7128', 'CVE-2016-7129', 'CVE-2016-7130', 'CVE-2016-7131', 'CVE-2016-7132', 'CVE-2016-7411', 'CVE-2016-7413', 'CVE-2016-7417', 'CVE-2016-7418', 'CVE-2016-7478', 'CVE-2016-7479', 'CVE-2016-7480', 'CVE-2016-9137', 'CVE-2016-9138', 'CVE-2016-9934', 'CVE-2016-9935', 'CVE-2016-9936', 'CVE-2016-10158', 'CVE-2016-10161', 'CVE-2016-10162', 'CVE-2016-10397', 'CVE-2016-10712', 'CVE-2017-5340', 'CVE-2017-7272', 'CVE-2017-7890', 'CVE-2017-9224', 'CVE-2017-9226', 'CVE-2017-9227', 'CVE-2017-9228', 'CVE-2017-9229', 'CVE-2017-11143', 'CVE-2017-11144', 'CVE-2017-11145', 'CVE-2017-11147', 'CVE-2017-11628', 'CVE-2017-12933', 'CVE-2017-16642', 'CVE-2018-7584', 'CVE-2018-10546', 'CVE-2018-10548', 'CVE-2018-14851', 'CVE-2018-14883', 'CVE-2018-17082', 'CVE-2018-19518', 'CVE-2019-9637', 'CVE-2019-9640', 'CVE-2019-9641', 'CVE-2019-11034', 'CVE-2019-11035', 'CVE-2019-11036']},
      {'reference':'php53', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'unpatched_pkg':'php53', 'cves':['CVE-2006-4023', 'CVE-2010-4657', 'CVE-2011-0753', 'CVE-2011-1153', 'CVE-2011-1657', 'CVE-2011-4718', 'CVE-2013-6501', 'CVE-2014-3981', 'CVE-2014-9427', 'CVE-2014-9767', 'CVE-2014-9912', 'CVE-2015-1353', 'CVE-2015-2305', 'CVE-2015-3211', 'CVE-2015-3411', 'CVE-2015-3412', 'CVE-2015-4022', 'CVE-2015-4024', 'CVE-2015-4026', 'CVE-2015-4116', 'CVE-2015-4147', 'CVE-2015-4148', 'CVE-2015-4598', 'CVE-2015-4599', 'CVE-2015-4600', 'CVE-2015-4601', 'CVE-2015-4602', 'CVE-2015-4603', 'CVE-2015-4643', 'CVE-2015-4644', 'CVE-2015-5589', 'CVE-2015-5590', 'CVE-2015-6831', 'CVE-2015-6832', 'CVE-2015-6833', 'CVE-2015-6835', 'CVE-2015-6836', 'CVE-2015-6837', 'CVE-2015-6838', 'CVE-2015-7803', 'CVE-2015-7804', 'CVE-2015-8835', 'CVE-2015-8838', 'CVE-2015-8866', 'CVE-2015-8867', 'CVE-2015-8873', 'CVE-2015-8879', 'CVE-2015-8935', 'CVE-2016-2554', 'CVE-2016-3141', 'CVE-2016-3142', 'CVE-2016-3185', 'CVE-2016-4070', 'CVE-2016-4072', 'CVE-2016-4073', 'CVE-2016-4342', 'CVE-2016-4343', 'CVE-2016-4537', 'CVE-2016-4538', 'CVE-2016-4539', 'CVE-2016-4540', 'CVE-2016-4541', 'CVE-2016-4542', 'CVE-2016-4543', 'CVE-2016-4544', 'CVE-2016-5093', 'CVE-2016-5096', 'CVE-2016-5385', 'CVE-2016-5399', 'CVE-2016-5767', 'CVE-2016-5768', 'CVE-2016-5771', 'CVE-2016-5772', 'CVE-2016-5773', 'CVE-2016-6288', 'CVE-2016-6289', 'CVE-2016-6290', 'CVE-2016-6291', 'CVE-2016-6294', 'CVE-2016-6296', 'CVE-2016-6297', 'CVE-2016-7124', 'CVE-2016-7125', 'CVE-2016-7126', 'CVE-2016-7127', 'CVE-2016-7128', 'CVE-2016-7129', 'CVE-2016-7130', 'CVE-2016-7131', 'CVE-2016-7132', 'CVE-2016-7411', 'CVE-2016-7412', 'CVE-2016-7413', 'CVE-2016-7414', 'CVE-2016-7416', 'CVE-2016-7417', 'CVE-2016-7418', 'CVE-2016-7478', 'CVE-2016-7479', 'CVE-2016-7480', 'CVE-2016-9137', 'CVE-2016-9138', 'CVE-2016-9934', 'CVE-2016-9935', 'CVE-2016-9936', 'CVE-2016-10158', 'CVE-2016-10159', 'CVE-2016-10160', 'CVE-2016-10161', 'CVE-2016-10162', 'CVE-2016-10397', 'CVE-2016-10712', 'CVE-2017-5340', 'CVE-2017-7272', 'CVE-2017-7890', 'CVE-2017-9118', 'CVE-2017-9224', 'CVE-2017-9226', 'CVE-2017-9227', 'CVE-2017-9228', 'CVE-2017-9229', 'CVE-2017-11143', 'CVE-2017-11144', 'CVE-2017-11145', 'CVE-2017-11147', 'CVE-2017-11362', 'CVE-2017-11628', 'CVE-2017-12933', 'CVE-2017-16642', 'CVE-2018-5712', 'CVE-2018-7584', 'CVE-2018-10360', 'CVE-2018-10546', 'CVE-2018-10547', 'CVE-2018-10548', 'CVE-2018-14851', 'CVE-2018-14883', 'CVE-2018-17082', 'CVE-2018-19518', 'CVE-2019-9637', 'CVE-2019-9640', 'CVE-2019-9641', 'CVE-2019-11034', 'CVE-2019-11035', 'CVE-2019-11036']},
      {'reference':'ruby', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'unpatched_pkg':'ruby', 'cves':['CVE-2017-9224', 'CVE-2017-9226', 'CVE-2017-9227', 'CVE-2017-9228', 'CVE-2017-9229']}
    ]
  }
];


var flag = 0;
foreach var constraint_array ( constraints ) {
  var repo_relative_urls = NULL;
  var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);
  foreach var pkg ( constraint_array['pkgs'] ) {
    var unpatched_pkg = NULL;
    var _release = NULL;
    var sp = NULL;
    var el_string = NULL;
    var rpm_spec_vers_cmp = NULL;
    var exists_check = NULL;
    var cves = NULL;
    if (!empty_or_null(pkg['unpatched_pkg'])) unpatched_pkg = pkg['unpatched_pkg'];
    if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (unpatched_pkg &&
        _release &&
        (!exists_check || rpm_exists(release:_release, rpm:exists_check)) &&
        unpatched_package_exists(release:_release, package:unpatched_pkg, cves: cves)) flag++;
  }
}

if (flag)
{
  var extra = NULL;
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : unpatched_packages_report()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'mysql / mysql51-mysql / mysql55-mysql / php / php53 / ruby');
}
VendorProductVersionCPE
redhatenterprise_linuxmysqlp-cpe:/a:redhat:enterprise_linux:mysql
redhatenterprise_linux5cpe:/o:redhat:enterprise_linux:5
redhatenterprise_linuxmysql55-mysqlp-cpe:/a:redhat:enterprise_linux:mysql55-mysql
redhatenterprise_linuxmysql51-mysqlp-cpe:/a:redhat:enterprise_linux:mysql51-mysql
redhatenterprise_linuxrubyp-cpe:/a:redhat:enterprise_linux:ruby
redhatenterprise_linuxphpp-cpe:/a:redhat:enterprise_linux:php
redhatenterprise_linuxphp53p-cpe:/a:redhat:enterprise_linux:php53

References

Related

nessus 70
openvas 58
debian 6
osv 4
redhat 2
cloudfoundry 3
suse 17
ubuntu 8
ibm 3
veracode 12
fedora 4
cloudlinux 1
gentoo 1
slackware 1
mageia 1
freebsd 3
archlinux 1
securityvulns 1
amazon 3
nessus
nessus
RHEL 6 : php (Unpatched Vulnerability)
2024-06-03 00:00:00
EulerOS 2.0 SP3 : php (EulerOS-SA-2019-2649)
2019-12-18 00:00:00
EulerOS 2.0 SP5 : php (EulerOS-SA-2019-2221)
2019-11-08 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2649)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2221)
2020-01-23 00:00:00
Debian: Security Advisory (DSA-3689-1)
2016-10-07 00:00:00
debian
debian
[SECURITY] [DSA 3689-1] php5 security update
2016-10-08 13:53:04
[SECURITY] [DLA 749-1] php5 security update
2016-12-16 21:48:18
[SECURITY] [DSA 3689-1] php5 security update
2016-10-08 13:53:04
osv
osv
php5 - security update
2016-12-16 00:00:00
php5 - security update
2017-02-07 00:00:00
php5 - security update
2015-08-27 00:00:00
redhat
redhat
(RHSA-2018:1296) Moderate: rh-php70-php security, bug fix, and enhancement update
2018-05-03 03:21:11
(RHSA-2016:0457) Moderate: rh-php56-php security update
2016-03-15 00:00:00
cloudfoundry
cloudfoundry
USN-3095-1 PHP vulnerabilities | Cloud Foundry
2016-10-04 00:00:00
Multiple PHP vulnerabilities | Cloud Foundry
2017-03-17 00:00:00
USN-3045-1 PHP vulnerabilities | Cloud Foundry
2016-09-09 00:00:00
suse
suse
Security update for php53 (important)
2016-10-05 18:12:21
Security update for php5 (important)
2015-07-17 11:08:12
Security update for PHP (important)
2015-07-17 20:09:41
ubuntu
ubuntu
PHP vulnerabilities
2017-12-18 00:00:00
PHP vulnerabilities
2017-02-14 00:00:00
PHP vulnerabilities
2017-08-10 00:00:00
ibm
ibm
Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple php vulnerabilities
2018-06-18 01:34:05
Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple php vulnerabilities
2018-06-18 01:33:37
Security Bulletin: Multiple vulnerabilities in php affect IBM Flex System Manger (FSM)
2019-01-31 02:10:01
veracode
veracode
Use After Free
2019-05-16 02:59:58
Use-After-Free
2019-05-02 05:27:42
Denial Of Service (DoS)
2019-05-02 05:27:42
fedora
fedora
[SECURITY] Fedora 23 Update: php-5.6.26-1.fc23
2016-09-28 04:52:34
[SECURITY] Fedora 24 Update: php-5.6.26-1.fc24
2016-09-27 03:58:11
[SECURITY] Fedora 24 Update: php-5.6.21-1.fc24
2016-05-07 12:29:10
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2016-11-30 00:00:00
slackware
slackware
[slackware-security] php
2016-09-23 23:31:48
mageia
mageia
Updated php packages fix security vulnerabilities
2016-09-25 18:45:31
freebsd
freebsd
PHP -- multiple vulnerabilities
2016-09-16 00:00:00
php -- multiple vulnerabilities
2016-07-21 00:00:00
PHP -- multiple vulnerabilities
2016-09-15 00:00:00
archlinux
archlinux
php: multiple issues
2016-09-18 00:00:00
securityvulns
securityvulns
[USN-2658-1] PHP vulnerabilities
2015-07-13 00:00:00
amazon
amazon
Medium: php56
2016-10-12 17:00:00
Medium: php70
2016-10-12 17:00:00
Medium: php70
2017-08-03 20:38:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

Low

0.969 High

EPSS

Percentile

99.7%

JSON
Related for REDHAT_UNPATCHED_PHP-RHEL5.NASL
nessus70openvas58debian6osv4redhat2cloudfoundry3suse17ubuntu8ibm3veracode12fedora4cloudlinux1gentoo1slackware1mageia1freebsd3archlinux1securityvulns1amazon3