Lucene search
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.SUSE9_11666.NASLHistorySep 24, 2009 - 12:00 a.m.
SuSE9 Security Update : PHP4 (YOU Patch Number 11666)
2009-09-2400:00:00
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.
www.tenable.com
29
This update fixes multiple bugs in PHP :
-
Predictable generaton of an initialization vector (IV) in the mcrypt extension
-
Additional cookie attributes could be injected via a session ID.
-
Specially crafted files could cause integer overflows in gd and leverage them to at least crash gd based applications.
This update covers CVE IDs CVE-2007-2727, CVE-2007-3472, CVE-2007-3475, CVE-2007-3476 CVE-2007-3477, CVE-2007-3478 and CVE-2007-3799.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(41143);
script_version("1.11");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2007-2727", "CVE-2007-3472", "CVE-2007-3475", "CVE-2007-3476", "CVE-2007-3477", "CVE-2007-3478", "CVE-2007-3799");
script_name(english:"SuSE9 Security Update : PHP4 (YOU Patch Number 11666)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote SuSE 9 host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"This update fixes multiple bugs in PHP :
- Predictable generaton of an initialization vector (IV)
in the mcrypt extension
- Additional cookie attributes could be injected via a
session ID.
- Specially crafted files could cause integer overflows in
gd and leverage them to at least crash gd based
applications.
This update covers CVE IDs CVE-2007-2727, CVE-2007-3472,
CVE-2007-3475, CVE-2007-3476 CVE-2007-3477, CVE-2007-3478 and
CVE-2007-3799."
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2007-2727.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2007-3472.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2007-3475.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2007-3476.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2007-3477.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2007-3478.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2007-3799.html"
);
script_set_attribute(attribute:"solution", value:"Apply YOU patch number 11666.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_cwe_id(20, 189, 362, 399);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
script_set_attribute(attribute:"patch_publication_date", value:"2007/07/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");
flag = 0;
if (rpm_check(release:"SUSE9", reference:"apache-mod_php4-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"apache2-mod_php4-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"mod_php4-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"mod_php4-apache2-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"mod_php4-core-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"mod_php4-servlet-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-bcmath-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-bz2-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-calendar-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-ctype-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-curl-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-dba-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-dbase-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-devel-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-domxml-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-exif-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-fastcgi-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-filepro-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-ftp-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-gd-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-gettext-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-gmp-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-imap-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-ldap-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-mbstring-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-mcal-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-mcrypt-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-mhash-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-mime_magic-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-mysql-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-pear-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-pgsql-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-qtdom-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-readline-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-recode-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-servlet-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-session-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-shmop-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-snmp-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-sockets-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-sysvsem-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-sysvshm-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-unixODBC-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-wddx-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-xslt-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-yp-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", reference:"php4-zlib-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", cpu:"i586", reference:"php4-iconv-4.3.4-43.82")) flag++;
if (rpm_check(release:"SUSE9", cpu:"i586", reference:"php4-swf-4.3.4-43.82")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else exit(0, "The host is not affected.");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| suse | suse_linux | cpe:/o:suse:suse_linux |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2727
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3475
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3476
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3477
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3478
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3799
support.novell.com/security/cve/CVE-2007-2727.html
support.novell.com/security/cve/CVE-2007-3472.html
support.novell.com/security/cve/CVE-2007-3475.html
support.novell.com/security/cve/CVE-2007-3476.html
support.novell.com/security/cve/CVE-2007-3477.html
support.novell.com/security/cve/CVE-2007-3478.html
support.novell.com/security/cve/CVE-2007-3799.html
Related
openvas
openvas
SLES9: Security update for PHP4
2009-10-10 00:00:00
SLES9: Security update for PHP4
2009-10-10 00:00:00
SLES10: Security update for gd
2009-10-13 00:00:00
nessus
nessus
openSUSE 10 Security Update : gd (gd-3896)
2007-10-17 00:00:00
SuSE 10 Security Update : gd (ZYPP Patch Number 3895)
2007-12-13 00:00:00
SuSE9 Security Update : gd (YOU Patch Number 11578)
2009-09-24 00:00:00
securityvulns
securityvulns
PHP multiple DoS conditions
2007-09-08 00:00:00
[ MDKSA-2007:153 ] - Updated gd packages fix several vulnerabilities
2007-08-05 00:00:00
gb and libgd library multiple security vulnerabilities
2007-08-05 00:00:00
freebsd
freebsd
gd -- multiple vulnerabilities
2007-06-21 00:00:00
libwmf -- multiple vulnerabilities
2004-10-12 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: gd-2.0.35-1.fc7
2007-09-07 17:19:34
[SECURITY] Fedora Core 6 Update: php-5.1.6-3.7.fc6
2007-09-24 20:33:40
gentoo
gentoo
GD: Multiple vulnerabilities
2007-08-09 00:00:00
ubuntu
ubuntu
GD library vulnerabilities
2009-11-05 00:00:00
PHP vulnerabilities
2007-11-29 00:00:00
PHP regression
2007-12-03 00:00:00
redhat
redhat
(RHSA-2008:0146) Moderate: gd security update
2008-02-28 00:00:00
(RHSA-2007:0888) Moderate: php security update
2007-10-23 00:00:00
(RHSA-2007:0890) Moderate: php security update
2007-09-20 00:00:00
oraclelinux
oraclelinux
Moderate: gd security update
2008-02-28 00:00:00
Moderate: php security update
2007-09-26 00:00:00
Moderate: php security update
2007-09-20 00:00:00
centos
centos
gd security update
2008-02-28 19:35:25
php security update
2007-10-24 03:08:58
php security update
2007-09-20 14:31:37
debian
debian
[SECURITY] [DSA 1613-1] new libgd2 packages fix multiple vulnerabilities
2008-07-22 07:01:19
[SECURITY] [DSA 1613-1] new libgd2 packages fix multiple vulnerabilities
2008-07-22 07:01:19
[SECURITY] [DSA 1578-1] New php4 packages fix several vulnerabilities
2008-05-17 11:44:14
ubuntucve
ubuntucve
veracode
veracode
Improper Session Handling
2020-04-10 00:18:57
osv
osv
libgd2 - multiple vulnerabilities
2008-07-22 00:00:00
php4 - several vulnerabilities
2008-05-17 00:00:00
php5 several issues
2008-01-23 00:00:00
prion
prion
Design/Logic Flaw
2007-06-28 18:30:00
Code injection
2007-06-28 18:30:00
Integer overflow
2007-06-28 18:30:00
cve
cve
debiancve
debiancve
redhatcve
redhatcve
CVE-2007-2727
2015-10-30 09:44:00
archlinux
archlinux
[ASA-201701-1] libwmf: multiple issues
2017-01-01 00:00:00
slackware
slackware
[slackware-security] libwmf
2018-05-01 01:19:49
amazon
amazon
Important: libwmf
2015-10-27 13:51:00
f5
f5
K13519 : Multiple PHP vulnerabilities
2013-09-20 00:00:00
SOL13519 - Multiple PHP vulnerabilities
2012-04-04 00:00:00
kitploit
kitploit
arch-audit - An utility like pkg-audit for Arch Linux
2016-10-15 14:30:00
Related for SUSE9_11666.NASL