Lucene search
This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_11_APACHE2-MOD_PHP53-120504.NASLHistoryJan 25, 2013 - 12:00 a.m.
SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6251)
2013-01-2500:00:00
This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
25
This update fixes several security issues in PHP5 :
-
A directory traversal bug has been fixed in PHP5.
(CVE-2012-1172) -
A command injection was possible when PHP5 was operated in CGI mode using commandline options. This problem does not affect PHP5 in the normal Apache module mode setup.
(CVE-2012-1823 / CVE-2012-2311)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#
if (NASL_LEVEL < 3000) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(64103);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/03/28");
script_cve_id("CVE-2012-1172", "CVE-2012-1823", "CVE-2012-2311");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/04/15");
script_name(english:"SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6251)");
script_set_attribute(attribute:"synopsis", value:
"The remote SuSE 11 host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"This update fixes several security issues in PHP5 :
- A directory traversal bug has been fixed in PHP5.
(CVE-2012-1172)
- A command injection was possible when PHP5 was operated
in CGI mode using commandline options. This problem does
not affect PHP5 in the normal Apache module mode setup.
(CVE-2012-1823 / CVE-2012-2311)");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=752030");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=760536");
script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-1172.html");
script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-1823.html");
script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2012-2311.html");
script_set_attribute(attribute:"solution", value:
"Apply SAT patch number 6251.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'PHP CGI Argument Injection');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:"CANVAS");
script_set_attribute(attribute:"patch_publication_date", value:"2012/05/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/25");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:apache2-mod_php53");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-bcmath");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-bz2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-calendar");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-ctype");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-curl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-dba");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-dom");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-exif");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-fastcgi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-fileinfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-ftp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-gd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-gettext");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-gmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-iconv");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-intl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-json");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-ldap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-mbstring");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-mcrypt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-odbc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-openssl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-pcntl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-pdo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-pear");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-pgsql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-pspell");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-shmop");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-snmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-soap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-suhosin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-sysvmsg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-sysvsem");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-sysvshm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-tokenizer");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-wddx");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-xmlreader");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-xmlrpc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-xmlwriter");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-xsl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-zip");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php53-zlib");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2");
flag = 0;
if (rpm_check(release:"SLES11", sp:2, reference:"apache2-mod_php53-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-bcmath-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-bz2-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-calendar-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-ctype-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-curl-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-dba-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-dom-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-exif-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-fastcgi-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-fileinfo-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-ftp-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-gd-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-gettext-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-gmp-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-iconv-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-intl-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-json-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-ldap-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-mbstring-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-mcrypt-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-mysql-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-odbc-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-openssl-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-pcntl-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-pdo-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-pear-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-pgsql-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-pspell-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-shmop-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-snmp-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-soap-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-suhosin-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-sysvmsg-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-sysvsem-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-sysvshm-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-tokenizer-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-wddx-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-xmlreader-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-xmlrpc-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-xmlwriter-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-xsl-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-zip-5.3.8-0.27.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"php53-zlib-5.3.8-0.27.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:php53-bz2 |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:php53-calendar |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:php53-ctype |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:php53-curl |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:apache2-mod_php53 |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:php53 |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:php53-bcmath |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:php53-dba |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:php53-dom |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:php53-exif |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1172
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1823
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2311
support.novell.com/security/cve/CVE-2012-1172.html
support.novell.com/security/cve/CVE-2012-1823.html
support.novell.com/security/cve/CVE-2012-2311.html
bugzilla.novell.com/show_bug.cgi?id=752030
bugzilla.novell.com/show_bug.cgi?id=760536
Related
suse
suse
Security update for PHP5 (critical)
2012-05-09 02:08:18
Security update for PHP5 (critical)
2012-05-09 22:08:16
Security update for PHP5 (critical)
2012-05-09 06:08:17
debian
debian
[SECURITY] [DSA 2465-1] php5 security update
2012-05-09 17:23:53
nessus
nessus
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 8114)
2012-05-09 00:00:00
SuSE 11.1 Security Update : PHP5 (SAT Patch Number 6252)
2013-01-25 00:00:00
Debian DSA-2465-1 : php5 - several vulnerabilities
2012-05-10 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2012:0598-2)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:0604-1)
2021-06-09 00:00:00
Debian Security Advisory DSA 2465-1 (php5)
2012-05-31 00:00:00
osv
osv
php5 - several
2012-05-09 00:00:00
prion
prion
Design/Logic Flaw
2012-05-11 10:15:00
Design/Logic Flaw
2012-05-11 10:15:00
Directory traversal
2012-05-24 00:55:00
fedora
fedora
[SECURITY] Fedora 16 Update: maniadrive-1.2-32.fc16.5
2012-05-27 01:52:21
[SECURITY] Fedora 15 Update: php-eaccelerator-0.9.6.1-9.fc15.5
2012-05-27 07:21:55
[SECURITY] Fedora 15 Update: maniadrive-1.2-32.fc15.5
2012-05-27 07:21:55
cert
cert
PHP-CGI query string parameter vulnerability
2012-05-03 00:00:00
Parallels Plesk Panel phppath/php vulnerability
2013-06-07 00:00:00
ubuntucve
ubuntucve
cve
cve
ubuntu
ubuntu
PHP vulnerability
2012-05-04 00:00:00
freebsd
freebsd
php -- multiple vulnerabilities
2012-05-08 00:00:00
php -- vulnerability in certain CGI-based setups
2012-05-03 00:00:00
threatpost
threatpost
PHP Group Releases New Versions, But Patch Doesn't Fix CVE-2012-1823 Bug
2012-05-04 14:26:46
Another Set of PHP Releases Pushed Out to Fix CVE-2012-1823 Flaw
2012-05-09 14:32:23
Apple Fixes Serious Flaws in iOS 5.1.1
2012-05-08 13:49:34
exploitdb
exploitdb
securityvulns
securityvulns
PHP multiple security vulnerabilities
2012-05-24 00:00:00
PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version
2012-05-24 00:00:00
checkpoint_advisories
checkpoint_advisories
saint
saint
PHP CGI Query String Parameters Command Execution
2012-05-15 00:00:00
PHP CGI Query String Parameters Command Execution
2012-05-15 00:00:00
PHP CGI Query String Parameters Command Execution
2012-05-15 00:00:00
redhat
redhat
(RHSA-2012:0569) Critical: php53 security update
2012-05-10 00:00:00
(RHSA-2012:0568) Critical: php security update
2012-05-10 00:00:00
(RHSA-2012:0570) Critical: php security update
2012-05-11 00:00:00
attackerkb
attackerkb
CVE-2012-1823
2012-05-11 00:00:00
seebug
seebug
PHP-CGI Argument Injection Remote Code Execution
2012-12-25 00:00:00
PHP CGI Argument Injection Exploit
2014-07-01 00:00:00
PHP CGI Argument Injection
2014-07-01 00:00:00
exploitpack
exploitpack
Apache + PHP 5.3.12 5.4.2 - cgi-bin Remote Code Execution
2013-10-29 00:00:00
PHP 5.3.12 5.4.2 - CGI Argument Injection
2012-05-05 00:00:00
Plesk 9.5.4 - Remote Command Execution
2013-06-05 00:00:00
packetstorm
packetstorm
Apache + PHP 5.x Remote Code Execution Python Exploit #2
2013-10-31 00:00:00
PHP-CGI Argument Injection Remote Code Execution
2012-12-24 00:00:00
PHP CGI Argument Injection
2012-05-22 00:00:00
cisa_kev
cisa_kev
PHP-CGI Query String Parameter Vulnerability
2022-03-25 00:00:00
thn
thn
Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP-CGI Vulnerability
2013-11-30 09:08:00
Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP-CGI Vulnerability
2013-11-30 20:08:00
Linux Worm targets Internet-enabled Home appliances to Mine Cryptocurrencies
2014-03-19 22:26:00
symantec
symantec
PHP 'php-cgi' Information Disclosure Vulnerability
2012-05-04 00:00:00
centos
centos
php security update
2012-05-07 21:09:19
php53 security update
2012-05-07 23:01:16
php security update
2012-06-27 20:21:47
amazon
amazon
Critical: php
2012-05-09 14:54:00
metasploit
metasploit
PHP CGI Argument Injection
2012-05-09 16:01:15
oraclelinux
oraclelinux
php security update
2012-05-07 00:00:00
php53 security update
2012-05-07 00:00:00
f5
f5
K14574 : PHP vulnerability CVE-2012-1172
2013-08-07 00:00:00
SOL14574 - PHP vulnerability CVE-2012-1172
2013-08-07 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 08:51:10
Denial Of Service (DoS)
2019-05-02 04:42:12
Denial Of Service (DoS) Or Directory Traversal
2019-05-02 04:42:12
zdt
zdt
Apache Magicka Remote Code Execution Vulnerability
2013-10-31 00:00:00
canvas
canvas
Immunity Canvas: PHP_CGI_REMOTE
2012-05-11 10:15:00
nuclei
nuclei
PHP CGI v5.3.12/5.4.2 Remote Code Execution
2021-07-20 09:32:27
Related for SUSE_11_APACHE2-MOD_PHP53-120504.NASL