SuSE 10 Security Update : PHP5 (ZYPP Patch Number 5909)
2009-09-24T00:00:00
ID SUSE_APACHE2-MOD_PHP5-5909.NASL Type nessus Reporter Tenable Modified 2016-12-22T00:00:00
Description
This update of php5 fixes a directory traversal bug in ZipArchive (CVE-2008-5658) and a buffer overflow in the mstring extension.
(CVE-2008-5557)
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#
include("compat.inc");
if (description)
{
script_id(41475);
script_version ("$Revision: 1.9 $");
script_cvs_date("$Date: 2016/12/22 20:32:45 $");
script_cve_id("CVE-2008-5557", "CVE-2008-5658");
script_name(english:"SuSE 10 Security Update : PHP5 (ZYPP Patch Number 5909)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote SuSE 10 host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"This update of php5 fixes a directory traversal bug in ZipArchive
(CVE-2008-5658) and a buffer overflow in the mstring extension.
(CVE-2008-5557)"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2008-5557.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2008-5658.html"
);
script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 5909.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_cwe_id(22, 119);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
script_set_attribute(attribute:"patch_publication_date", value:"2009/01/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
flag = 0;
if (rpm_check(release:"SLES10", sp:2, reference:"apache2-mod_php5-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-bcmath-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-bz2-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-calendar-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-ctype-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-curl-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-dba-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-dbase-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-devel-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-dom-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-exif-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-fastcgi-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-ftp-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-gd-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-gettext-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-gmp-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-iconv-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-imap-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-json-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-ldap-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-mbstring-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-mcrypt-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-mhash-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-mysql-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-ncurses-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-odbc-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-openssl-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-pcntl-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-pdo-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-pear-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-pgsql-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-posix-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-pspell-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-shmop-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-snmp-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-soap-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-sockets-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-sqlite-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-suhosin-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-sysvmsg-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-sysvsem-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-sysvshm-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-tokenizer-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-wddx-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-xmlreader-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-xmlrpc-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-xsl-5.2.5-9.12")) flag++;
if (rpm_check(release:"SLES10", sp:2, reference:"php5-zlib-5.2.5-9.12")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else exit(0, "The host is not affected.");
{"cve": [{"lastseen": "2018-10-12T11:33:49", "bulletinFamily": "NVD", "description": "Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.", "modified": "2018-10-11T16:56:19", "published": "2008-12-17T15:30:01", "id": "CVE-2008-5658", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5658", "title": "CVE-2008-5658", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-12T11:33:48", "bulletinFamily": "NVD", "description": "Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion, related to the (1) mb_convert_encoding, (2) mb_check_encoding, (3) mb_convert_variables, and (4) mb_parse_str functions.", "modified": "2018-10-11T16:56:04", "published": "2008-12-23T13:30:03", "id": "CVE-2008-5557", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5557", "title": "CVE-2008-5557", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "f5": [{"lastseen": "2016-03-19T09:02:02", "bulletinFamily": "software", "description": "A heap-based buffer overflow in PHP 4.3.0 through 5.2.6 may allow attackers to execute arbitrary code.\n\nInformation about this advisory is available at the following location:\n\n**Note**: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5557>\n\nF5 Product Development tracked this issue as ID 309780 (formerly CR115185) and it was fixed in BIG-IP ASM version 11.0.0.\n", "modified": "2013-03-29T00:00:00", "published": "2009-03-12T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/9000/700/sol9761.html", "id": "SOL9761", "title": "SOL9761 - PHP vulnerability - CVE-2008-5557", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:28", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nCVE-2008-5557 - PHP mbstring buffer overflow vulnerability\r\n\r\nCVE Number: CVE-2008-5557\r\nAuthor: Moriyoshi Koizumi <mozo@mozo.jp>\r\nRelease Date: 2008-12-21\r\nType: heap buffer overflow\r\nAffected Versions: 4.3.0 and later versions including PHP 5\r\nNot Affected: any version prior to 4.3.0\r\n or 5.2.7 and later versions including PHP 5.3 alpha 3\r\n\r\nOverview\r\n========\r\nPHP [1] is a scripting language extensively used in web application\r\ndevelopment. The package contains a number of language extensions aside\r\nfrom\r\nthe language core.\r\n\r\nA heap buffer overflow was found in mbstring extension [2] that is\r\nbundled in\r\nthe standard distribution. mbstring extension provides a set of\r\nfunctions for\r\nthe manipulation of multibyte / Unicode strings.\r\n\r\nThe vulnerability occurs in the part of the encoding conversion facility\r\nthat\r\ndecodes strings that contain HTML entities into Unicode strings. Due to the\r\ndecoder's incorrect handling of error conditions, the bounds check for a\r\nheap-allocated buffer is effectively bypassed. An attacker can exploit this\r\nvulnerability to transfer arbitrary data to a specific region of the heap if\r\nhe gains control over the input of the decoder.\r\n\r\n\r\nImpact\r\n======\r\nSince mbstring functions make use of the facility in various places, almost\r\nall of those can be considered vulnerable. The functions listed below\r\nshould\r\nbe particularly noted according to their primary usage:\r\n\r\n- - mb_convert_encoding()\r\n- - mb_check_encoding()\r\n- - mb_convert_variables()\r\n- - mb_parse_str()\r\n\r\nThe following functions are supposed to be safe in their nature.\r\n\r\n- - mb_decode_numericentity() *\r\n- - mb_detect_encoding()\r\n- - mb_detect_order()\r\n- - mb_ereg()\r\n- - mb_ereg_match()\r\n- - mb_ereg_replace()\r\n- - mb_ereg_search()\r\n- - mb_ereg_search_pos()\r\n- - mb_ereg_search_regs()\r\n- - mb_ereg_search_init()\r\n- - mb_ereg_search_getregs()\r\n- - mb_ereg_search_getpos()\r\n- - mb_ereg_search_setpos()\r\n- - mb_ereg_set_options()\r\n- - mb_eregi()\r\n- - mb_eregi_replace()\r\n- - mb_get_info()\r\n- - mb_http_input()\r\n- - mb_http_output()\r\n- - mb_internal_encoding()\r\n- - mb_language()\r\n- - mb_list_encodings()\r\n- - mb_preferred_mime_name()\r\n- - mb_regex_encoding()\r\n- - mb_regex_set_options()\r\n- - mb_split()\r\n- - mb_substitute_character()\r\n\r\n(*) Based on the different code while providing similar functionality.\r\n\r\nBesides these scriptable functions, mbstring provides functionality that\r\nautomatically filters the form values given through a request URI or POSTed\r\ncontent. Because browsers may send characters of the form data that\r\ncannot be\r\nrepresented in the encoding used in the HTML document as HTML entities, it\r\nshould be no surprise that an user has a PHP installation configured as\r\nfollows:\r\n\r\nmbstring.encoding_translation=on\r\nmbstring.http_input=HTML-ENTITIES\r\nmbstring.internal_encoding=UTF-8\r\n\r\nThe vulnerability would be remotely exploitable in such a case.\r\n\r\n\r\nSolution\r\n========\r\nUpgrade to version 5.2.8. Note that the maintenance of 4.x series was\r\ndiscontinued.\r\n\r\n\r\nDetails\r\n=======\r\nThe following pieces are excerpts from the HTML-entity decoder code in\r\nquestion (mbfilter_htmlent.c), where the decoder is implemented as a\r\ncallback function that is called against each characters of the input\r\nstring sequentially with a structure (mbfl_convert_filter) containing\r\nthe state of the decoder.\r\n\r\nmbfl_convert_filter has a field named "output_function" that points to a\r\nfunction to which the decoded data is passed on a per-character basis. The\r\nfunction is supposed to return a negative value on error. It will most\r\nlikely\r\nfail if the argument is an Unicode value that is not designated to any\r\ncharacter.\r\n\r\nIn particular, since the signature of the output_function is\r\nint(*)(int, void *) though the buffer is an array of unsigned char,\r\nevery character code that is greater than 127 gets passed to the function\r\nwith its value negated and leads to unconditional failure.\r\n\r\n-\r\n------------------------------------------------------------------------------\r\n\r\n#define CK(statement) do { if ((statement) < 0) return (-1); } while (0)\r\n\r\n...\r\n\r\nint mbfl_filt_conv_html_dec(int c, mbfl_convert_filter *filter)\r\n{\r\n if (!filter->status) {\r\n ...\r\n } else {\r\n if (c == ';') {\r\n ...\r\n } else {\r\n /* add character */\r\n buffer[filter->status++] = c;\r\n /* add character and check */\r\n if (!strchr(html_entity_chars, c) ||\r\nfilter->status+1==html_enc_buffer_size || (c=='#' && filter->status>2))\r\n {\r\n /* illegal character or end of buffer */\r\n if (c=='&')\r\n filter->status--;\r\n buffer[filter->status] = 0;\r\n /* php_error_docref("ref.mbstring" TSRMLS_CC, E_WARNING,\r\n"mbstring cannot decode '%s'", buffer)l */\r\n mbfl_filt_conv_html_dec_flush(filter);\r\n if (c=='&')\r\n {\r\n filter->status = 1;\r\n buffer[0] = '&';\r\n }\r\n }\r\n }\r\n }\r\n}\r\n\r\nint mbfl_filt_conv_html_dec_flush(mbfl_convert_filter *filter)\r\n{\r\n int status, pos = 0;\r\n char *buffer;\r\n\r\n buffer = (char*)filter->opaque;\r\n status = filter->status;\r\n /* flush fragments */\r\n while (status--) {\r\n CK((*filter->output_function)(buffer[pos++], filter->data));\r\n }\r\n filter->status = 0;\r\n /*filter->buffer = 0; of cause NOT*/\r\n return 0;\r\n}\r\n\r\n-\r\n------------------------------------------------------------------------------\r\n\r\nIf an invalid character sequence that contains one or more characters\r\nthat are\r\nnot amongst html_entity_chars occurs in the input, the invocation of the\r\noutput function within mbfl_filt_conv_html_dec_flush() will fail and\r\ncause it\r\nto go back to the caller short of resetting filter->status because of the\r\nreturn statement in the CK() macro. This eventually allows casual access to\r\nthe buffer in mbfl_filt_conv_html_dec().\r\n\r\n\r\nTimeline\r\n========\r\n2008-08 Vulnerability discovered during the investigation of bug\r\n#45722 [3]\r\n2008-09-13 Notified to the vendor via security@php.net\r\n2008-09-26 Vender responded\r\n2008-10-16 Patch committed to the repository [4]\r\n2008-12-04 PHP 5.3 alpha 3 and PHP 5.2.7 released\r\n2008-12-08 PHP 5.2.8 released\r\n2008-12-18 Reconfirmation sent to the vendor\r\n2008-12-21 Public disclosure\r\n\r\n\r\nReferences\r\n==========\r\n[1] http://php.net/\r\n[2] http://php.net/manual/ref.mbstring.php\r\n[3] http://bugs.php.net/45722\r\n[4]\r\nhttp://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/libmbfl/filters/mbfilter_htmlent.c?r1=1.7&r2=1.8\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org\r\n\r\niEYEARECAAYFAklN3SYACgkQn2kh0Fq4e4+xJwCfYB9f0Xw0ZR38l9jp7sgRlkUa\r\noH8AoJT+SxRTXGMR9egerFEFpMVHL9TC\r\n=fgEY\r\n-----END PGP SIGNATURE-----\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\r\nHosted and sponsored by Secunia - http://secunia.com/", "modified": "2008-12-22T00:00:00", "published": "2008-12-22T00:00:00", "id": "SECURITYVULNS:DOC:21065", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21065", "title": "[Full-disclosure] CVE-2008-5557 - PHP mbstring buffer overflow vulnerability", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:31", "bulletinFamily": "software", "description": "Buffer overflows in mb_* functions.", "modified": "2008-12-22T00:00:00", "published": "2008-12-22T00:00:00", "id": "SECURITYVULNS:VULN:9537", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9537", "title": "PHP 4 multiple function buffer overflows", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:34", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c02029444\r\nVersion: 1\r\n\r\nHPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execution of\r\nArbitrary Code, Unauthorized Access\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible.\r\n\r\nRelease Date: 2010-04-20\r\nLast Updated: 2010-04-20\r\n\r\nPotential Security Impact: Remote cross site scripting (XSS), Denial of Service (DoS), execution of arbitrary code, unauthorized access\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nPotential security vulnerabilities have been identified with HP System Management Homepage (SMH) for Linux and Windows. These vulnerabilities could be exploited\r\nremotely to allow cross site scripting (XSS), Denial of Service (DoS), execution of arbitrary code, and unauthorized access.\r\n\r\nReferences: CVE-2008-1468, CVE-2008-4226, CVE-2008-5557, CVE-2008-5814, CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387, CVE-2010-1034\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\n\r\nHP System Management Homepage for Windows all versions prior to 6.0\r\nHP System Management Homepage for Linux (x86) all versions prior to 6.0\r\nHP System Management Homepage for Linux (AMD64/EM64T) all versions prior to 6.0\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2008-1468 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\r\nCVE-2008-4226 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\r\nCVE-2008-5557 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\r\nCVE-2008-5814 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6\r\nCVE-2009-1377 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\r\nCVE-2009-1378 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\r\nCVE-2009-1379 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\r\nCVE-2009-1386 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\r\nCVE-2009-1387 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\r\nCVE-2010-1034 (AV:N/AC:H/Au:S/C:P/I:P/A:P) 4.6\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has provided the following resolutions.\r\n\r\nHP System Management Homepage for Windows v6.0.0.96 (or subsequent)\r\n\r\nHP System Management Homepage for Linux (x86) v6.0.0-95 (or subsequent)\r\n\r\nHP System Management Homepage for Linux (AMD64/EM64T) v6.0.0-95 (or subsequent)\r\n\r\nNote:\r\nHP System Management Homepage for Windows v6.0.0.96 contains Namazu v2.0.18 and PHP v5.2.9\r\nHP System Management Homepage for Linux v6.0.0-95 contains Namazu v2.0.19 and PHP v5.2.9\r\n\r\nDownloads are available from the following locations:\r\n\r\nHP System Management Homepage v6.0.0.96 for Windows can be downloaded from\r\nhttp://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=1121486&prodNameId=3288144&swEnvOID=4064&swLang=8&mode=2&taskId=135&swItem=MTX-24b3c024ec034eee9a16c3cb3c\r\n\r\nHP System Management Homepage for Linux (x86), v6.0.0-95 for Linux X86 OS can be downloaded from\r\nhttp://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=1121486&prodNameId=3288144&swEnvOID=4048&swLang=8&mode=2&taskId=135&swItem=MTX-07a54b93a826424faf044ba986\r\n\r\nHP System Management Homepage for Linux (AMD64/EM64T), v6.0.0-95 for Linux 64-bit OS can be downloaded from\r\nhttp://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=1121486&prodNameId=3288144&swEnvOID=4049&swLang=8&mode=2&taskId=135&swItem=MTX-0ac5d5c51abe472da22373a2f5\r\n\r\nNote: The updates can be also be located with the following procedure:\r\n1. Browse to http://h20000.www2.hp.com/bizsupport\r\n2. Search for: HP System Management Homepage for Windows Version 6.0.0.96 or HP System Management Homepage for Linux Version 6.0.0-95\r\n\r\nPRODUCT SPECIFIC INFORMATION\r\nNone\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 20 April 2010 Initial Release\r\n\r\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the\r\ncustomer's patch management policy.\r\n\r\nSupport: For further information, contact normal HP Services support channel.\r\n\r\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\r\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.\r\nTo get the security-alert PGP key, please send an e-mail message as follows:\r\n To: security-alert@hp.com\r\n Subject: get key\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\r\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC\r\nOn the web page: ITRC security bulletins and patch sign-up\r\nUnder Step1: your ITRC security bulletins and patches\r\n -check ALL categories for which alerts are required and continue.\r\nUnder Step2: your ITRC operating systems\r\n -verify your operating system selections are checked and save.\r\n\r\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\r\nLog in on the web page: Subscriber's choice for Business: sign-in.\r\nOn the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.\r\n\r\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\r\n\r\n* The Software Product Category that this Security Bulletin\r\nrelates to is represented by the 5th and 6th characters\r\nof the Bulletin number in the title:\r\n\r\nGN = HP General SW\r\nMA = HP Management Agents\r\nMI = Misc. 3rd Party SW\r\nMP = HP MPE/iX\r\nNS = HP NonStop Servers\r\nOV = HP OpenVMS\r\nPI = HP Printing & Imaging\r\nST = HP Storage SW\r\nTL = HP Trusted Linux\r\nTU = HP Tru64 UNIX\r\nUX = HP-UX\r\nVV = HP VirtualVault\r\n\r\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features\r\nof software products to provide customers with current secure solutions.\r\n\r\n"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information\r\ncontained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action.\r\nHP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages\r\nresulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or\r\nimplied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."\r\n\r\nCopyright 2009 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without\r\nwarranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential\r\ndamages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software\r\nrestoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein\r\nare trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their\r\nrespective owners.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niEYEARECAAYFAkvNwl8ACgkQ4B86/C0qfVksggCeO4bBV9JZUa3asj93QIm6h+vx\r\nJw4An0cWEO4jwId62IHvBI7d4vQBeOtj\r\n=h80D\r\n-----END PGP SIGNATURE-----", "modified": "2010-04-26T00:00:00", "published": "2010-04-26T00:00:00", "id": "SECURITYVULNS:DOC:23702", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23702", "title": "[security bulletin] HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:36", "bulletinFamily": "software", "description": "Crossite scripting, DoS, unauthorized access, code execution.", "modified": "2010-05-20T00:00:00", "published": "2010-05-20T00:00:00", "id": "SECURITYVULNS:VULN:10790", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10790", "title": "HP System Management Homepage multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:30", "bulletinFamily": "software", "description": "About the security content of Security Update 2009-002 / Mac OS X v10.5.7\r\n\r\n * Last Modified: May 12, 2009\r\n * Article: HT3549\r\n\r\nSummary\r\n\r\nThis document describes the security content of Security Update 2009-002 / Mac OS X v10.5.7, which can be downloaded and installed via Software Update preferences, or from Apple Downloads.\r\n\r\nFor the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.\r\n\r\nFor information about the Apple Product Security PGP Key, see "How to use the Apple Product Security PGP Key."\r\n\r\nWhere possible, CVE IDs are used to reference the vulnerabilities for further information.\r\n\r\nTo learn about other Security Updates, see "Apple Security Updates."\r\nProducts Affected\r\n\r\nProduct Security, Mac OS X 10.5\r\nSecurity Update 2009-002 / Mac OS X v10.5.7\r\n\r\n *\r\n\r\n Apache\r\n\r\n CVE-ID: CVE-2008-2939\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11\r\n\r\n Impact: Visiting a malicious website via a proxy may result in cross-site scripting\r\n\r\n Description: An input validation issue exists in Apache's handling of FTP proxy requests containing wildcard characters. Visiting a malicious website via an Apache proxy may result in a cross-site scripting attack. This update addresses the issue by applying the Apache patch for version 2.0.63. Further information is available via the Apache web site at http://httpd.apache.org/ Apache 2.0.x is only shipped with Mac OS X Server v10.4.x systems. Mac OS X v10.5.x and Mac OS X Server v10.5.x ship with Apache 2.2.x.\r\n\r\n *\r\n\r\n Apache\r\n\r\n CVE-ID: CVE-2008-2939\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a malicious website via a proxy may result in cross-site scripting\r\n\r\n Description: An input validation issue exists in Apache 2.2.9's handling of FTP proxy requests containing wildcard characters. Visiting a malicious website via an Apache proxy may result in a cross-site scripting attack. This update addresses the issue by updating Apache to version 2.2.11. Further information is available via the Apache web site at http://httpd.apache.org/\r\n\r\n *\r\n\r\n Apache\r\n\r\n CVE-ID: CVE-2008-0456\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Web sites that allow users to control the name of a served file may be vulnerable to HTTP response injection\r\n\r\n Description: A request forgery issue exists in Apache. Apache does not escape filenames when negotiating the correct content type to send to a remote browser. A user who can publish files with specially crafted names to a web site can substitute their own response for any web page hosted on the system. This update addresses the issue by escaping filenames in content negotiation responses.\r\n\r\n *\r\n\r\n ATS\r\n\r\n CVE-ID: CVE-2009-0154\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Viewing or downloading a document containing a maliciously crafted embedded CFF font may lead to arbitrary code execution\r\n\r\n Description: A heap buffer overflow exists in Apple Type Services' handling of Compact Font Format (CFF) fonts. Viewing or downloading a document containing a maliciously crafted embedded CFF font may lead to arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to Charlie Miller of Independent Security Evaluators working with TippingPoint's Zero Day Initiative for reporting this issue.\r\n\r\n *\r\n\r\n BIND\r\n\r\n CVE-ID: CVE-2009-0025\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: BIND is susceptible to a spoofing attack if configured to use DNSSEC\r\n\r\n Description: BIND incorrectly checks the return value of the OpenSSL DSA_do_verify function. On systems using the DNS Security Extensions (DNSSEC) protocol, a maliciously crafted DSA certificate could bypass the validation, which may lead to a spoofing attack. By default, DNSSEC is not enabled. This update addresses the issue by updating BIND to version 9.3.6-P1 on Mac OS X v10.4, and version 9.4.3-P1 for Mac OS X v10.5 systems. Further information is available via the ISC web site at https://www.isc.org/\r\n\r\n *\r\n\r\n CFNetwork\r\n\r\n CVE-ID: CVE-2009-0144\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Applications that use CFNetwork may send secure cookies in unencrypted HTTP requests\r\n\r\n Description: An implementation issue exists in CFNetwork's parsing of Set-Cookie headers, which may result in certain cookies being unexpectedly sent over a non-encrypted connection. This issue affects non-RFC compliant Set-Cookie headers that are accepted for compatibility reasons. This may result in applications that use CFNetwork, such as Safari, sending sensitive information in unencrypted HTTP requests. This update addresses the issue through improved parsing of Set-Cookie headers. This issue does not affect systems prior to Mac OS X v10.5. Credit to Andrew Mortensen of the University of Michigan for reporting this issue.\r\n\r\n *\r\n\r\n CFNetwork\r\n\r\n CVE-ID: CVE-2009-0157\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A heap buffer overflow exists in the handling of overly long HTTP headers in CFNetwork. Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of HTTP headers. This issue does not affect systems prior to Mac OS X v10.5. Credit to Moritz Jodeit of n.runs AG for reporting this issue.\r\n\r\n *\r\n\r\n CoreGraphics\r\n\r\n CVE-ID: CVE-2009-0145\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: Multiple memory corruption issues exist in CoreGraphics' handling of PDF files. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issues through improved bounds and error checking.\r\n\r\n *\r\n\r\n CoreGraphics\r\n\r\n CVE-ID: CVE-2009-0155\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer underflow in CoreGraphics' handling of PDF files may result in a heap buffer overflow. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. This issue does not affect systems prior to Mac OS X v10.5. Credit to Barry K. Nathan for reporting this issue.\r\n\r\n *\r\n\r\n CoreGraphics\r\n\r\n CVE-ID: CVE-2009-0146, CVE-2009-0147, CVE-2009-0165\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Viewing or downloading a PDF file containing a maliciously crafted JBIG2 stream may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: Multiple heap buffer overflows exist in CoreGraphics' handling of PDF files containing JBIG2 streams. Viewing or downloading a PDF file containing a maliciously crafted JBIG2 stream may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to Apple, Alin Rad Pop of Secunia Research, and Will Dormann of CERT/CC for reporting this issue.\r\n\r\n *\r\n\r\n Cscope\r\n\r\n CVE-ID: CVE-2009-0148\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Processing a maliciously crafted source file with Cscope may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A stack buffer overflow exists in Cscope's handling of long file system path names. Using Cscope to process a maliciously crafted source file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.\r\n\r\n *\r\n\r\n CUPS\r\n\r\n CVE-ID: CVE-2009-0164\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a maliciously crafted web site may lead to unauthorized access of the Web Interface of CUPS\r\n\r\n Description: Under certain circumstances, the Web Interface of CUPS 1.3.9 and earlier may be accessible to attackers through DNS rebinding attacks. In the default configuration, this may allow a maliciously crafted website to start and stop printers, and access information about printers and jobs. This update addresses the issue by performing additional validation of the Host header. Credit: Apple.\r\n\r\n *\r\n\r\n Disk Images\r\n\r\n CVE-ID: CVE-2009-0150\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Mounting a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A stack buffer overflow exists in the handling of disk images. Mounting a maliciously crafted sparse disk image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. This issue does not affect systems prior to Mac OS X v10.5. Credit to Tiller Beauchamp of IOActive for reporting this issue.\r\n\r\n *\r\n\r\n Disk Images\r\n\r\n CVE-ID: CVE-2009-0149\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Mounting a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: Multiple memory corruption issues exist in the handling of disk images. Mounting a maliciously crafted sparse disk image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit: Apple.\r\n\r\n *\r\n\r\n enscript\r\n\r\n CVE-ID: CVE-2004-1184, CVE-2004-1185, CVE-2004-1186, CVE-2008-3863\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in enscript\r\n\r\n Description: enscript is updated to version 1.6.4 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the gnu web site at http://www.gnu.org/software/enscript/\r\n\r\n *\r\n\r\n Flash Player plug-in\r\n\r\n CVE-ID: CVE-2009-0519, CVE-2009-0520, CVE-2009-0114\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in Adobe Flash Player plug-in\r\n\r\n Description: Multiple issues exist in the Adobe Flash Player plug-in, the most serious of which may lead to arbitrary code execution when viewing a maliciously crafted web site. The issues are addressed by updating the Flash Player plug-in on Mac OS v10.5.x systems to version 10.0.22.87, and to version 9.0.159.0 on Mac OS X v10.4.11 systems. Further information is available via the Adobe web site at http://www.adobe.com/support/security/bulletins/apsb09-01.html\r\n\r\n *\r\n\r\n Help Viewer\r\n\r\n CVE-ID: CVE-2009-0942\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Accessing a maliciously crafted "help:" URL may lead to arbitrary code execution\r\n\r\n Description: Help Viewer loads Cascading Style Sheets referenced in URL parameters without validating that the referenced style sheets are located within a registered help book. A malicious "help:" URL may be used to invoke arbitrary AppleScript files, which may lead to arbitrary code execution. This update addresses the issue through improved validation of file system paths when loading stylesheets. Credit to Brian Mastenbrook for reporting this issue.\r\n\r\n *\r\n\r\n Help Viewer\r\n\r\n CVE-ID: CVE-2009-0943\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Accessing a maliciously crafted "help:" URL may lead to arbitrary code execution\r\n\r\n Description: Help Viewer does not validate that full paths to HTML documents are within registered help books. A malicious "help:" URL may be used to invoke arbitrary AppleScript files, which may lead to arbitrary code execution. This update addresses the issue through improved validation of "help:" URLs. Credit to Brian Mastenbrook for reporting this issue.\r\n\r\n *\r\n\r\n iChat\r\n\r\n CVE-ID: CVE-2009-0152\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: iChat AIM communications configured for SSL may downgrade to plaintext\r\n\r\n Description: iChat supports Secure Sockets Layer (SSL) for AOL Instant Messenger and Jabber accounts. iChat automatically disables SSL for AOL Instant Messenger accounts when it is unable to connect, and sends subsequent communications in plain text until SSL is manually re-enabled. A remote attacker with the ability to observe network traffic from an affected system may obtain the contents of AOL Instant Messenger conversations. This update addresses the issue by changing the behavior of iChat to always attempt to use SSL, and to use less secure channels only if the "Require SSL" preference is not enabled. This issue does not affect systems prior to Mac OS X v10.5, as they do not support SSL for iChat accounts.\r\n\r\n *\r\n\r\n International Components for Unicode\r\n\r\n CVE-ID: CVE-2009-0153\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Maliciously crafted content may bypass website filters and result in cross-site scripting\r\n\r\n Description: An implementation issue exists in ICU's handling of certain character encodings. Using ICU to convert invalid byte sequences to Unicode may result in over-consumption, where trailing bytes are considered part of the original character. This may be leveraged by an attacker to bypass filters on websites that attempt to mitigate cross-site scripting. This update addresses the issue through improved handling of invalid byte sequences. This issue does not affect systems prior to Mac OS X v10.5. Credit to Chris Weber of Casaba Security for reporting this issue.\r\n\r\n *\r\n\r\n IPSec\r\n\r\n CVE-ID: CVE-2008-3651, CVE-2008-3652\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in the racoon daemon may lead to a denial of service\r\n\r\n Description: Multiple memory leaks exist in the racoon daemon in ipsec-tools before 0.7.1, which may lead to a denial of service. This update addresses the issues through improved memory management.\r\n\r\n *\r\n\r\n Kerberos\r\n\r\n CVE-ID: CVE-2009-0845\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Processing a maliciously crafted authentication packet may lead to a denial of service of a Kerberos-enabled program\r\n\r\n Description: A null pointer dereference issue exists in the Kerberos SPNEGO support. Processing a maliciously crafted authentication packet may lead to a denial of service of a Kerberos-enabled program. This update addresses the issue by adding a check for a null pointer. This issue does not affect systems prior to Mac OS X v10.5.\r\n\r\n *\r\n\r\n Kerberos\r\n\r\n CVE-ID: CVE-2009-0846, CVE-2009-0847\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Processing a maliciously crafted ASN.1 encoded message may lead to a denial of service of a Kerberos-enabled program or arbitrary code execution\r\n\r\n Description: Multiple memory corruption issues exist in Kerberos' handling of ASN.1 encoded messages. Processing a maliciously crafted ASN.1 encoded message may lead to a denial of service of a Kerberos-enabled program or arbitrary code execution. Further information on the issues and the patches applied is available via the MIT Kerberos website at http://web.mit.edu/Kerberos/\r\n\r\n *\r\n\r\n Kerberos\r\n\r\n CVE-ID: CVE-2009-0844\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Processing a maliciously crafted Kerberos data packet may lead to a denial of service of a Kerberos-enabled program\r\n\r\n Description: An out-of-bounds memory access exists in Kerberos. Processing a maliciously crafted Kerberos data packet may lead to a denial of service of a Kerberos-enabled program. This update addresses the issue through improved bounds checking. This issue does not affect systems prior to Mac OS X v10.5. Credit: Apple.\r\n\r\n *\r\n\r\n Kernel\r\n\r\n CVE-ID: CVE-2008-1517\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: A local user may obtain system privileges\r\n\r\n Description: An unchecked index issue exists in the kernel's handling of workqueues, which may lead to an unexpected system shutdown or arbitrary code execution with Kernel privileges. This update addresses the issue through improved index checking. Credit to an anonymous researcher working with Verisign iDefense VCP for reporting this issue.\r\n\r\n *\r\n\r\n Launch Services\r\n\r\n CVE-ID: CVE-2009-0156\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Downloading a maliciously crafted Mach-O executable may cause Finder to repeatedly terminate and relaunch\r\n\r\n Description: An out-of-bounds memory read access exists in Launch Services. Downloading a maliciously crafted Mach-O executable may cause the Finder to repeatedly terminate and relaunch. This update addresses the issue through improved bounds checking.\r\n\r\n *\r\n\r\n libxml\r\n\r\n CVE-ID: CVE-2008-3529\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A heap buffer overflow exists in libxml's handling of long entity names. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.\r\n\r\n *\r\n\r\n Net-SNMP\r\n\r\n CVE-ID: CVE-2008-4309\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: A remote attacker may terminate the operation of the SNMP service\r\n\r\n Description: An integer overflow exists in the netsnmp_create_subtree_cache function. By sending a maliciously crafted SNMPv3 packet, an attacker may cause the SNMP server to terminate, denying service to legitimate clients. This update addresses the issue by applying the Net-SNMP patches on Mac OS X v10.4.11 systems, and by updating net_snmp to version 5.4.2.1 on Mac OS X v10.5.x systems. The SNMP service is not enabled by default on Mac OS X or Mac OS X Server.\r\n\r\n *\r\n\r\n Network Time\r\n\r\n CVE-ID: CVE-2009-0021\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Network Time is susceptible to a spoofing attack if NTP authentication is enabled\r\n\r\n Description: The ntpd daemon incorrectly checks the return value of the OpenSSL EVP_VerifyFinal function. On systems using NTPv4 authentication, this may allow a maliciously crafted signature to bypass the cryptographic signature validation, which may lead to a time spoofing attack. By default, NTP authentication is not enabled. This update addresses the issue by properly checking the return value of the EVP_VerifyFinal function.\r\n\r\n *\r\n\r\n Network Time\r\n\r\n CVE-ID: CVE-2009-0159\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Using the ntpq command to request peer information from a malicious remote time server may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A stack buffer overflow exists in the ntpq program. When the ntpq program is used to request peer information from a remote time server, a maliciously crafted response may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit: Apple.\r\n\r\n *\r\n\r\n Networking\r\n\r\n CVE-ID: CVE-2008-3530\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: A remote user may be able to cause an unexpected system shutdown\r\n\r\n Description: When IPv6 support is enabled, IPv6 nodes use ICMPv6 to report errors encountered while processing packets. An implementation issue in the handling of incoming ICMPv6 "Packet Too Big" messages may cause an unexpected system shutdown. This update addresses the issue through improved handling of ICMPv6 messages.\r\n\r\n *\r\n\r\n OpenSSL\r\n\r\n CVE-ID: CVE-2008-5077\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: A man-in-the-middle attacker may be able to impersonate a trusted server or user in applications using OpenSSL for SSL certificate verification\r\n\r\n Description: Several functions within the OpenSSL library incorrectly check the result value of the EVP_VerifyFinal function. A man-in-the-middle attacker may be able to impersonate a trusted server or user in applications using OpenSSL for SSL certificate verification for DSA and ECDSA keys. This update addresses the issue by properly checking the return value of the EVP_VerifyFinal function.\r\n\r\n *\r\n\r\n PHP\r\n\r\n CVE-ID: CVE-2008-3659, CVE-2008-2829, CVE-2008-3660, CVE-2008-2666, CVE-2008-2371, CVE-2008-2665, CVE-2008-3658, CVE-2008-5557\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in PHP 5.2.6\r\n\r\n Description: PHP is updated to version 5.2.8 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP website at http://www.php.net/\r\n\r\n *\r\n\r\n QuickDraw Manager\r\n\r\n CVE-ID: CVE-2009-0160\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A memory corruption issue exists in QuickDraw's handling of PICT images. Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of PICT images. Credit: Apple.\r\n * QuickDraw Manager\r\n\r\n CVE-ID: CVE-2009-0010\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer underflow in the handling of PICT images may result in a heap buffer overflow. Opening a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of PICT images. Credit to Damian Put and Sebastian Apelt working with TippingPoint's Zero Day Initiative, and Chris Ries of Carnegie Mellon University Computing Services for reporting this issue.\r\n\r\n *\r\n\r\n ruby\r\n\r\n CVE-ID: CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in Ruby 1.8.6\r\n\r\n Description: Multiple vulnerabilities exist in Ruby 1.8.6. This update addresses the issues by updating Ruby to version 1.8.6-p287. Further information is available via the Ruby web site at http://www.ruby-lang.org/en/security/\r\n\r\n *\r\n\r\n ruby\r\n\r\n CVE-ID: CVE-2009-0161\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Ruby programs may accept revoked certificates\r\n\r\n Description: An incomplete error check exists in Ruby's use of the OpenSSL library. The OpenSSL::OCSP Ruby module may interpret an invalid response as an OCSP validation of the certificate. This update addresses the issue through improved error checking while verifying OCSP responses.\r\n\r\n *\r\n\r\n Safari\r\n\r\n CVE-ID: CVE-2009-0162\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Accessing a maliciously crafted "feed:" URL may lead to arbitrary code execution\r\n\r\n Description: Multiple input validation issues exist in Safari's handling of "feed:" URLs. Accessing a maliciously crafted "feed:" URL may lead to the execution of arbitrary JavaScript. This update addresses the issues by performing additional validation of "feed:" URLs. These issues do not affect systems prior to Mac OS X v10.5. Credit to Billy Rios of Microsoft Vulnerability Research (MSVR), and Alfredo Melloni for reporting these issues.\r\n\r\n *\r\n\r\n Spotlight\r\n\r\n CVE-ID: CVE-2009-0944\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: Multiple memory corruption issues exist in the Mac OS X Microsoft Office Spotlight Importer. Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of Microsoft Office files.\r\n\r\n *\r\n\r\n system_cmds\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: The "login" command always runs the default shell with normal priority\r\n\r\n Description: The "login" command starts an interactive shell after a local user is authenticated. The priority level for the interactive shell is reset to the system default, which can cause the shell to run with an unexpectedly high priority. This update addresses the issue by respecting the priority setting of the calling process if the caller is the superuser or the user who was successfully logged in.\r\n\r\n *\r\n\r\n telnet\r\n\r\n CVE-ID: CVE-2009-0158\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Connecting to a TELNET server with a very long canonical name in its DNS address record may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A stack buffer overflow exists in telnet command. Connecting to a TELNET server with a very long canonical name in its DNS address record may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit: Apple.\r\n\r\n *\r\n\r\n WebKit\r\n\r\n CVE-ID: CVE-2009-0945\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Visiting a maliciously crafted website may lead to arbitrary code execution\r\n\r\n Description: A memory corruption issue exists in WebKit's handling of SVGList objects. Visiting a maliciously crafted website may lead to arbitrary code execution. This update addresses the issue through improved bounds checking. For Mac OS X v10.4.11 and Mac OS X Server v10.4.11, updating to Safari 3.2.3 will address this issue. Credit to Nils working with TippingPoint's Zero Day Initiative for reporting this issue.\r\n\r\n *\r\n\r\n X11\r\n\r\n CVE-ID: CVE-2006-0747, CVE-2007-2754\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11\r\n\r\n Impact: Multiple vulnerabilities in FreeType v2.1.4\r\n\r\n Description: Multiple vulnerabilities exist in FreeType v2.1.4, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. This update addresses the issues by updating FreeType to version 2.3.8. Further information is available via the FreeType site at http://www.freetype.org/ The issues are already addressed in systems running Mac OS X v10.5.6.\r\n\r\n *\r\n\r\n X11\r\n\r\n CVE-ID: CVE-2008-2383\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Displaying maliciously crafted data within an xterm terminal may lead to arbitrary code execution\r\n\r\n Description: The xterm program supports a command sequence known as DECRQSS that can be used to return information about the current terminal. The information returned is sent as terminal input similar to keyboard input by a user. Within an xterm terminal, displaying maliciously crafted data containing such sequences may result in command injection. This update addresses the issue by performing additional validation of the output data. This issue does not affect systems prior to Mac OS X v10.5.\r\n\r\n *\r\n\r\n X11\r\n\r\n CVE-ID: CVE-2008-1382, CVE-2009-0040\r\n\r\n Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in libpng version 1.2.26\r\n\r\n Description: Multiple vulnerabilities exist in libpng version 1.2.26, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating libpng to version 1.2.35. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html These issues do not affect systems prior to Mac OS X v10.5.\r\n\r\n *\r\n\r\n X11\r\n\r\n CVE-ID: CVE-2009-0946\r\n\r\n Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6\r\n\r\n Impact: Multiple vulnerabilities in FreeType v2.3.8\r\n\r\n Description: Multiple integer overflows exist in FreeType v2.3.8, which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issues through improved bounds checking. Credit to Tavis Ormandy of the Google Security Team for reporting these issues.\r\n", "modified": "2009-05-14T00:00:00", "published": "2009-05-14T00:00:00", "id": "SECURITYVULNS:DOC:21825", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21825", "title": "About the security content of Security Update 2009-002 / Mac OS X v10.5.7", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-26T08:55:34", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-mod_php5\n php5\n php5-bcmath\n php5-bz2\n php5-calendar\n php5-ctype\n php5-curl\n php5-dba\n php5-dbase\n php5-devel\n php5-dom\n php5-exif\n php5-fastcgi\n php5-ftp\n php5-gd\n php5-gettext\n php5-gmp\n php5-iconv\n php5-imap\n php5-json\n php5-ldap\n php5-mbstring\n php5-mcrypt\n php5-mhash\n php5-mysql\n php5-ncurses\n php5-odbc\n php5-openssl\n php5-pcntl\n php5-pdo\n php5-pear\n php5-pgsql\n php5-posix\n php5-pspell\n php5-shmop\n php5-snmp\n php5-soap\n php5-sockets\n php5-sqlite\n php5-suhosin\n php5-sysvmsg\n php5-sysvsem\n php5-sysvshm\n php5-tokenizer\n php5-wddx\n php5-xmlreader\n php5-xmlrpc\n php5-xsl\n php5-zlib\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65803", "id": "OPENVAS:65803", "title": "SLES10: Security update for PHP5", "type": "openvas", "sourceData": "#\n#VID slesp2-apache2-mod_php5-5909\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for PHP5\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-mod_php5\n php5\n php5-bcmath\n php5-bz2\n php5-calendar\n php5-ctype\n php5-curl\n php5-dba\n php5-dbase\n php5-devel\n php5-dom\n php5-exif\n php5-fastcgi\n php5-ftp\n php5-gd\n php5-gettext\n php5-gmp\n php5-iconv\n php5-imap\n php5-json\n php5-ldap\n php5-mbstring\n php5-mcrypt\n php5-mhash\n php5-mysql\n php5-ncurses\n php5-odbc\n php5-openssl\n php5-pcntl\n php5-pdo\n php5-pear\n php5-pgsql\n php5-posix\n php5-pspell\n php5-shmop\n php5-snmp\n php5-soap\n php5-sockets\n php5-sqlite\n php5-suhosin\n php5-sysvmsg\n php5-sysvsem\n php5-sysvshm\n php5-tokenizer\n php5-wddx\n php5-xmlreader\n php5-xmlrpc\n php5-xsl\n php5-zlib\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65803);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-5658\", \"CVE-2008-5557\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for PHP5\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mhash\", rpm:\"php5-mhash~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:20", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-mod_php5\n php5\n php5-bcmath\n php5-bz2\n php5-calendar\n php5-ctype\n php5-curl\n php5-dba\n php5-dbase\n php5-devel\n php5-dom\n php5-exif\n php5-fastcgi\n php5-ftp\n php5-gd\n php5-gettext\n php5-gmp\n php5-iconv\n php5-imap\n php5-json\n php5-ldap\n php5-mbstring\n php5-mcrypt\n php5-mhash\n php5-mysql\n php5-ncurses\n php5-odbc\n php5-openssl\n php5-pcntl\n php5-pdo\n php5-pear\n php5-pgsql\n php5-posix\n php5-pspell\n php5-shmop\n php5-snmp\n php5-soap\n php5-sockets\n php5-sqlite\n php5-suhosin\n php5-sysvmsg\n php5-sysvsem\n php5-sysvshm\n php5-tokenizer\n php5-wddx\n php5-xmlreader\n php5-xmlrpc\n php5-xsl\n php5-zlib\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065803", "id": "OPENVAS:136141256231065803", "type": "openvas", "title": "SLES10: Security update for PHP5", "sourceData": "#\n#VID slesp2-apache2-mod_php5-5909\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for PHP5\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache2-mod_php5\n php5\n php5-bcmath\n php5-bz2\n php5-calendar\n php5-ctype\n php5-curl\n php5-dba\n php5-dbase\n php5-devel\n php5-dom\n php5-exif\n php5-fastcgi\n php5-ftp\n php5-gd\n php5-gettext\n php5-gmp\n php5-iconv\n php5-imap\n php5-json\n php5-ldap\n php5-mbstring\n php5-mcrypt\n php5-mhash\n php5-mysql\n php5-ncurses\n php5-odbc\n php5-openssl\n php5-pcntl\n php5-pdo\n php5-pear\n php5-pgsql\n php5-posix\n php5-pspell\n php5-shmop\n php5-snmp\n php5-soap\n php5-sockets\n php5-sqlite\n php5-suhosin\n php5-sysvmsg\n php5-sysvsem\n php5-sysvshm\n php5-tokenizer\n php5-wddx\n php5-xmlreader\n php5-xmlrpc\n php5-xsl\n php5-zlib\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65803\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-5658\", \"CVE-2008-5557\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for PHP5\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mhash\", rpm:\"php5-mhash~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.5~9.12\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:00", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php\nannounced via advisory MDVSA-2009:045.", "modified": "2017-07-06T00:00:00", "published": "2009-02-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63426", "id": "OPENVAS:63426", "title": "Mandrake Security Advisory MDVSA-2009:045 (php)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_045.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:045 (php)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been found and corrected in PHP:\n\nimprove mbfl_filt_conv_html_dec_flush() error handling\nin ext/mbstring/libmbfl/filters/mbfilter_htmlent.c\n(CVE-2008-5557). Additionally on Mandriva Linux 2009.0 and up the\nphp-mbstring module is linked against a separate shared libmbfl\nlibrary that also have been patched to address CVE-2008-5557.\n\nDirectory traversal vulnerability in the ZipArchive::extractTo function\nin PHP 5.2.6 and earlier allows context-dependent attackers to write\narbitrary files via a ZIP file with a file whose name contains .. (dot\ndot) sequences. (CVE-2008-5658)\n\nmake sure the page_uid and page_gid get initialized properly in\next/standard/basic_functions.c. Also, init server_context before\nprocessing config variables in sapi/apache/mod_php5.c (CVE-2008-5624).\n\nenforce restrictions when merging in dir entry in\nsapi/apache/mod_php5.c and sapi/apache2handler/apache_config.c\n(CVE-2008-5625).\n\nOn 2008.1, 2009.0 and cooker (2009.1) seen on x86_64 and with the\nlatest phpmyadmin 3.1.2 software made apache+php segfault (#26274,\n#45864). This problem has been addressed by using -O0 for compiler\noptimization and by using -fno-strict-aliasing. Either the bug is\nin php and/or in gcc 4.3.2. Preferable just make it work as expected\nfor now.\n\nIn addition, the updated packages provide a number of bug fixes.\n\nThe updated packages have been patched to correct these issues.\n\nAffected: 2008.0, 2008.1, 2009.0, Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:045\";\ntag_summary = \"The remote host is missing an update to php\nannounced via advisory MDVSA-2009:045.\";\n\n \n\nif(description)\n{\n script_id(63426);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-23 21:31:14 +0100 (Mon, 23 Feb 2009)\");\n script_cve_id(\"CVE-2008-5557\", \"CVE-2008-5658\", \"CVE-2008-5624\", \"CVE-2008-5625\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:045 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.2.4~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-simplexml\", rpm:\"php-simplexml~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.2.5~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.2.6~3.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libmbfl1\", rpm:\"libmbfl1~1.0.2~3.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libmbfl-devel\", rpm:\"libmbfl-devel~1.0.2~3.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sybase\", rpm:\"php-sybase~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64mbfl1\", rpm:\"lib64mbfl1~1.0.2~3.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64mbfl-devel\", rpm:\"lib64mbfl-devel~1.0.2~3.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.1.6~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.1.6~1.11.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.1.6~1.11.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~1.11.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~1.11.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.1.6~1.11.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~1.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.1.6~1.11.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:59", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php\nannounced via advisory MDVSA-2009:045.", "modified": "2018-04-06T00:00:00", "published": "2009-02-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063426", "id": "OPENVAS:136141256231063426", "title": "Mandrake Security Advisory MDVSA-2009:045 (php)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_045.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:045 (php)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been found and corrected in PHP:\n\nimprove mbfl_filt_conv_html_dec_flush() error handling\nin ext/mbstring/libmbfl/filters/mbfilter_htmlent.c\n(CVE-2008-5557). Additionally on Mandriva Linux 2009.0 and up the\nphp-mbstring module is linked against a separate shared libmbfl\nlibrary that also have been patched to address CVE-2008-5557.\n\nDirectory traversal vulnerability in the ZipArchive::extractTo function\nin PHP 5.2.6 and earlier allows context-dependent attackers to write\narbitrary files via a ZIP file with a file whose name contains .. (dot\ndot) sequences. (CVE-2008-5658)\n\nmake sure the page_uid and page_gid get initialized properly in\next/standard/basic_functions.c. Also, init server_context before\nprocessing config variables in sapi/apache/mod_php5.c (CVE-2008-5624).\n\nenforce restrictions when merging in dir entry in\nsapi/apache/mod_php5.c and sapi/apache2handler/apache_config.c\n(CVE-2008-5625).\n\nOn 2008.1, 2009.0 and cooker (2009.1) seen on x86_64 and with the\nlatest phpmyadmin 3.1.2 software made apache+php segfault (#26274,\n#45864). This problem has been addressed by using -O0 for compiler\noptimization and by using -fno-strict-aliasing. Either the bug is\nin php and/or in gcc 4.3.2. Preferable just make it work as expected\nfor now.\n\nIn addition, the updated packages provide a number of bug fixes.\n\nThe updated packages have been patched to correct these issues.\n\nAffected: 2008.0, 2008.1, 2009.0, Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:045\";\ntag_summary = \"The remote host is missing an update to php\nannounced via advisory MDVSA-2009:045.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63426\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-23 21:31:14 +0100 (Mon, 23 Feb 2009)\");\n script_cve_id(\"CVE-2008-5557\", \"CVE-2008-5658\", \"CVE-2008-5624\", \"CVE-2008-5625\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:045 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.2.4~2.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-simplexml\", rpm:\"php-simplexml~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.4~3.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.2.5~5.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.5~14.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.2.6~3.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libmbfl1\", rpm:\"libmbfl1~1.0.2~3.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libmbfl-devel\", rpm:\"libmbfl-devel~1.0.2~3.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sybase\", rpm:\"php-sybase~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64mbfl1\", rpm:\"lib64mbfl1~1.0.2~3.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64mbfl-devel\", rpm:\"lib64mbfl-devel~1.0.2~3.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.6~18.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.1.6~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.1.6~1.11.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.1.6~1.11.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~1.11.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~1.11.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.1.6~1.11.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~1.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.1.6~1.11.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:07", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache-mod_php4\n apache2-mod_php4\n mod_php4\n mod_php4-apache2\n mod_php4-core\n mod_php4-servlet\n php4\n php4-bcmath\n php4-bz2\n php4-calendar\n php4-ctype\n php4-curl\n php4-dba\n php4-dbase\n php4-devel\n php4-domxml\n php4-exif\n php4-fastcgi\n php4-filepro\n php4-ftp\n php4-gd\n php4-gettext\n php4-gmp\n php4-iconv\n php4-imap\n php4-ldap\n php4-mbstring\n php4-mcal\n php4-mcrypt\n php4-mhash\n php4-mime_magic\n php4-mysql\n php4-pear\n php4-pgsql\n php4-qtdom\n php4-readline\n php4-recode\n php4-servlet\n php4-session\n php4-shmop\n php4-snmp\n php4-sockets\n php4-swf\n php4-sysvsem\n php4-sysvshm\n php4-unixODBC\n php4-wddx\n php4-xslt\n php4-yp\n php4-zlib\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5046240 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065516", "id": "OPENVAS:136141256231065516", "type": "openvas", "title": "SLES9: Security update for PHP4", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5046240.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for PHP4\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache-mod_php4\n apache2-mod_php4\n mod_php4\n mod_php4-apache2\n mod_php4-core\n mod_php4-servlet\n php4\n php4-bcmath\n php4-bz2\n php4-calendar\n php4-ctype\n php4-curl\n php4-dba\n php4-dbase\n php4-devel\n php4-domxml\n php4-exif\n php4-fastcgi\n php4-filepro\n php4-ftp\n php4-gd\n php4-gettext\n php4-gmp\n php4-iconv\n php4-imap\n php4-ldap\n php4-mbstring\n php4-mcal\n php4-mcrypt\n php4-mhash\n php4-mime_magic\n php4-mysql\n php4-pear\n php4-pgsql\n php4-qtdom\n php4-readline\n php4-recode\n php4-servlet\n php4-session\n php4-shmop\n php4-snmp\n php4-sockets\n php4-swf\n php4-sysvsem\n php4-sysvshm\n php4-unixODBC\n php4-wddx\n php4-xslt\n php4-yp\n php4-zlib\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5046240 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65516\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-5557\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for PHP4\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache-mod_php4\", rpm:\"apache-mod_php4~4.3.4~43.91\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:50", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache-mod_php4\n apache2-mod_php4\n mod_php4\n mod_php4-apache2\n mod_php4-core\n mod_php4-servlet\n php4\n php4-bcmath\n php4-bz2\n php4-calendar\n php4-ctype\n php4-curl\n php4-dba\n php4-dbase\n php4-devel\n php4-domxml\n php4-exif\n php4-fastcgi\n php4-filepro\n php4-ftp\n php4-gd\n php4-gettext\n php4-gmp\n php4-iconv\n php4-imap\n php4-ldap\n php4-mbstring\n php4-mcal\n php4-mcrypt\n php4-mhash\n php4-mime_magic\n php4-mysql\n php4-pear\n php4-pgsql\n php4-qtdom\n php4-readline\n php4-recode\n php4-servlet\n php4-session\n php4-shmop\n php4-snmp\n php4-sockets\n php4-swf\n php4-sysvsem\n php4-sysvshm\n php4-unixODBC\n php4-wddx\n php4-xslt\n php4-yp\n php4-zlib\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5046240 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65516", "id": "OPENVAS:65516", "title": "SLES9: Security update for PHP4", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5046240.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for PHP4\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n apache-mod_php4\n apache2-mod_php4\n mod_php4\n mod_php4-apache2\n mod_php4-core\n mod_php4-servlet\n php4\n php4-bcmath\n php4-bz2\n php4-calendar\n php4-ctype\n php4-curl\n php4-dba\n php4-dbase\n php4-devel\n php4-domxml\n php4-exif\n php4-fastcgi\n php4-filepro\n php4-ftp\n php4-gd\n php4-gettext\n php4-gmp\n php4-iconv\n php4-imap\n php4-ldap\n php4-mbstring\n php4-mcal\n php4-mcrypt\n php4-mhash\n php4-mime_magic\n php4-mysql\n php4-pear\n php4-pgsql\n php4-qtdom\n php4-readline\n php4-recode\n php4-servlet\n php4-session\n php4-shmop\n php4-snmp\n php4-sockets\n php4-swf\n php4-sysvsem\n php4-sysvshm\n php4-unixODBC\n php4-wddx\n php4-xslt\n php4-yp\n php4-zlib\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5046240 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65516);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-5557\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for PHP4\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"apache-mod_php4\", rpm:\"apache-mod_php4~4.3.4~43.91\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:06:28", "bulletinFamily": "scanner", "description": "The host is running PHP and is prone to Buffer Overflow\n vulnerability.", "modified": "2018-07-09T00:00:00", "published": "2008-12-31T00:00:00", "id": "OPENVAS:1361412562310900185", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900185", "title": "PHP Heap-based buffer overflow in 'mbstring' extension", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_php_mbstring_ext_bof_vuln.nasl 10459 2018-07-09 07:41:24Z cfischer $\n#\n# PHP Heap-based buffer overflow in 'mbstring' extension\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright (c) 2008 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900185\");\n script_version(\"$Revision: 10459 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 09:41:24 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2008-12-31 15:14:17 +0100 (Wed, 31 Dec 2008)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2008-5557\");\n script_bugtraq_id(32948);\n script_name(\"PHP Heap-based buffer overflow in 'mbstring' extension\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\");\n\n script_xref(name:\"URL\", value:\"http://bugs.php.net/bug.php?id=45722\");\n script_xref(name:\"URL\", value:\"http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0477.html\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code via\n a crafted string containing an HTML entity.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP version 4.3.0 to 5.2.6 on all running platform.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to error in mbfilter_htmlent.c file in the mbstring\n extension. These can be exploited via mb_convert_encoding, mb_check_encoding,\n mb_convert_variables, and mb_parse_str functions.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 5.2.7 or later,\n http://www.php.net/downloads.php\");\n\n script_tag(name:\"summary\", value:\"The host is running PHP and is prone to Buffer Overflow\n vulnerability.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif( version_in_range( version:phpVer, test_version:\"4.3.0\", test_version2:\"5.2.6\" ) ) {\n report = report_fixed_ver( installed_version:phpVer, fixed_version:\"5.2.7\" );\n security_message( data:report, port:phpPort );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:09", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-12-23T00:00:00", "published": "2009-03-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63632", "id": "OPENVAS:63632", "title": "FreeBSD Ports: php4-mbstring", "type": "openvas", "sourceData": "#\n#VID a2074ac6-124c-11de-a964-0030843d3802\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID a2074ac6-124c-11de-a964-0030843d3802\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n php4-mbstring\n php5-mbstring\n\nCVE-2008-5557\nHeap-based buffer overflow in\next/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring\nextension in PHP 4.3.0 through 5.2.6 allows context-dependent\nattackers to execute arbitrary code via a crafted string containing an\nHTML entity, which is not properly handled during Unicode conversion,\nrelated to the (1) mb_convert_encoding, (2) mb_check_encoding, (3)\nmb_convert_variables, and (4) mb_parse_str functions.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\n\nif(description)\n{\n script_id(63632);\n script_version(\"$Revision: 4847 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-23 10:33:16 +0100 (Fri, 23 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-20 00:52:38 +0100 (Fri, 20 Mar 2009)\");\n script_cve_id(\"CVE-2008-5557\");\n script_bugtraq_id(32948);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: php4-mbstring\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"php4-mbstring\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.4.9\")<0) {\n txt += 'Package php4-mbstring version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"php5-mbstring\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.2.9\")<0) {\n txt += 'Package php5-mbstring version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:31", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2018-04-06T00:00:00", "published": "2009-03-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063632", "id": "OPENVAS:136141256231063632", "type": "openvas", "title": "FreeBSD Ports: php4-mbstring", "sourceData": "#\n#VID a2074ac6-124c-11de-a964-0030843d3802\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID a2074ac6-124c-11de-a964-0030843d3802\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n php4-mbstring\n php5-mbstring\n\nCVE-2008-5557\nHeap-based buffer overflow in\next/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring\nextension in PHP 4.3.0 through 5.2.6 allows context-dependent\nattackers to execute arbitrary code via a crafted string containing an\nHTML entity, which is not properly handled during Unicode conversion,\nrelated to the (1) mb_convert_encoding, (2) mb_check_encoding, (3)\nmb_convert_variables, and (4) mb_parse_str functions.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63632\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-20 00:52:38 +0100 (Fri, 20 Mar 2009)\");\n script_cve_id(\"CVE-2008-5557\");\n script_bugtraq_id(32948);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: php4-mbstring\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"php4-mbstring\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.4.9\")<0) {\n txt += 'Package php4-mbstring version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"php5-mbstring\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.2.9\")<0) {\n txt += 'Package php5-mbstring version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:05", "bulletinFamily": "scanner", "description": "The remote host is missing an update to maniadrive\nannounced via advisory FEDORA-2009-3768.", "modified": "2018-04-06T00:00:00", "published": "2009-06-05T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064099", "id": "OPENVAS:136141256231064099", "title": "Fedora Core 10 FEDORA-2009-3768 (maniadrive)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3768.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-3768 (maniadrive)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nUpdate to PHP 5.2.9\n\nChangeLog:\n\n* Thu Apr 16 2009 Remi Collet - 1.2-13\n- Rebuild for php 5.2.9\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update maniadrive' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3768\";\ntag_summary = \"The remote host is missing an update to maniadrive\nannounced via advisory FEDORA-2009-3768.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64099\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2008-5557\", \"CVE-2008-5658\", \"CVE-2008-3658\", \"CVE-2008-5498\", \"CVE-2008-5814\", \"CVE-2009-0754\", \"CVE-2009-1271\", \"CVE-2008-2829\", \"CVE-2008-3660\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-3768 (maniadrive)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=478425\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=494530\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=459529\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=459572\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=452808\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=474824\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=478848\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=479272\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~13.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"maniadrive-track-editor\", rpm:\"maniadrive-track-editor~1.2~13.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"raydium\", rpm:\"raydium~1.2~13.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"raydium-devel\", rpm:\"raydium-devel~1.2~13.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"maniadrive-debuginfo\", rpm:\"maniadrive-debuginfo~1.2~13.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:11:29", "bulletinFamily": "scanner", "description": "This update of php5 fixes a directory traversal bug in ZipArchive (CVE-2008-5658) and a buffer overflow in the mstring extension (CVE-2008-5557).", "modified": "2016-12-22T00:00:00", "id": "SUSE_APACHE2-MOD_PHP5-5934.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=35606", "published": "2009-02-06T00:00:00", "title": "openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-5934)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-mod_php5-5934.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35606);\n script_version (\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:32:45 $\");\n\n script_cve_id(\"CVE-2008-5557\", \"CVE-2008-5658\");\n\n script_name(english:\"openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-5934)\");\n script_summary(english:\"Check for the apache2-mod_php5-5934 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of php5 fixes a directory traversal bug in ZipArchive\n(CVE-2008-5658) and a buffer overflow in the mstring extension\n(CVE-2008-5557).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_php5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(22, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mhash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/02/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"apache2-mod_php5-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-bcmath-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-bz2-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-calendar-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-ctype-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-curl-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-dba-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-dbase-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-devel-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-dom-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-exif-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-fastcgi-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-ftp-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-gd-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-gettext-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-gmp-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-hash-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-iconv-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-imap-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-json-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-ldap-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-mbstring-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-mcrypt-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-mhash-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-mysql-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-ncurses-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-odbc-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-openssl-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-pcntl-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-pdo-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-pear-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-pgsql-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-posix-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-pspell-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-readline-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-shmop-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-snmp-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-soap-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-sockets-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-sqlite-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-suhosin-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-sysvmsg-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-sysvsem-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-sysvshm-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-tidy-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-tokenizer-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-wddx-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-xmlreader-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-xmlrpc-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-xmlwriter-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-xsl-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-zip-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"php5-zlib-5.2.6-0.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:04", "bulletinFamily": "scanner", "description": "This update of php5 fixes a directory traversal bug in ZipArchive (CVE-2008-5658) and a buffer overflow in the mstring extension (CVE-2008-5557).", "modified": "2016-12-21T00:00:00", "id": "SUSE_11_0_APACHE2-MOD_PHP5-090114.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39915", "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-441)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-mod_php5-441.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39915);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:09:49 $\");\n\n script_cve_id(\"CVE-2008-5557\", \"CVE-2008-5658\");\n\n script_name(english:\"openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-441)\");\n script_summary(english:\"Check for the apache2-mod_php5-441 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of php5 fixes a directory traversal bug in ZipArchive\n(CVE-2008-5658) and a buffer overflow in the mstring extension\n(CVE-2008-5557).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=462499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=464048\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_php5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(22, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"apache2-mod_php5-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-bcmath-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-bz2-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-calendar-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-ctype-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-curl-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-dba-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-dbase-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-devel-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-dom-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-exif-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-fastcgi-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-ftp-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-gd-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-gettext-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-gmp-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-hash-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-iconv-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-imap-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-json-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-ldap-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-mbstring-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-mcrypt-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-mysql-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-ncurses-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-odbc-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-openssl-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-pcntl-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-pdo-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-pear-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-pgsql-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-posix-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-pspell-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-readline-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-shmop-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-snmp-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-soap-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-sockets-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-sqlite-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-suhosin-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-sysvmsg-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-sysvsem-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-sysvshm-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-tidy-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-tokenizer-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-wddx-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-xmlreader-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-xmlrpc-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-xmlwriter-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-xsl-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-zip-5.2.6-0.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"php5-zlib-5.2.6-0.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:09", "bulletinFamily": "scanner", "description": "This update of php5 fixes a directory traversal bug in ZipArchive (CVE-2008-5658) and a buffer overflow in the mstring extension (CVE-2008-5557).", "modified": "2016-12-21T00:00:00", "id": "SUSE_11_1_APACHE2-MOD_PHP5-090119.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40186", "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-441)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-mod_php5-441.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40186);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:09:51 $\");\n\n script_cve_id(\"CVE-2008-5557\", \"CVE-2008-5658\");\n\n script_name(english:\"openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-441)\");\n script_summary(english:\"Check for the apache2-mod_php5-441 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of php5 fixes a directory traversal bug in ZipArchive\n(CVE-2008-5658) and a buffer overflow in the mstring extension\n(CVE-2008-5557).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=462499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=464048\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_php5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(22, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"apache2-mod_php5-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-bcmath-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-bz2-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-calendar-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-ctype-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-curl-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-dba-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-dbase-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-devel-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-dom-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-exif-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-fastcgi-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-ftp-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-gd-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-gettext-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-gmp-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-hash-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-iconv-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-imap-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-json-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-ldap-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-mbstring-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-mcrypt-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-mysql-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-ncurses-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-odbc-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-openssl-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pcntl-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pdo-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pear-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pgsql-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-posix-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pspell-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-readline-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-shmop-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-snmp-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-soap-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sockets-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sqlite-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-suhosin-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sysvmsg-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sysvsem-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sysvshm-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-tidy-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-tokenizer-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-wddx-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-xmlreader-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-xmlrpc-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-xmlwriter-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-xsl-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-zip-5.2.6-49.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-zlib-5.2.6-49.14.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:11:40", "bulletinFamily": "scanner", "description": "A number of vulnerabilities have been found and corrected in PHP :\n\nimprove mbfl_filt_conv_html_dec_flush() error handling in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c (CVE-2008-5557).\nAdditionally on Mandriva Linux 2009.0 and up the php-mbstring module is linked against a separate shared libmbfl library that also have been patched to address CVE-2008-5557.\n\nDirectory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences. (CVE-2008-5658)\n\nmake sure the page_uid and page_gid get initialized properly in ext/standard/basic_functions.c. Also, init server_context before processing config variables in sapi/apache/mod_php5.c (CVE-2008-5624).\n\nenforce restrictions when merging in dir entry in sapi/apache/mod_php5.c and sapi/apache2handler/apache_config.c (CVE-2008-5625).\n\nOn 2008.1, 2009.0 and cooker (2009.1) seen on x86_64 and with the latest phpmyadmin 3.1.2 software made apache+php segfault (#26274, #45864). This problem has been addressed by using -O0 for compiler optimization and by using -fno-strict-aliasing. Either the bug is in php and/or in gcc 4.3.2. Preferable just make it work as expected for now.\n\nIn addition, the updated packages provide a number of bug fixes.\n\nThe updated packages have been patched to correct these issues.", "modified": "2019-01-02T00:00:00", "id": "MANDRIVA_MDVSA-2009-045.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=36677", "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : php (MDVSA-2009:045)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:045. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36677);\n script_version (\"1.15\");\n script_cvs_date(\"Date: 2019/01/02 16:37:54\");\n\n script_cve_id(\"CVE-2008-5557\", \"CVE-2008-5624\", \"CVE-2008-5625\", \"CVE-2008-5658\");\n script_bugtraq_id(32625, 32948);\n script_xref(name:\"MDVSA\", value:\"2009:045\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php (MDVSA-2009:045)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities have been found and corrected in PHP :\n\nimprove mbfl_filt_conv_html_dec_flush() error handling in\next/mbstring/libmbfl/filters/mbfilter_htmlent.c (CVE-2008-5557).\nAdditionally on Mandriva Linux 2009.0 and up the php-mbstring module\nis linked against a separate shared libmbfl library that also have\nbeen patched to address CVE-2008-5557.\n\nDirectory traversal vulnerability in the ZipArchive::extractTo\nfunction in PHP 5.2.6 and earlier allows context-dependent attackers\nto write arbitrary files via a ZIP file with a file whose name\ncontains .. (dot dot) sequences. (CVE-2008-5658)\n\nmake sure the page_uid and page_gid get initialized properly in\next/standard/basic_functions.c. Also, init server_context before\nprocessing config variables in sapi/apache/mod_php5.c (CVE-2008-5624).\n\nenforce restrictions when merging in dir entry in\nsapi/apache/mod_php5.c and sapi/apache2handler/apache_config.c\n(CVE-2008-5625).\n\nOn 2008.1, 2009.0 and cooker (2009.1) seen on x86_64 and with the\nlatest phpmyadmin 3.1.2 software made apache+php segfault (#26274,\n#45864). This problem has been addressed by using -O0 for compiler\noptimization and by using -fno-strict-aliasing. Either the bug is in\nphp and/or in gcc 4.3.2. Preferable just make it work as expected for\nnow.\n\nIn addition, the updated packages provide a number of bug fixes.\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(22, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mbfl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mbfl1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64php5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmbfl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmbfl1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libphp5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mhash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mime_magic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-simplexml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"apache-mod_php-5.2.4-2.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libphp5_common5-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-bcmath-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-bz2-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-calendar-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-cgi-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-cli-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-ctype-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-curl-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-dba-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-dbase-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-devel-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-dom-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-exif-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-fcgi-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-filter-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-ftp-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-gd-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-gettext-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-gmp-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-hash-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-iconv-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-imap-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-json-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-ldap-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mbstring-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mcrypt-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mhash-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mime_magic-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-ming-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mssql-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mysql-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mysqli-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-ncurses-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-odbc-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-openssl-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pcntl-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pdo-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pdo_dblib-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pdo_mysql-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pdo_odbc-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pdo_pgsql-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pdo_sqlite-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pgsql-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-posix-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pspell-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-readline-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-recode-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-session-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-shmop-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-simplexml-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-snmp-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-soap-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-sockets-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-sqlite-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-sysvmsg-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-sysvsem-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-sysvshm-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-tidy-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-tokenizer-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-wddx-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-xml-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-xmlreader-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-xmlrpc-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-xmlwriter-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-xsl-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-zlib-5.2.4-3.4mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", reference:\"apache-mod_php-5.2.5-5.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libphp5_common5-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-bcmath-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-bz2-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-calendar-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-cgi-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-cli-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-ctype-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-curl-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-dba-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-dbase-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-devel-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-dom-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-exif-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-fcgi-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-filter-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-ftp-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-gd-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-gettext-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-gmp-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-hash-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-iconv-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-imap-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-json-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-ldap-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mbstring-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mcrypt-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mhash-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mime_magic-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-ming-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mssql-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mysql-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mysqli-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-ncurses-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-odbc-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-openssl-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pcntl-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pdo-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pdo_dblib-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pdo_mysql-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pdo_odbc-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pdo_pgsql-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pdo_sqlite-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pgsql-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-posix-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pspell-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-readline-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-recode-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-session-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-shmop-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-snmp-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-soap-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-sockets-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-sqlite-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-sysvmsg-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-sysvsem-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-sysvshm-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-tidy-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-tokenizer-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-wddx-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-xml-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-xmlreader-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-xmlrpc-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-xmlwriter-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-xsl-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-zlib-5.2.5-14.3mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"apache-mod_php-5.2.6-3.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64mbfl-devel-1.0.2-3.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64mbfl1-1.0.2-3.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libmbfl-devel-1.0.2-3.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libmbfl1-1.0.2-3.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libphp5_common5-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-bcmath-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-bz2-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-calendar-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-cgi-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-cli-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ctype-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-curl-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-dba-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-dbase-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-devel-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-dom-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-exif-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-fcgi-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-filter-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ftp-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-gd-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-gettext-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-gmp-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-hash-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-iconv-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-imap-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-json-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ldap-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mbstring-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mcrypt-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mhash-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mime_magic-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ming-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mssql-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mysql-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mysqli-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ncurses-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-odbc-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-openssl-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pcntl-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_dblib-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_mysql-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_odbc-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_pgsql-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_sqlite-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pgsql-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-posix-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pspell-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-readline-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-recode-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-session-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-shmop-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-snmp-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-soap-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sockets-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sqlite-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sybase-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sysvmsg-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sysvsem-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sysvshm-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-tidy-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-tokenizer-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-wddx-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xml-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xmlreader-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xmlrpc-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xmlwriter-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xsl-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-zlib-5.2.6-18.2mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:12:26", "bulletinFamily": "scanner", "description": "Specially crafted strings could trigger a heap-based buffer overflow in the php mbstring extension. Attackers could potenially exploit that to execute arbitrary code. (CVE-2008-5557)", "modified": "2012-04-23T00:00:00", "id": "SUSE9_12382.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41287", "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : PHP4 (YOU Patch Number 12382)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41287);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2012/04/23 18:14:43 $\");\n\n script_cve_id(\"CVE-2008-5557\");\n\n script_name(english:\"SuSE9 Security Update : PHP4 (YOU Patch Number 12382)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted strings could trigger a heap-based buffer overflow\nin the php mbstring extension. Attackers could potenially exploit that\nto execute arbitrary code. (CVE-2008-5557)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5557.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12382.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"apache-mod_php4-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"apache2-mod_php4-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mod_php4-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mod_php4-apache2-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mod_php4-core-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mod_php4-servlet-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-bcmath-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-bz2-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-calendar-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-ctype-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-curl-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-dba-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-dbase-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-devel-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-domxml-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-exif-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-fastcgi-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-filepro-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-ftp-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-gd-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-gettext-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-gmp-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-imap-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-ldap-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-mbstring-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-mcal-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-mcrypt-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-mhash-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-mime_magic-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-mysql-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-pear-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-pgsql-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-qtdom-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-readline-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-recode-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-servlet-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-session-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-shmop-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-snmp-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-sockets-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-sysvsem-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-sysvshm-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-unixODBC-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-wddx-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-xslt-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-yp-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"php4-zlib-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"php4-iconv-4.3.4-43.91\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"php4-swf-4.3.4-43.91\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:11:32", "bulletinFamily": "scanner", "description": "SecurityFocus reports :\n\nPHP is prone to a buffer-overflow vulnerability because it fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers. The issue affects the 'mbstring' extension included in the standard distribution.\n\nAn attacker can exploit this issue to execute arbitrary machine code in the context of the affected webserver. Failed exploit attempts will likely crash the webserver, denying service to legitimate users.", "modified": "2018-11-10T00:00:00", "id": "FREEBSD_PKG_A2074AC6124C11DEA9640030843D3802.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=35939", "published": "2009-03-17T00:00:00", "title": "FreeBSD : php-mbstring -- php mbstring buffer overflow vulnerability (a2074ac6-124c-11de-a964-0030843d3802)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35939);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/10 11:49:42\");\n\n script_cve_id(\"CVE-2008-5557\");\n script_bugtraq_id(32948);\n\n script_name(english:\"FreeBSD : php-mbstring -- php mbstring buffer overflow vulnerability (a2074ac6-124c-11de-a964-0030843d3802)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SecurityFocus reports :\n\nPHP is prone to a buffer-overflow vulnerability because it fails to\nperform boundary checks before copying user-supplied data to\ninsufficiently sized memory buffers. The issue affects the 'mbstring'\nextension included in the standard distribution.\n\nAn attacker can exploit this issue to execute arbitrary machine code\nin the context of the affected webserver. Failed exploit attempts will\nlikely crash the webserver, denying service to legitimate users.\"\n );\n # https://vuxml.freebsd.org/freebsd/a2074ac6-124c-11de-a964-0030843d3802.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cd22ac13\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php4-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"php4-mbstring<4.4.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php5-mbstring<5.2.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:22:31", "bulletinFamily": "scanner", "description": "A heap-based buffer overflow in PHP 4.3.0 through 5.2.6 may allow attackers to execute arbitrary code.", "modified": "2019-01-04T00:00:00", "id": "F5_BIGIP_SOL9761.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=78229", "published": "2014-10-10T00:00:00", "title": "F5 Networks BIG-IP : PHP vulnerability (SOL9761)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL9761.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78229);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2008-5557\");\n script_bugtraq_id(32948);\n\n script_name(english:\"F5 Networks BIG-IP : PHP vulnerability (SOL9761)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow in PHP 4.3.0 through 5.2.6 may allow\nattackers to execute arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K9761\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL9761.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL9761\";\nvmatrix = make_array();\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"9.3.0-9.3.1\",\"9.4.0-9.4.8\",\"10.0.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running the affected module ASM\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:11:56", "bulletinFamily": "scanner", "description": "Update to PHP 5.2.9 A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code.\n(CVE-2008-5557) A directory traversal flaw was found in PHP's ZipArchive::extractTo function. If PHP is used to extract a malicious ZIP archive, it could allow an attacker to write arbitrary files anywhere the PHP process has write permissions. (CVE-2008-5658) A buffer overflow flaw was found in PHP's imageloadfont function. If a PHP script allowed a remote attacker to load a carefully crafted font file, it could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-3658) A memory disclosure flaw was found in the PHP gd extension's imagerotate function. A remote attacker able to pass arbitrary values as the 'background color' argument of the function could, possibly, view portions of the PHP interpreter's memory. (CVE-2008-5498) A cross-site scripting flaw was found in a way PHP reported errors for invalid cookies. If the PHP interpreter had 'display_errors' enabled, a remote attacker able to set a specially crafted cookie on a victim's system could possibly inject arbitrary HTML into an error message generated by PHP.\n(CVE-2008-5814) A flaw was found in the handling of the 'mbstring.func_overload' configuration setting. A value set for one virtual host, or in a user's .htaccess file, was incorrectly applied to other virtual hosts on the same server, causing the handling of multibyte character strings to not work correctly. (CVE-2009-0754) A flaw was found in PHP's json_decode function. A remote attacker could use this flaw to create a specially crafted string which could cause the PHP interpreter to crash while being decoded in a PHP script.\n(CVE-2009-1271) A flaw was found in the use of the uw-imap library by the PHP 'imap' extension. This could cause the PHP interpreter to crash if the 'imap' extension was used to read specially crafted mail messages with long headers. (CVE-2008-2829) http://www.php.net/releases/5_2_7.php http://www.php.net/releases/5_2_8.php http://www.php.net/releases/5_2_9.php http://www.php.net/ChangeLog-5.php#5.2.9\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-28T00:00:00", "id": "FEDORA_2009-3768.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38956", "published": "2009-06-01T00:00:00", "title": "Fedora 10 : maniadrive-1.2-13.fc10 / php-5.2.9-2.fc10 (2009-3768)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-3768.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38956);\n script_version (\"1.17\");\n script_cvs_date(\"Date: 2018/11/28 22:47:43\");\n\n script_cve_id(\"CVE-2008-2829\", \"CVE-2008-3658\", \"CVE-2008-3660\", \"CVE-2008-5498\", \"CVE-2008-5557\", \"CVE-2008-5658\", \"CVE-2009-0754\", \"CVE-2009-1271\");\n script_bugtraq_id(29829, 30649, 31612, 32625, 32948, 33002, 33542);\n script_xref(name:\"FEDORA\", value:\"2009-3768\");\n\n script_name(english:\"Fedora 10 : maniadrive-1.2-13.fc10 / php-5.2.9-2.fc10 (2009-3768)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to PHP 5.2.9 A heap-based buffer overflow flaw was found in\nPHP's mbstring extension. A remote attacker able to pass arbitrary\ninput to a PHP script using mbstring conversion functions could cause\nthe PHP interpreter to crash or, possibly, execute arbitrary code.\n(CVE-2008-5557) A directory traversal flaw was found in PHP's\nZipArchive::extractTo function. If PHP is used to extract a malicious\nZIP archive, it could allow an attacker to write arbitrary files\nanywhere the PHP process has write permissions. (CVE-2008-5658) A\nbuffer overflow flaw was found in PHP's imageloadfont function. If a\nPHP script allowed a remote attacker to load a carefully crafted font\nfile, it could cause the PHP interpreter to crash or, possibly,\nexecute arbitrary code. (CVE-2008-3658) A memory disclosure flaw was\nfound in the PHP gd extension's imagerotate function. A remote\nattacker able to pass arbitrary values as the 'background color'\nargument of the function could, possibly, view portions of the PHP\ninterpreter's memory. (CVE-2008-5498) A cross-site scripting flaw was\nfound in a way PHP reported errors for invalid cookies. If the PHP\ninterpreter had 'display_errors' enabled, a remote attacker able to\nset a specially crafted cookie on a victim's system could possibly\ninject arbitrary HTML into an error message generated by PHP.\n(CVE-2008-5814) A flaw was found in the handling of the\n'mbstring.func_overload' configuration setting. A value set for one\nvirtual host, or in a user's .htaccess file, was incorrectly applied\nto other virtual hosts on the same server, causing the handling of\nmultibyte character strings to not work correctly. (CVE-2009-0754) A\nflaw was found in PHP's json_decode function. A remote attacker could\nuse this flaw to create a specially crafted string which could cause\nthe PHP interpreter to crash while being decoded in a PHP script.\n(CVE-2009-1271) A flaw was found in the use of the uw-imap library by\nthe PHP 'imap' extension. This could cause the PHP interpreter to\ncrash if the 'imap' extension was used to read specially crafted mail\nmessages with long headers. (CVE-2008-2829)\nhttp://www.php.net/releases/5_2_7.php\nhttp://www.php.net/releases/5_2_8.php\nhttp://www.php.net/releases/5_2_9.php\nhttp://www.php.net/ChangeLog-5.php#5.2.9\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.2.9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/releases/5_2_7.php\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/releases/5_2_8.php\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/releases/5_2_9.php\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=452808\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=459529\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=459572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=474824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=478425\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=478848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=479272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=494530\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024352.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8bce870c\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024353.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5975598f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected maniadrive and / or php packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 22, 119, 134, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:maniadrive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"maniadrive-1.2-13.fc10\")) flag++;\nif (rpm_check(release:\"FC10\", reference:\"php-5.2.9-2.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"maniadrive / php\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:11:56", "bulletinFamily": "scanner", "description": "Update to PHP 5.2.9 A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code.\n(CVE-2008-5557) A directory traversal flaw was found in PHP's ZipArchive::extractTo function. If PHP is used to extract a malicious ZIP archive, it could allow an attacker to write arbitrary files anywhere the PHP process has write permissions. (CVE-2008-5658) A buffer overflow flaw was found in PHP's imageloadfont function. If a PHP script allowed a remote attacker to load a carefully crafted font file, it could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-3658) A memory disclosure flaw was found in the PHP gd extension's imagerotate function. A remote attacker able to pass arbitrary values as the 'background color' argument of the function could, possibly, view portions of the PHP interpreter's memory. (CVE-2008-5498) A cross-site scripting flaw was found in a way PHP reported errors for invalid cookies. If the PHP interpreter had 'display_errors' enabled, a remote attacker able to set a specially crafted cookie on a victim's system could possibly inject arbitrary HTML into an error message generated by PHP.\n(CVE-2008-5814) A flaw was found in the handling of the 'mbstring.func_overload' configuration setting. A value set for one virtual host, or in a user's .htaccess file, was incorrectly applied to other virtual hosts on the same server, causing the handling of multibyte character strings to not work correctly. (CVE-2009-0754) A flaw was found in PHP's json_decode function. A remote attacker could use this flaw to create a specially crafted string which could cause the PHP interpreter to crash while being decoded in a PHP script.\n(CVE-2009-1271) A flaw was found in the use of the uw-imap library by the PHP 'imap' extension. This could cause the PHP interpreter to crash if the 'imap' extension was used to read specially crafted mail messages with long headers. (CVE-2008-2829) http://www.php.net/releases/5_2_7.php http://www.php.net/releases/5_2_8.php http://www.php.net/releases/5_2_9.php http://www.php.net/ChangeLog-5.php#5.2.9\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-28T00:00:00", "id": "FEDORA_2009-3848.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38957", "published": "2009-06-01T00:00:00", "title": "Fedora 9 : maniadrive-1.2-13.fc9 / php-5.2.9-2.fc9 (2009-3848)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-3848.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38957);\n script_version (\"1.17\");\n script_cvs_date(\"Date: 2018/11/28 22:47:43\");\n\n script_cve_id(\"CVE-2008-2829\", \"CVE-2008-3658\", \"CVE-2008-3660\", \"CVE-2008-5498\", \"CVE-2008-5557\", \"CVE-2008-5658\", \"CVE-2009-0754\", \"CVE-2009-1271\");\n script_bugtraq_id(29829, 30649, 31612, 32625, 32948, 33002, 33542);\n script_xref(name:\"FEDORA\", value:\"2009-3848\");\n\n script_name(english:\"Fedora 9 : maniadrive-1.2-13.fc9 / php-5.2.9-2.fc9 (2009-3848)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to PHP 5.2.9 A heap-based buffer overflow flaw was found in\nPHP's mbstring extension. A remote attacker able to pass arbitrary\ninput to a PHP script using mbstring conversion functions could cause\nthe PHP interpreter to crash or, possibly, execute arbitrary code.\n(CVE-2008-5557) A directory traversal flaw was found in PHP's\nZipArchive::extractTo function. If PHP is used to extract a malicious\nZIP archive, it could allow an attacker to write arbitrary files\nanywhere the PHP process has write permissions. (CVE-2008-5658) A\nbuffer overflow flaw was found in PHP's imageloadfont function. If a\nPHP script allowed a remote attacker to load a carefully crafted font\nfile, it could cause the PHP interpreter to crash or, possibly,\nexecute arbitrary code. (CVE-2008-3658) A memory disclosure flaw was\nfound in the PHP gd extension's imagerotate function. A remote\nattacker able to pass arbitrary values as the 'background color'\nargument of the function could, possibly, view portions of the PHP\ninterpreter's memory. (CVE-2008-5498) A cross-site scripting flaw was\nfound in a way PHP reported errors for invalid cookies. If the PHP\ninterpreter had 'display_errors' enabled, a remote attacker able to\nset a specially crafted cookie on a victim's system could possibly\ninject arbitrary HTML into an error message generated by PHP.\n(CVE-2008-5814) A flaw was found in the handling of the\n'mbstring.func_overload' configuration setting. A value set for one\nvirtual host, or in a user's .htaccess file, was incorrectly applied\nto other virtual hosts on the same server, causing the handling of\nmultibyte character strings to not work correctly. (CVE-2009-0754) A\nflaw was found in PHP's json_decode function. A remote attacker could\nuse this flaw to create a specially crafted string which could cause\nthe PHP interpreter to crash while being decoded in a PHP script.\n(CVE-2009-1271) A flaw was found in the use of the uw-imap library by\nthe PHP 'imap' extension. This could cause the PHP interpreter to\ncrash if the 'imap' extension was used to read specially crafted mail\nmessages with long headers. (CVE-2008-2829)\nhttp://www.php.net/releases/5_2_7.php\nhttp://www.php.net/releases/5_2_8.php\nhttp://www.php.net/releases/5_2_9.php\nhttp://www.php.net/ChangeLog-5.php#5.2.9\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.2.9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/releases/5_2_7.php\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/releases/5_2_8.php\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/releases/5_2_9.php\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=452808\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=459529\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=459572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=474824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=478425\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=478848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=479272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=494530\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024366.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9da9790c\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024369.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9dfb87a7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected maniadrive and / or php packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 22, 119, 134, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:maniadrive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"maniadrive-1.2-13.fc9\")) flag++;\nif (rpm_check(release:\"FC9\", reference:\"php-5.2.9-2.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"maniadrive / php\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:11:52", "bulletinFamily": "scanner", "description": "Several remote vulnerabilities have been discovered in the PHP 5 hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems.\n\nThe following four vulnerabilities have already been fixed in the stable (lenny) version of php5 prior to the release of lenny. This update now addresses them for etch (oldstable) as well :\n\n - CVE-2008-2107 / CVE-2008-2108 The GENERATE_SEED macro has several problems that make predicting generated random numbers easier, facilitating attacks against measures that use rand() or mt_rand() as part of a protection.\n\n - CVE-2008-5557 A buffer overflow in the mbstring extension allows attackers to execute arbitrary code via a crafted string containing an HTML entity.\n\n - CVE-2008-5624 The page_uid and page_gid variables are not correctly set, allowing use of some functionality intended to be restricted to root.\n\n - CVE-2008-5658 Directory traversal vulnerability in the ZipArchive::extractTo function allows attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.\n\nThis update also addresses the following three vulnerabilities for both oldstable (etch) and stable (lenny) :\n\n - CVE-2008-5814 Cross-site scripting (XSS) vulnerability, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML.\n\n - CVE-2009-0754 When running on Apache, PHP allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server. \n\n - CVE-2009-1271 The JSON_parser function allows a denial of service (segmentation fault) via a malformed string to the json_decode API function.\n\nFurthermore, two updates originally scheduled for the next point update for oldstable are included in the etch package :\n\n - Let PHP use the system timezone database instead of the embedded timezone database which is out of date.\n - From the source tarball, the unused 'dbase' module has been removed which contained licensing problems.", "modified": "2018-11-28T00:00:00", "id": "DEBIAN_DSA-1789.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38691", "published": "2009-05-06T00:00:00", "title": "Debian DSA-1789-1 : php5 - several vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1789. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38691);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/28 22:47:42\");\n\n script_cve_id(\"CVE-2008-2107\", \"CVE-2008-2108\", \"CVE-2008-5557\", \"CVE-2008-5624\", \"CVE-2008-5658\", \"CVE-2008-5814\", \"CVE-2009-0754\", \"CVE-2009-1271\");\n script_bugtraq_id(29009, 32625, 32948, 33542);\n script_xref(name:\"DSA\", value:\"1789\");\n\n script_name(english:\"Debian DSA-1789-1 : php5 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the PHP 5\nhypertext preprocessor. The Common Vulnerabilities and Exposures\nproject identifies the following problems.\n\nThe following four vulnerabilities have already been fixed in the\nstable (lenny) version of php5 prior to the release of lenny. This\nupdate now addresses them for etch (oldstable) as well :\n\n - CVE-2008-2107 / CVE-2008-2108\n The GENERATE_SEED macro has several problems that make\n predicting generated random numbers easier, facilitating\n attacks against measures that use rand() or mt_rand() as\n part of a protection.\n\n - CVE-2008-5557\n A buffer overflow in the mbstring extension allows\n attackers to execute arbitrary code via a crafted string\n containing an HTML entity.\n\n - CVE-2008-5624\n The page_uid and page_gid variables are not correctly\n set, allowing use of some functionality intended to be\n restricted to root.\n\n - CVE-2008-5658\n Directory traversal vulnerability in the\n ZipArchive::extractTo function allows attackers to write\n arbitrary files via a ZIP file with a file whose name\n contains .. (dot dot) sequences.\n\nThis update also addresses the following three vulnerabilities for\nboth oldstable (etch) and stable (lenny) :\n\n - CVE-2008-5814\n Cross-site scripting (XSS) vulnerability, when\n display_errors is enabled, allows remote attackers to\n inject arbitrary web script or HTML.\n\n - CVE-2009-0754\n When running on Apache, PHP allows local users to modify\n behavior of other sites hosted on the same web server by\n modifying the mbstring.func_overload setting within\n .htaccess, which causes this setting to be applied to\n other virtual hosts on the same server. \n\n - CVE-2009-1271\n The JSON_parser function allows a denial of service\n (segmentation fault) via a malformed string to the\n json_decode API function.\n\nFurthermore, two updates originally scheduled for the next point\nupdate for oldstable are included in the etch package :\n\n - Let PHP use the system timezone database instead of the\n embedded timezone database which is out of date.\n - From the source tarball, the unused 'dbase' module has\n been removed which contained licensing problems.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507857\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523049\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-2107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-2108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5557\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5624\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5658\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0754\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1789\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the php5 package.\n\nFor the old stable distribution (etch), these problems have been fixed\nin version 5.2.0+dfsg-8+etch15.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 5.2.6.dfsg.1-1+lenny3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(22, 79, 119, 134, 189, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"libapache-mod-php5\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libapache2-mod-php5\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php-pear\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-cgi\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-cli\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-common\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-curl\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-dev\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-gd\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-imap\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-interbase\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-ldap\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-mcrypt\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-mhash\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-mysql\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-odbc\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-pgsql\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-pspell\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-recode\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-snmp\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-sqlite\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-sybase\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-tidy\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-xmlrpc\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"php5-xsl\", reference:\"5.2.0+dfsg-8+etch15\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libapache2-mod-php5\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php-pear\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-cgi\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-cli\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-common\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-curl\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-dbg\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-dev\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-gd\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-gmp\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-imap\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-interbase\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-ldap\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-mcrypt\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-mhash\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-mysql\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-odbc\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-pgsql\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-pspell\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-recode\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-snmp\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-sqlite\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-sybase\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-tidy\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-xmlrpc\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-xsl\", reference:\"5.2.6.dfsg.1-1+lenny3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T19:04:40", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 32948\r\nCVE ID\uff1aCVE-2008-5557\r\n\r\nPHP\u662f\u4e00\u6b3e\u7f51\u7edc\u7f16\u7a0b\u8bed\u8a00\u3002\r\nPHP mbstring\u6269\u5c55\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u3002\r\nmbstring\u6269\u5c55\u7528\u4e8e\u5904\u7406\u591a\u5b57\u8282unicode\u5b57\u7b26\u4e32\uff0c\u5728\u89e3\u7801\u90e8\u5206HTML\u5b9e\u4f53\u4e3aunicode\u5b57\u7b26\u4e32\u65f6\u5b58\u5728\u95ee\u9898\uff0c\u7531\u4e8e\u89e3\u7801\u5668\u4e0d\u6b63\u786e\u5904\u7406\u9519\u8bef\u6761\u4ef6\uff0c\u5806\u5206\u914d\u7f13\u51b2\u533a\u7684\u8fb9\u754c\u68c0\u67e5\u53ef\u88ab\u6709\u6548\u7684\u7ed5\u8fc7\u3002\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u53ef\u4f20\u9001\u4efb\u610f\u6570\u636e\u5230\u5806\u7279\u5b9a\u57df\u800c\u4ee5\u5e94\u7528\u7a0b\u5e8f\u6743\u9650\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\n\nPHP PHP 5.2.6 \r\nPHP PHP 5.2.5 \r\nPHP PHP 5.2.4 \r\nPHP PHP 5.2.3 \r\nPHP PHP 5.2.2 \r\nPHP PHP 5.2.1 \r\n+ Ubuntu Ubuntu Linux 7.04 sparc\r\n+ Ubuntu Ubuntu Linux 7.04 powerpc\r\n+ Ubuntu Ubuntu Linux 7.04 i386\r\n+ Ubuntu Ubuntu Linux 7.04 amd64\r\nPHP PHP 5.1.6 \r\n+ Ubuntu Ubuntu Linux 6.10 sparc\r\n+ Ubuntu Ubuntu Linux 6.10 powerpc\r\n+ Ubuntu Ubuntu Linux 6.10 i386\r\n+ Ubuntu Ubuntu Linux 6.10 amd64\r\nPHP PHP 5.1.5 \r\nPHP PHP 5.1.4 \r\nPHP PHP 5.1.3 \r\nPHP PHP 5.1.3 \r\nPHP PHP 5.1.2 \r\n+ Ubuntu Ubuntu Linux 6.06 LTS sparc\r\n+ Ubuntu Ubuntu Linux 6.06 LTS powerpc\r\n+ Ubuntu Ubuntu Linux 6.06 LTS i386\r\n+ Ubuntu Ubuntu Linux 6.06 LTS amd64\r\nPHP PHP 5.1.1 \r\nPHP PHP 5.1 \r\nPHP PHP 5.0.5 \r\nPHP PHP 5.0.4 \r\nPHP PHP 5.0.3 \r\n+ Trustix Secure Linux 2.2 \r\nPHP PHP 5.0.2 \r\nPHP PHP 5.0.1 \r\nPHP PHP 5.0 candidate 3\r\nPHP PHP 5.0 candidate 2\r\nPHP PHP 5.0 candidate 1\r\nPHP PHP 5.0 .0\r\nPHP PHP 4.4.9 \r\nPHP PHP 4.4.8 \r\nPHP PHP 4.4.7 \r\n- Slackware Linux 10.2 \r\n- Slackware Linux 11.0\r\n- Slackware Linux -current\r\nPHP PHP 4.4.6 \r\nPHP PHP 4.4.5 \r\nPHP PHP 4.4.4 \r\nPHP PHP 4.4.3 \r\nPHP PHP 4.4.2 \r\nPHP PHP 4.4.1 \r\nPHP PHP 4.4 .0\r\nPHP PHP 4.3.11 \r\nPHP PHP 4.3.10 \r\n+ Gentoo Linux \r\n+ RedHat Fedora Core3\r\n+ Trustix Secure Enterprise Linux 2.0 \r\n+ Trustix Secure Linux 2.2 \r\n+ Trustix Secure Linux 2.1 \r\n+ Trustix Secure Linux 2.0 \r\n+ Trustix Secure Linux 1.5 \r\nPHP PHP 4.3.9 \r\nPHP PHP 4.3.8 \r\n+ MandrakeSoft Linux Mandrake 10.1 x86_64\r\n+ MandrakeSoft Linux Mandrake 10.1 \r\n+ S.u.S.E. Linux Personal 9.2 \r\n+ Turbolinux Turbolinux Server 10.0 \r\n+ Ubuntu Ubuntu Linux 4.1 ppc\r\n+ Ubuntu Ubuntu Linux 4.1 ia64\r\n+ Ubuntu Ubuntu Linux 4.1 ia32\r\nPHP PHP 4.3.7 \r\nPHP PHP 4.3.6 \r\nPHP PHP 4.3.5 \r\nPHP PHP 4.3.4 \r\n+ MandrakeSoft Corporate Server 3.0 x86_64\r\n+ MandrakeSoft Corporate Server 3.0 \r\n+ MandrakeSoft Linux Mandrake 10.0 AMD64\r\n+ MandrakeSoft Linux Mandrake 10.0 \r\n+ S.u.S.E. Linux Personal 9.1 \r\nPHP PHP 4.3.3 \r\n+ S.u.S.E. Linux Personal 9.0 x86_64\r\n+ S.u.S.E. Linux Personal 9.0 \r\n+ Turbolinux Home \r\n+ Turbolinux Turbolinux 10 F...\r\n+ Turbolinux Turbolinux Desktop 10.0 \r\nPHP PHP 4.3.2 \r\nPHP PHP 4.3.1 \r\n+ MandrakeSoft Linux Mandrake 9.1 ppc\r\n+ MandrakeSoft Linux Mandrake 9.1 \r\n+ OpenPKG OpenPKG Current\r\n+ S.u.S.E. Linux Personal 8.2 \r\nPHP PHP 4.3 \r\nPHP PHP 5.2\r\n+ Debian Linux 4.0 sparc\r\n+ Debian Linux 4.0 s/390\r\n+ Debian Linux 4.0 powerpc\r\n+ Debian Linux 4.0 mipsel\r\n+ Debian Linux 4.0 mips\r\n+ Debian Linux 4.0 m68k\r\n+ Debian Linux 4.0 ia-64\r\n+ Debian Linux 4.0 ia-32\r\n+ Debian Linux 4.0 hppa\r\n+ Debian Linux 4.0 arm\r\n+ Debian Linux 4.0 amd64\r\n+ Debian Linux 4.0 alpha\r\n+ Debian Linux 4.0\n \u5347\u7ea7\u5230PHP 5.2.8\u7248\u672c\uff1a\r\n<a href=http://www.php.net/ target=_blank>http://www.php.net/</a>", "modified": "2008-12-24T00:00:00", "published": "2008-12-24T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4590", "id": "SSV:4590", "type": "seebug", "title": "PHP 'mbstring\u6269\u5c55\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:27", "bulletinFamily": "unix", "description": "\nSecurityFocus reports:\n\nPHP is prone to a buffer-overflow vulnerability because it fails to\n\t perform boundary checks before copying user-supplied data to\n\t insufficiently sized memory buffers. The issue affects the 'mbstring'\n\t extension included in the standard distribution.\nAn attacker can exploit this issue to execute arbitrary machine\n\t code in the context of the affected webserver. Failed exploit attempts\n\t will likely crash the webserver, denying service to legitimate\n\t users.\n\n", "modified": "2008-12-21T00:00:00", "published": "2008-12-21T00:00:00", "id": "A2074AC6-124C-11DE-A964-0030843D3802", "href": "https://vuxml.freebsd.org/freebsd/a2074ac6-124c-11de-a964-0030843d3802.html", "title": "php-mbstring -- php mbstring buffer overflow vulnerability", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:17", "bulletinFamily": "unix", "description": "It was discovered that PHP did not properly enforce php_admin_value and php_admin_flag restrictions in the Apache configuration file. A local attacker could create a specially crafted PHP script that would bypass intended security restrictions. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. (CVE-2007-5900)\n\nIt was discovered that PHP did not correctly handle certain malformed font files. If a PHP application were tricked into processing a specially crafted font file, an attacker may be able to cause a denial of service and possibly execute arbitrary code with application privileges. (CVE-2008-3658)\n\nIt was discovered that PHP did not properly check the delimiter argument to the explode function. If a script passed untrusted input to the explode function, an attacker could cause a denial of service and possibly execute arbitrary code with application privileges. (CVE-2008-3659)\n\nIt was discovered that PHP, when used as FastCGI module, did not properly sanitize requests. By performing a request with multiple dots preceding the extension, an attacker could cause a denial of service. (CVE-2008-3660)\n\nIt was discovered that PHP did not properly handle Unicode conversion in the mbstring extension. If a PHP application were tricked into processing a specially crafted string containing an HTML entity, an attacker could execute arbitrary code with application privileges. (CVE-2008-5557)\n\nIt was discovered that PHP did not properly initialize the page_uid and page_gid global variables for use by the SAPI php_getuid function. An attacker could exploit this issue to bypass safe_mode restrictions. (CVE-2008-5624)\n\nIt was dicovered that PHP did not properly enforce error_log safe_mode restrictions when set by php_admin_flag in the Apache configuration file. A local attacker could create a specially crafted PHP script that would overwrite arbitrary files. (CVE-2008-5625)\n\nIt was discovered that PHP contained a flaw in the ZipArchive::extractTo function. If a PHP application were tricked into processing a specially crafted zip file that had filenames containing \u201c..\u201d, an attacker could write arbitrary files within the filesystem. This issue only applied to Ubuntu 7.10, 8.04 LTS, and 8.10. (CVE-2008-5658)\n\nUSN-557-1 fixed a vulnerability in the GD library. When using the GD library, PHP did not properly handle the return codes that were added in the security update. An attacker could exploit this issue with a specially crafted image file and cause PHP to crash, leading to a denial of service. This issue only applied to Ubuntu 6.06 LTS, and 7.10. (CVE-2007-3996)", "modified": "2009-02-12T00:00:00", "published": "2009-02-12T00:00:00", "id": "USN-720-1", "href": "https://usn.ubuntu.com/720-1/", "title": "PHP vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:14:31", "bulletinFamily": "unix", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1789-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nMay 04, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : php5\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2008-2107 CVE-2008-2108 CVE-2008-5557 CVE-2008-5624\n CVE-2008-5658 CVE-2008-5814 CVE-2009-0754 CVE-2009-1271 \nDebian Bugs : 507101 507857 508021 511493 523028 523049 \n\nSeveral remote vulnerabilities have been discovered in the PHP 5\nhypertext preprocessor. The Common Vulnerabilities and Exposures\nproject identifies the following problems.\n\nThe following four vulnerabilities have already been fixed in the stable\n(lenny) version of php5 prior to the release of lenny. This update now\naddresses them for etch (oldstable) aswell:\n\nCVE-2008-2107 / CVE-2008-2108\n\n The GENERATE_SEED macro has several problems that make predicting\n generated random numbers easier, facilitating attacks against measures\n that use rand() or mt_rand() as part of a protection.\n\nCVE-2008-5557\n\n A buffer overflow in the mbstring extension allows attackers to execute\n arbitrary code via a crafted string containing an HTML entity.\n\nCVE-2008-5624\n\n The page_uid and page_gid variables are not correctly set, allowing\n use of some functionality intended to be restricted to root.\n\nCVE-2008-5658\n\n Directory traversal vulnerability in the ZipArchive::extractTo function\n allows attackers to write arbitrary files via a ZIP file with a file\n whose name contains .. (dot dot) sequences.\n\nThis update also addresses the following three vulnerabilities for both\noldstable (etch) and stable (lenny):\n\nCVE-2008-5814\n\n Cross-site scripting (XSS) vulnerability, when display_errors is enabled,\n allows remote attackers to inject arbitrary web script or HTML.\n\nCVE-2009-0754\n\n When running on Apache, PHP allows local users to modify behavior of\n other sites hosted on the same web server by modifying the\n mbstring.func_overload setting within .htaccess, which causes this\n setting to be applied to other virtual hosts on the same server. \n\nCVE-2009-1271\n\n The JSON_parser function allows a denial of service (segmentation fault)\n via a malformed string to the json_decode API function.\n\nFurthermore, two updates originally scheduled for the next point update for\noldstable are included in the etch package:\n\n * Let PHP use the system timezone database instead of the embedded\n timezone database which is out of date.\n \n * From the source tarball, the unused 'dbase' module has been removed\n which contained licensing problems.\n\nFor the old stable distribution (etch), these problems have been fixed in\nversion 5.2.0+dfsg-8+etch15.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 5.2.6.dfsg.1-1+lenny3.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 5.2.9.dfsg.1-1.\n\nWe recommend that you upgrade your php5 package.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg-8+etch15.diff.gz\n Size/MD5 checksum: 130902 27d7683a1388c69479b06ac1162e27a2\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg-8+etch15.dsc\n Size/MD5 checksum: 1993 68d631a7860f0fc34516cc8bbf2938a5\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg.orig.tar.gz\n Size/MD5 checksum: 8431973 956486a588c577616a5008d185e84968\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg-8+etch15_all.deb\n Size/MD5 checksum: 1044 a6e0b8f0547c74c498749d28dac8b92f\n http://security.debian.org/pool/updates/main/p/php5/php-pear_5.2.0+dfsg-8+etch15_all.deb\n Size/MD5 checksum: 312534 c5fb5dc9ccfe7dfaabce6c5f6f289549\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 5312 f2543060aaf1a8cb00a142d77c7d727f\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 55670 96ebda392780698ae80441a9021c8b4a\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 221226 9af42f2646efbe5c43482e9333e17bff\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 38922 8a9111577f3ea3021ea6e5d6b2021306\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 2487846 c371adc12b1ff1297a3b1dde1294eca3\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 70954 9f948ebf6a836d954a713f194703db84\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 4789370 31123ee20c392c73aeb5927077457e5c\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 2487508 7cf62cb8552389fc0fbb8197b7de3808\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 18612 a9322e7cbf565373df7bb13ede5b140e\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 2412536 a61c4e23f2b41757d8cd98f2c25e8f3a\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 40296 a7dc0d924077f01cc7341d5ab5592151\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 36648 4c4fac1064c51938b08d8ce444317503\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 13386 7df621f308e5be601693a14ad147cfc2\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 19602 05da76fefb3435a6dc6d1a1d3cc05da9\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 24966 968d6f231c862b7261f2f7e29bb1f297\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 4952 a77709bc4600faeec75f63597c6333aa\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 11844 229ca7db558bdc823c1802dc5399f422\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 17548 1fcb3438c69905237c89957d5491a6b5\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 36114 5582c32c8c44bdebfe6e4fae73e0a3f6\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 9054 8e1e0de6fe55bda2f749197f1c4177ad\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 13474 976cc49b0a93a751ee785a93aa3ee5d1\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 36510 3403d24592323e28561d05eb0299110f\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch15_alpha.deb\n Size/MD5 checksum: 345330 8a5701ec09bbb5b03ac2f543f4320452\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 38588 90097351de2bac5c6e11a4f7fb5ec73d\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 19438 f80699a3c7592b7c38f50af56eeeb957\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 345976 51b9e65a337166cdb1125549580abf89\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 2379548 0b47996fb2a5944fd22ab8b65cf4c722\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 36416 3ace3d84f12b5a8e83248e738fcb706e\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 24994 5fbbeb2537f4876d7a516464d510173a\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 9404 1fdbf3acbf72ef317428fe4f60485882\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 5266 39eff740288549e5d8ea1cdce0c5f85b\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 53952 94aae1cea47eb7b61be1800e011a93b9\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 36726 5c0f91b30760d8512384c0f68dc2bf21\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 4904 4bb26c59f0c29152d7d62dd048b25bb2\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 39166 9f9aea8b4be57aad3d2eda043e190c03\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 12062 c4e5fd6ba704945b175c410a4b728672\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 71674 c547292c0a0d6da49953e1001db139d8\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 37124 99d582300b639a7db1b781ce76a28738\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 13030 7776dbf0c8a27a45fb358f2bb6c2f7f9\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 2434624 913d144ced4d3cbcbfd55361f60fe791\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 17570 1d72cf93b65af6c999e443e656531123\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 18670 c24afd04176a516986910ab36e612f3c\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 13494 4a7e7dd3e7e2b86097b9494bfa4dcec9\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 4718800 7d29d3f231affd34e79719346d075327\n http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 46630 ce7e64f8aa10fbc1f40149fcbd40f6e0\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 218482 294541ab5286e92e2895931547a4015e\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch15_amd64.deb\n Size/MD5 checksum: 2433932 aad636fd27d8f7d7575d5ff3b89dce3f\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 24088 139529fe838c8cd016eff13e025436a1\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 2311092 61d8a0de6eb125ad57fdad955fb35876\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 17090 47014280f104d578718f7582bcf055d4\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 10934 76b74a1ccc9eea4c8756859e9479eb47\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 4575698 56703045b95644440f032a798c879607\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 33654 0663eee52f40ac47d681447b9d488fe5\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 2304346 c5cff8448c9b6c98825435d27b3dbcea\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 63830 055eea0ef9ba6d30329a1f9326dbfe6f\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 4646 a4ed1f4addda690552985021b9b0501d\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 17942 300b0e8b66a21790c6ed79021e8d6572\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 33746 1f14e9713631c01d081cd94039a38cd4\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 4870 32f28ba8771fa1fdb005482d8b7eca65\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 33686 ecb6721d6082a5584b292a0d39f5f9cf\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 15840 8061206023b9effb8f0806d0113455bf\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 33662 c8049500843ff9cbcc0157a65f4bf3a4\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 8760 d21592b925ae39243ef58a26cb293d92\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 216574 182a35a7328d9379e2cf6ef2e5451c99\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 2310394 fc702e479a5a57b70b33d70edd71e980\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 49276 69e707fc653c7d8d3fded5839f30734c\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 344728 f0344af40e52b2b0a02da44c6a23a3b7\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 33026 b2da33b4b6be1a07758ba7b48634e46f\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 12452 fb64792d2924c2b5288b78941769ff78\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch15_arm.deb\n Size/MD5 checksum: 11872 3310a036b1c05e62407b605d41be42e4\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 2636602 1d4280efa2bea1c4ff0eb2214a2dd36e\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 75410 4489680360a0027fdb180613e0758078\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 20318 6acbf7623ccbeec417d6c2cd3ca1a50a\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 58134 1f3af80512a5d21c2f5299ab8a4d0948\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 9744 505d36dd1dcdc1ed0c92d9457608e1eb\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 5035620 764abcfbbd604c819204adfa710a91a1\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 12560 cf0b5fdb8cc13b3d35512ed3dffe9b04\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 224002 3df6d6779e738add334fecda3a669d50\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 2537952 0eea042d04ef0d9d5daca907fb115f36\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 2636478 522401c79c6564057fe9d5eedf7cc135\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 42130 6edae2743fd4d85230e9df3a74d8811f\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 39992 fe7ed8416cf8dcf95f674f06375fab4f\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 38268 1e812f8225b53862d728d440c6a7947c\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 5500 bcb747a022f9c6f59fad63574f1f7bc9\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 346676 3f09913be9599bfc49fe8487d7e32560\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 28248 67db4600ec126a7b87fa7a2f6f600109\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 21124 9a0dee178d99a85699a7666d81ae1bc6\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 5820 cd5b6df44213c036235b71bc436753eb\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 15546 18ef0779da3a390439b41c7148e1c1c0\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 14102 f39ff27986b250ce0308d358956e9d09\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 39548 28ddbae4b7c8b4b385d5bbee109759d6\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 40968 1ad6327a6d6da549ee8fbd3640abbfc7\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch15_hppa.deb\n Size/MD5 checksum: 19592 e0f5341cdffb177d8fad92367f884b05\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 2339206 24952846b1f59700d9fc3eb7eda593b8\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 34086 1283e885c115d0961e0b9bd1dfb50335\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 18384 6fe9fe930101234fd8ed633282836d97\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 12818 ae6b2666d55ee3d71e937bad4cdf0509\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 4766 857beffe74346879511be8bcaa3d937d\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 34460 6c8956b10463043b95f6d61f47a1c0ed\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 8622 bb7757c392c46dd57205db363c48956e\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 11298 457bc1fa3b3cd4b18634fc31f430da10\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 4612770 5297c410089bd79e5273f54e61a95c7c\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 2339536 ce82b2daf6088d3bf06c244270ef1ad3\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 36452 e23cdeea5fb3e7df0dd0cc5613d35f5b\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 33528 e73d034a8f817960ebee7bfed883cfd3\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 12252 aaa909c8c6f9fc4574dafae706f6dbfb\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 215532 8eaaf77fb9f14f518c4205032fe27fb3\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 5044 7df43dcab59897a4d7608e5df8fd8142\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 50698 17441dce657d1e87468a9cf33e680c28\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 24466 9bcd0e50b57bb267cc935b9d6f23b72b\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 16464 c3527acc4fc312a727d8fcc126275532\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 64864 7621b979e84c5c6eb05d7c59df78edb9\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 2324852 c890a001de3c22548d64a2d139972af3\n http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 44384 88eede96bb9b95cf92b185375a0d7df3\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 17230 2110c3fa04b3472e007f7912b63dc99a\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 346094 539d27179093a56eea2a778503e4ab89\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch15_i386.deb\n Size/MD5 checksum: 34542 a71392dfe59e096dfe1b66c7b7609cb8\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 342160 e6eff7c4291c8ea3dcac884e7f8806ed\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 34404 80e5043247dd32ea06ea79a512ae1110\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 17764 4471890b779b393eee26cff018dc3ac4\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 76614 1215248075f451832c6394937a1f679c\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 54516 6e54cd43ef8e8fc02b7333d9b6f7b164\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 25084 12f75ac1de0efa710deddcc09d4af92e\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 6140 c8144d6ecc95119158876e657392829b\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 54672 81cb800a37f35635e6de6b3c51fef2f9\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 6494 e309a1a419f33a87320819934045e163\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 50646 3c9f5bd7da07053000937eccacbf263e\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 3197862 b5b20854ae8d05ea4f17e9a5b62a2b15\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 235830 052a058da72b25c4c466b477c5e23f43\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 50238 98e0f5f276a683a24a8b675a1f0c8b39\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 17550 861a357ce4f6f84f13357b0d4a83ec89\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 12008 1ca7c135bac7e8f150440faa608594ee\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 3151408 a3f8099d8fd1eaa468f29f6b5cf64638\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 6259170 87aa402d5bbd1d569a1f2505f99c17e1\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 95628 2ee174b8ad8a57f9c22bc82834c586c0\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 3199180 f5ab4ba24bfee5893a9678c383dec1e8\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 24860 981b166670ec4db54249364253bfdaf2\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 48398 b0e340d43ba129404179531374e1f6cd\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 27146 4023c1b6cd5892e1ad34b393deb307eb\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch15_ia64.deb\n Size/MD5 checksum: 15432 cf872de4cb705f70390974abc98d4708\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 31606 8dad9676d8dcc418e7e3c3ce9981897c\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 8278 42017d4bacb172c87e357963736bdd0f\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 49504 2c52f40ddd8288ec3c02c706ec33bff9\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 63870 36fd776109f1d0f2638dc3d7d56c312c\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 2414420 f9ea9a79dea86f4130a82f9ce89ab360\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 4736432 82bf779a2153573b1719241855c6b0a7\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 15736 947c8434695bc5e644c28c8424011b49\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 12472 bb7c7775c6a9894d89adab19f2653eed\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 32766 12de93032df13f057bb167c1c830c07f\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 35260 e8db5f85f2e8072e0c711f21fbb7c9f1\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 2388138 ec4c08d36c9080e566120c7ed6c0dd65\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 18504 fdf8cd94cacff491ed1fed5000c94ea7\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 33180 57028bd8f7813d69bd3d8d06126a3fe9\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 5244 30460c36a670637a4df98d79dcf587fb\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 35604 6561405e37bd4442c2ddc62d9f05f332\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 217186 0a4655619e3eb5e2ee4886b223b8e5aa\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 12212 9e75c2d0bad91ddd121d5c46e755360d\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 11348 e0e683bff422f973eda014c50d2bca60\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 4908 88190b0ff2787e8a8c015bcbd7181a57\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 17312 f4c9ef90446fe25e8cd9d7a11ed10138\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 23356 fcd7a26f66c7065702c0c00ed70f119c\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 345462 5199aeefe250ec141efa47afcd18e2cf\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch15_mips.deb\n Size/MD5 checksum: 2414070 a9e0301735bc3bb48f23383967eb05d4\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 12138 42546e557bb86db0a5f3e541976afd52\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 4900 21a213cc2cbd83d73c5b27b9f6c878b2\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 2368910 64a267448b861bd051af1abfbabe7a88\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 33094 3f877ac3825211064a49041fbca106ee\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 8206 0f3a0e6e9b49ee01aff6f6401e74e3cb\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 63412 88618e0af2633a15253e92ded4b79b73\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 34934 79432995d1ffddb14daebf850d510b21\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 31554 7fea1636707354bf7407428a27d38795\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 5238 dc1ee8be27173097a9f5d7ba16be96da\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 35562 5a60ff7ada9a820521b03f0871590b9e\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 2369942 1046b334cd679e807cf56ce7cd0ca0aa\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 4687640 483f99e6db60c78b26181298352309af\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 15648 ced51c3a5f31837bb62ad17fd7a2894c\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 342248 4009fa1cf603d4a96982e3c06a07a5c6\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 216456 7071a61700d419350263c8f3897328ae\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 11260 3df964ea3d0d03910d839300a4e91913\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 23372 6da38108210252adf9863ebd835be800\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 49414 c7a18e0a8c0345e58e2fc44dd0f760cc\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 32308 926993e30e6c169d1ede6f3546bf3f31\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 12428 50b1b56f30669bbbb93438f7bcad824e\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 18464 ca647d8e2bfc76d1773c443d8c8bed96\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 2361012 edc3f684db523093caabf7547038683d\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch15_mipsel.deb\n Size/MD5 checksum: 17258 815bd4b979c29f2fc83e00a853cdfb01\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 6356 5b03d489a708681fe4d728248da62a2e\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 13756 ca5f1c20db873df06f6a012c79525e8e\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 10118 a2567363af57dfcf9691d80c7c6e6143\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 2443080 1820dff09e7652b38b810be002100499\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 36010 44be1e0e4ef839432e945dc9969f9ac7\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 26794 0bd9abc2e4d221a353d92e580d3d1969\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 36486 181249f78ab7032bb9a5d85be3d57da5\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 37012 e7bdea05d06b9f9cbf943751cdce46b0\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 37722 ff95f84599c1bc8acb066b63a4d16fb9\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 2395642 f25db1183bd763f156a553d1ae4da610\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 14748 bb755f096fb464b8a892d4c652835a69\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 219940 2b6799cef3190db6db34adebb4848fda\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 20244 43fecbc5a5d7b345d495bcae3252764f\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 6742 b99c0c45318e6b228c1ba5dbe089a471\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 38054 25cf7ad11527dae03e1ef3604c6bd8da\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 18458 7fa7c42b48c2392876927ca58435cb0e\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 53962 a3f8f8346f9fa93b9d5c029e02f12456\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 70316 070e13b75e1cba8bd8f89ae27a1c8e6b\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 19180 ec55dabf5357584f8e25be0042c7844f\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 4750566 91664501656bce158df70eb341f6613a\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 344546 dde478197a7294ab3aaf30bff3e171c2\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 2442670 61166501966bb8fa04e27b4bc7316432\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch15_powerpc.deb\n Size/MD5 checksum: 12702 76cc7091c6db71ef9dd9e69ce0b00579\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 221368 a6e658b97893d8b77ccaaf04e35e42bd\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 9194 fa30b60689f9aa411a6d30eea244c622\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 4894702 977e1d064ace840b45e1a73f27ab4a4a\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 13404 39e1e3f533d15d5a408bb358df8798b1\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 36168 6cc918284ec969691d556523703fea66\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 56330 f6fc9ed26260838fe829b4d89fcd14e0\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 18182 f4a9628e3fe287545907af24cfcc849a\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 19326 382049adce2f0bd419ebc82a3526e596\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 72592 337a5ff80194823a1181c3875ae8cf00\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 11960 86d90439ba65beaba664bf01646e26eb\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 19582 96cf40da9542bee18aa4906711f27a7f\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 2536368 9e6c641dbf7764b368672e9c8f3c2e08\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 13444 138cf346d0b753e15ef936ec889dd1e8\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 25040 ef129928ee072d2370e5d9534353a8af\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 5132 3f5a63cbafcecf9942c4e474bffa8c67\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 5478 8d4952bc62e003074e418b6824301c2a\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 2465860 c1f7086621fe0756f8e5956554a25fee\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 37188 cfcd07d6ec12fe61e457b82dff850e49\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 2535908 87d8dd0d86f48e162e4b8710bb8eaf60\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 40524 7c3cc8e5020d14d2c2fc84da6eafe24e\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 342210 a491997e72607223b8d7c5cfdde973fa\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 39198 062f74d7158c086afe3c8436f7a1cdd0\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch15_s390.deb\n Size/MD5 checksum: 37252 ba27d42fb587566e370c2d1bc536e9f4\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 2333980 dd28760adfbc4ca01a5f0ca5db64989f\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 10774 bb3753599a2ae5574d011f2cc11740d4\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 62210 b66be0f1e76e37489333dc91de9744d6\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 16586 e0b266c39c36a5e667cca229f43a28eb\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 4525670 258ab01f6bfc79f2bd4d825cb1145a9a\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 8276 4e7da0ff28b78901a191cf9425362681\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 24652 7ea91609c3f642a21513ee451d405234\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 11678 6c734dee3e19e59242719233f61aec5f\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 33304 5683a3c91dba8aa7d19dd976119f795b\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 2281860 31210fbdbcf3c1d3040626b162587e7a\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 32592 b0dc42cc6cc8fd6990b3c7e548b91095\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 17458 d349438d7a88740807d029692c329b37\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 4872 81f03284e1f322a6535c31c29fa3f665\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 2333472 0857cd1d3b2795ed7acd0300cbc840b4\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 34914 28f290db6e698eb55ac22a356e37e542\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 33086 4b2022444cd5a03142f9976a36e45076\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 31526 76a67289d992d7df2e0f831f8f76a271\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 215706 5350f154ebe757f7644cc6c7d16401f7\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 16244 c653f76328aeceea738bb74d31b44130\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 12630 d33844a8e4307574c0de0f91e6d1b1e0\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 342314 c9b88048c81be7f342f8d58eb4809bbe\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 47952 8ba01a246dbf5197ea4557ed702eabbc\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch15_sparc.deb\n Size/MD5 checksum: 4654 5f120de17b90a1a60dff8cb5c73c600e\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.6.dfsg.1-1+lenny3.dsc\n Size/MD5 checksum: 2520 e865d9ad2851dcf9f83d71c148423c84\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.6.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 12173741 b80fcee38363f031229368ceff8ced58\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.6.dfsg.1-1+lenny3.diff.gz\n Size/MD5 checksum: 160126 9a0f8b8a480b0d95ddecd7f82593e108\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.6.dfsg.1-1+lenny3_all.deb\n Size/MD5 checksum: 1078 68c3a9e139c81103fce02940c5e1951e\n http://security.debian.org/pool/updates/main/p/php5/php-pear_5.2.6.dfsg.1-1+lenny3_all.deb\n Size/MD5 checksum: 334564 b4c42ff4056be09e0cf2102445518736\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 71712 b820d53d822b0ddb00d4928e6e232e9a\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 8928 b7a52eb73120fc89a282195829318789\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 13802 7bcafa8841dc31e86a8a8d94ab4d04f3\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 19676 9fdc3bed1d775d784a1547c7a3df78ba\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 12334 aee151fe4f6a3a7061f21f4ff031f31a\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 17670 b3d36aa88ea83e03ccaf6c92f85e4498\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 5080 fdf892faed973e797cffdc5571b1042a\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 2674408 e4457b886974643f04d52341717827da\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 15822 66a7f1a85356624f5f9772d7e31bac1c\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 37514 c3627c5319d269416dfe8b0bb97338fb\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 25010 13a28b75ccfe9c47ae1661d7a8fda542\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 5163370 cdd01a0fea962714adab1154d7b41dab\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 27608 d833a8cc9ba83da449f1a2373c85f3fc\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 5412 64f5a28d948627e6b03d8a154259f849\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 37168 4dd05e75f1d5780fe8de13d9c07d7a9d\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 14060 df8db38d9a072e2ced4ea19226ac1168\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 19512066 1efdd53c61a6cf28dce0543462728efc\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 2673040 787a29a967a3e6458e1dcfcaa3ef7608\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 39406 0c83e84941cac2840ae761c7742e915f\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 2598434 1a7a352b998991eb506d136406fc4da1\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 36650 2bf015e1dce330ae3bd3645a2454540c\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 362786 1175ddaf9788bfa1a1fb2e5f04396761\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 368398 06e35e7ffff7b3c854f09b96feb4b181\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 57878 1e48fc0c9f2b32c2652d6bafca2c6a9d\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny3_alpha.deb\n Size/MD5 checksum: 41632 593a7515ba3746cdd4de8484eea1fe65\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 5428 6ee59ecf0e008a8a230e28f907116d4f\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 9474 b0ef7faa0cc3f1cb1c3fb41b5ce05c30\n http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 48452 3ed659cf2aa7e178bfe049a5d5958f6a\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 366086 bdb6555ef6bfba1d4d3a4466d5727325\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 8300332 b282cbf7b62b897417eac1d3be14ef87\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 14190 62126774d34edcb24786676203fb08bd\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 2614610 b309b2993a0aba0f495c57aaa909a274\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 40912 94acf21a9170d6246259be00fb877386\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 37046 baf59ec2824c389395a04a29d6dc8909\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 37864 caecc5e8c8c5c0d4e0ed964365db2f92\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 12350 df28abc45cbd11af84d28ac91b930f97\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 13940 2357126080c8576f77095246abf9f37d\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 2563068 80d0fc43130775d658af3f87ecea644f\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 28064 85097f2998fd151d955f572964e5d422\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 25260 ff405813e6b71d4b90611eec50e96a8f\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 5100 d0ea290a8c385c6aba602d28e4d2cd39\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 367858 5b8e49b3b892569219baf60a896dde95\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 56882 99560785fc2489866a1cdc32ba3df138\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 18134 5c8e5ab6ac2f0c482222787bd7eb29c5\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 73714 4aae04e66b706291291e2b03ebcea83f\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 5083216 428f888c54d8a5ebf783b6345d629a3f\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 2615884 834747cef1119734261264d24094c5a2\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 38098 00258c838c19400ec990654cee6f7a96\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 16524 9b3ecd5606fa66b221b111b821018e54\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 20160 b9f10192699c5c6a2613f595f5c40325\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny3_amd64.deb\n Size/MD5 checksum: 39780 7a8fe62fdcd1b72a4be02ee2507b292b\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 34008 0e99ac4c79e39657dbb2c47a851f0f6c\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 18038 7e059b3bc36ab4ffa3f5363c71985df4\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 11272 8b616635d92a42f38610e30cb6362782\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 24974 ef18b9f5b910ad90e4edf26e75277b26\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 2439774 3869ac0307bd7d203779109ac4991326\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 34482 573d1c55bda69385638ce10badad25c3\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 12458106 bb57e14d56b887aab4e66890f1d19d09\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 16064 33dfc57163bf769b05d0ec6541a257c7\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 13866 5718d2d7f7e467d45f2506025206b617\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 12788 d24946f45e393af9591cb22ce59aa2b3\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 32766 1e377a317fa18c8c7427be084496af28\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 12488 86cf842dd35e7d39399f56aac794de2c\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 365138 9d1e080fbfabc0a17330fa131f21487f\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 4968 bf8f16ad08ae817b944f373c1b5cfdb1\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 4748 94f08add435f9c12b56d386922fb6cc2\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 8370 3a1d6ce866160b153138fe842b0e6979\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 23664 ed6b0f4ccfe9ae0db5f4568279d6bf66\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 34234 6d90436cd54964865a27f9582b1394c6\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 51216 c7e5d4cf5b10261795d401a0c226cb2b\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 2446838 fb70395a38d624d9023d85460298233c\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 63752 806a32cb00b5d46ba4e8ec1be57b4572\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 34782 0c55c055992eeb24fe195c3cc9d0b86c\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 365240 ac5ef3bbd0dfa530fef524bb42420336\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 4847034 5a36b5886c3882bb84dabd49ceefbe7f\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny3_arm.deb\n Size/MD5 checksum: 2448174 75cde1148efded71e752a643b57e6cd7\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 2441786 2568cc45c67332c8a67a77f211469d8e\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 36576 57367a49ce5c6e5f851fadd506465bf6\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 2448124 0f0991ffef0cd003d4a42bedc7cdd07e\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 18090 47efca43ed376bb56c584bf4142f2cce\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 16076 7a916d54498091f416aba69e8f413455\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 25716 6743f2f4e47bacfa1af2156700f34edc\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 365680 246c23cb2795e978c6ea9f5a9fd502e8\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 14698 844dc4f5c33c12fb29f02a966920e65e\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 8378 c4ad25a83aac7ec8eb3b6e7ebd0e0835\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 4946 e68d5dc9de2e1b357e3a103451e43998\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 33926 1bc7618ea66b116f1c3cf40461dba843\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 51074 2f66086fe1ff43f48f78cc19a62f9c8f\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 34502 2d3b27919cca86d4ffc1bb3432ed45a0\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 12611096 a96c4f8455c55b10c29d7b1ee4abe6d0\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 11296 74fe794a2b66638abce9079f2e47f3cf\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 63514 749163b778cbe8cff813151318e2fdd7\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 34454 9edccd6ec58a93fcec11093ce58093b0\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 35800 759f1906049959564c94fb231b25c0c9\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 24416 e1c0646dedda48e90db1606ca20c6cf1\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 14356 bf5d1d053cf04864392e7a996abc267f\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 367412 9b75cd1f98c3d90ef953a9fdfd21e02f\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 12304 783ed815559a52df31cf7661b923633f\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 4848990 2f7c43758731da7978ff24a89fbf1a3b\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 2449358 73b679596d4d93d5d685c2a26557ffc0\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny3_armel.deb\n Size/MD5 checksum: 4708 ec0fc45904ecc1f4596bec15afed0497\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 40736 f33cb2911e71a51674e8741e2ce61c08\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 2749420 beeecfb344131356eb6eff2e2e94fecf\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 74564 2ea598bc0311e9699029dd03610fdac7\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 19984 f4352dbd95e8cebbc9c8ca977d1feca0\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 14686 46b051b5a56f77e8a8098798b4602232\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 39146 38619dde3ecd29a7f7070da832cb7c7c\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 16694 07ea4bb593c81893f283cd887f2bad09\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 28958 dfd907097db9bb580047887b77a3fb8a\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 2641938 4e17eb8f25094e609fe37a441bd5a4d6\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 40134 890c40d62c7041f16fbf801de77cd235\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 12966 2cebc8946d950db50edf3e8e1eeff1ce\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 367052 f6142014a803287d591ac4ab34a5ff47\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 8830808 1b2af51642cb83aa2b77c43c2e995152\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 59434 9931ffeea8f159e1f6951f99743eead7\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 28002 8210adcfbc01fc08544b16af1d3d43ea\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 5898 cf291acd0a04a88d00df796cf3b54c6e\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 5602 ebc0dde97a1771838e303fae199508a6\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 371086 76491387601681b3b0888db105e81ac3\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 41554 94fbd4fddd6e1803800a531b1ce12746\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 5248612 b43c8ccdb61309e8249ddf4e914e4191\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 9726 bf79d26dde940a516a497b1187640ed2\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 39018 dfef44dd259843297fd45ec5e091d85a\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 15670 e8b6a5acf8ff6b38de625a235bcd3935\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 2748260 ce830fe8c690e0214ceee078f9778147\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny3_hppa.deb\n Size/MD5 checksum: 21302 389bfc63e99e9cbaa43127bc06665fe8\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 18200 03972992f934da8f6aeb6f2cca4dd5fd\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 5126 9dbfbd5ce57e75164efc6cb235d3cfa5\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 2483986 1be4c2f4c2c744b62daee0050143911a\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 34702 62f3e86d2625349af25b62a920e21d85\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 2482644 6bcd2508df82ca5f64e735ea63edb0b8\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 32356 97097ecd55e89dc78c43dd8203c00ab0\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 12792 657051063ff05d5597af23a9ea697997\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 4828 2ee8b7a5816945297a77ac7a5a79ae97\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 366788 5f245e6a03d0315a45f9b98b9ca2af23\n http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 45136 f26b12264c47176f61b9e59bce3ba474\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 2474654 f0f2f18d1df04aab14eda7c7026879d6\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 34568 8a960581290c54dd95786c6f5090ec4b\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 37656 6eb754917adb072091cc80cf7579ffb6\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 12886 0835c4f17a2b20ecce12f8dcb3714aeb\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 23722 f4f7a7bf8352e362d20a8ddc89b65eea\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 11564 2b13e97918ae06538c531f1ac2551946\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 65628 40b3c044fc5d2d984753a10f51ccccc6\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 4909730 59fd55575b063c57155f64dd6071a59c\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 34154 9d7cf22aab3efe54bf04234a894b4359\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 8485794 cdaffbf77b10e9432d63c54cba212509\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 25012 4572f8c5944ce82a56009dcba26fe975\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 16572 e97a5b3a5fc375309abd4dadb1198024\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 363180 0ac60aa6e71eb91967f9994b11548d36\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 52364 553e422b3e6195d1b28a2fc047228272\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 14160 5b03292b3addc6e51e02ca914454d051\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny3_i386.deb\n Size/MD5 checksum: 8436 8a1b84dd90bd2efbf4d76a9ee288f900\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 50636 df9fa2474b1eb2427f02cdf23f26505d\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 18600 0f15eae062eb3680342c96bcf8e250f6\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 26678 739c289f9981dad4ab8be25de4814040\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 97418 d970c3f1a552ce490fc4ddc7ecf53eed\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 54920 834f8865b35c5e318ddfc3b1df3ab5e7\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 362744 9622323f0971e0f78201673073db348c\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 34382 f34c3b8fdbeb137d2c4e4f4f0d5e2d68\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 51776 bf02b09da989438877160a49a46743fc\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 20526 4c2eb2be72ace2e64c37ef0cbb18c99d\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 6610622 098132e4ce093e8b410c982673a2ccb5\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 18186 4170afb463a3b6f9bf931de6efec764b\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 11950 fb96fc4f5501a5f8bd7dd1f06be4327e\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 3379682 87bee2433d8cb500dad6e56945616c5e\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 54634 38095cd75904d4034981bf56f19c5702\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 6234 b0246dbe2fbb34be510fc714ec7820f8\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 38224 e1c8aae39f696ac46486e7df470fca65\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 15846 9bf65e7619421406073ed34d7bb003da\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 50862 bf81161931168566a947db412aeecba6\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 24684 d57d53449cff02bd204317f75c89f45e\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 3377378 e5237ffb1957f53c2f61a2d117ce0e7d\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 383616 ead507c100d8bceffa3cdf46c10846d9\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 6542 11859d19492fe8d23191223758c4969d\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 17615940 7da664c6a7abb8ad27d750fbf8d7c51b\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 80456 ea54885ed923fe7db3d99f42d7313451\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny3_ia64.deb\n Size/MD5 checksum: 3324810 e2c0185359aac47366d74ffcbe6d7b18\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 12370 c7df846c5a1c96dcaa2a8ab25d0c734d\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 33802 2b06e4163cd89e9dc2dd6d2d5b1c549f\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 32420 d2a83265d61bdc464dbf6fed555177c5\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 8280 e5614cfc506bc38b3e384d5f13c63e93\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 365930 833f32ef30d85836b3e0ff835da48ad9\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 4960484 ae26c572724e5bb00a031d25e3cf9c56\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 16028 7afaf657e3e5986407bd0e62d3cc0cf2\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 32340 c74296f000684e11c4cf02dd38b8e674\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 2520660 2cffc25df8d5525fa00bcae563c8b660\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 24900 b04684aef1fd563d064bb2347ff335de\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 12924 c0c92df64353f652e75bd88fd516dff9\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 362864 9d44905fcc1b476f57c8b9fe51baa119\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 18426 f0b30634a92e95370653dc64ce1f516d\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 51122 9a84342646cd054676257817b69e74f9\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 5304 98034e9fd6f10df205e51a68d08d2861\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 9446130 eeaff147c7153b3317b06b05e6a95a75\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 5002 ced3345c2993c3f9d8c10a9a7546bf6f\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 23192 eab36b7a4fd91ade6d90b047fde42ba5\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 63516 3f3bd60a61ace778bf4539c69e16ade4\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 2491762 aca8c5d9a48fe4167b833bf2cec509d9\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 2519060 f44a149a9d8e799abf8d82053d10db83\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 35498 5f7fa5c897bcc493119439fc721c840b\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 11508 1194b41152bdf03addff830a199b6ae7\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 13302 ab380e26e504be58ad29acdf59d1669f\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny3_mips.deb\n Size/MD5 checksum: 35776 3b7351942ffef746b49684cce9fa89bd\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 33566 84b9fe4889bd6a34eb193feed16d7b94\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 13202 0405d95601a6fe7837f3cd1cc6853287\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 2476526 7d8c5af525c5664f71ad07b08e63209d\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 4990 29142a37738e81b5e1d631ed6e3e2875\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 32260 0997f248adddd23ed415cd6bbd55735a\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 31794 87ea44868934417418ce97de380a10dd\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 12836 842b17ac23f91f85a959b56bbdcb0c4d\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 2477602 b69fcc9c0174e695ec434afc6c4d14f4\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 365260 1a0ed4b1f60a285f7f87dfb0534cfe09\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 24758 df1ce5be247367f67ae6e80d907ab41d\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 62746 8bb27e77fbad03df7e03d01cb8932743\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 23094 0027bd65d42869e010ab2bf654c5d36b\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 11438 587fb68608ab53f352eff1c9b5a5c968\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 15904 2b9eb9ea7485d79a3127fa10d29dd4a9\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 18326 8102924db02ce08edaa5090225504d52\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 2467346 43518bc368b3298df596d114051a64cf\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 8212 5f7fc7ed29922901aefee1322acf2fba\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 50786 16fccd64ccfe880355b8eb7e6d467075\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 362816 a1be41f39de860104f23745ce30eb60f\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 12310 7646f6f475c51b8903e097daca712950\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 35228 86c7f6031f849b10ae5147575bec1262\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 5272 965b8b4e3cc0e5229ecf0e7345767194\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 35648 8fb35906d69b0cee69b92eaa3409c992\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 8844704 e386a1de15fa024821baa029ee908be5\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny3_mipsel.deb\n Size/MD5 checksum: 4904808 5f8a2dc28c3ac0b8ed0d1f608f2ff1b1\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 362902 0be5fc02aec8884c8acec55600975c7d\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 60398 c0a7ffbeaa571375c992458c468e3c69\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 5072872 bd44f781031120eba5d8f0d8d7c830e3\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 370118 7cdc7e4b37c72f4e55ef1396ad983438\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 28060 16d0be6b6fd5c3602ece5343bf18d2b8\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 39122 fddaa821c6f5794620e9322e8871c0bb\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 42752 b6f5d6caa8112190003387b5bbe333ea\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 14130 5fb950c2393bc1bee3bd936f8a84021b\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 41052 2683cd5643fec2e95afab59637cd4efd\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 7522 a05450cb115a47805de4bcf8fe740c7a\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 21528 54024ed51baff5e6e6ac9b3e62a8bef4\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 2647478 881062b9bddbef63d37dc0ef5a2e7b9c\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 20048 b83774dc4ae11dd797be6e963671bc74\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 7222 3e05102da0f2502ebdecf0147c03a896\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 2644668 3c28879e607e30d2e051a78fee458d67\n http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 56358 0937bc16c4fe9082a375d822a2115846\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 77028 ddcd7478c58beee78eedcec016645d2c\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 16954 54afa9c0cab6163b1b038e375d18ad00\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 15948 6c79622285b8843e59402289b158c3cb\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 30514 cd522222967b7dfd40fbb6552aa3bae3\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 38122 2cd615c6def56a383db21eaf667f74d5\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 8997068 34060784b3a1d89a411c3af22959931e\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 10984 8de46d226b068f598ab9c28ed5820b3c\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 16060 6ddd8dea6a25532e64d5300edf13967b\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 42312 231368114977880457320bc1438b4f12\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny3_powerpc.deb\n Size/MD5 checksum: 2557048 9928155dff896c0c08e9b9e57d9c6f53\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 2699146 80469dac8ffe193dcd6872ef49645692\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 15526 be6fe825489e6c78e77a0c22605d91a9\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 5296 c0f941ac316e9816b6ab48f3157dfee8\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 13996 5b32f9be24b7165897e843cf9b4c3e69\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 5229324 0b50126324846300a57854fbc82d1c63\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 58512 96e39170b492d6d20f7d37bdf99249a7\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 362748 bc860d0b8b98073281425309437b5b77\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 41956 fd9b8facda486c817b5655378070fba9\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 2633632 b3981386d47cfa9c2e49e3bbab9f25d0\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 368902 df32054c14e2f7d51ac8f14668c4bfb5\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 12356 76f361b160f9906ad5f6e440e99a1226\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 5586 21268003a9d85a0a3effde2ec9bc6c72\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 39684 2ef3bbdffa15b0c6bbccd8a5c3c499d8\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 9054456 9e0fee68eae66a9c71e821ac31ee1831\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 28236 5713dbf16dc3decf659c41faaf8de208\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 18602 9a1072857e9ced699b7cb05cfccabc4b\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 9352 3b116cc9b2788c1623351ddb7ce91436\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 37982 483d126a0d45a4b561ad33e08f4df302\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 14186 ee16ed311d1580d82464b4c123beea16\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 36314 0ddf73e77428f2a16c02750fbb3c7467\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 20678 0eebf578e0c80c53adc76bb984ba911b\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 38304 0c0b83646aff55840a0091ebe9162170\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 2696548 f80be6e2dc1225f2ecd2e91df5cdea0f\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 25182 40df367c802650bd173bdc8583db70f0\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny3_s390.deb\n Size/MD5 checksum: 73790 eaad8d04bf11abb07788bc37eb43e45a\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 17482 88611ca8b3dd5da77dfd732d671e752b\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 33782 e8df34682e569a177d2145a3613f3c63\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 4814 f3c1ee8b63bde7a27ba6eea1c4a1751d\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 16520 255ccddb387cbdcbd6b1e6577aedc2c7\n http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 43948 afa0c628790896178c0bb8e61577f59d\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 13084 a704c8b024c8300c4d5301882cc7bc98\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 4818156 ffeb690f134063de643223da003f8f40\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 2425786 8f9a0a4151b63329f074f9f5b0dfa6a0\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 12328 0121b749e5bc52020a083eb92c0ba70e\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 63028 47b27fee939fe51d6d20dc5ab6e18060\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 8192 c07f22bccc4d0e6f6cd5bc3e6060a6bb\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 365914 d1c135001df7fc4f7c3e645a7f1d16f6\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 32958 6f79ce6adb69b3d123b3ad30d8429e69\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 34068 89bbf8718b31807276282ce335e2417f\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 32832 4ee6ac773812693aab1ee13dfe4d0413\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 11212 375312647e1b170f131ea47e561ed715\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 5008 2e2b6dcd0b3abb779fe6bbdf5194644f\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 2474234 10cabcad892ff8ba50c939b21e87aa74\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 8379988 7a3e337c215f6751f9c7dc2330be9279\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 49962 faa9ccffb8ee5ed3ae466a450cf10e5d\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 13440 82c0f647a2975869caa27fb989662214\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 24286 cc1a0a4d3bbd41d20e64a8fc4c6862d3\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 365406 0494eb776d482b40f6113b6bd719d8b9\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 24306 87a89e01d39619fd7369c5e424bcef45\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 35952 2543ec38640668a49ba063b0caf9449b\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny3_sparc.deb\n Size/MD5 checksum: 2475310 fe539afd738ea4f1d6c8b8e91cfcaa68\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "modified": "2009-05-04T20:58:11", "published": "2009-05-04T20:58:11", "id": "DEBIAN:DSA-1789-1:B5F1B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00100.html", "title": "[SECURITY] [DSA 1789-1] New php5 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-16T22:15:00", "bulletinFamily": "unix", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1940-1 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nNovember 25, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : php5\nVulnerability : multiple issues\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-2626 CVE-2009-2687 CVE-2009-3291 CVE-2009-3292\nDebian bugs : 535888 540605 527560 \n\nSeveral remote vulnerabilities have been discovered in the PHP 5\nhypertext preprocessor. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nThe following issues have been fixed in both the stable (lenny)\nand the oldstable (etch) distributions:\n \nCVE-2009-2687 CVE-2009-3292\n\n The exif module did not properly handle malformed jpeg files,\n allowing an attacker to cause a segfault, resulting in a denial\n of service.\n \n\nCVE-2009-3291\n\n The php_openssl_apply_verification_policy() function did not\n properly perform certificate validation.\n\n\nNo CVE id yet\n\n Bogdan Calin discovered that a remote attacker could cause a denial\n of service by uploading a large number of files in using multipart/\n form-data requests, causing the creation of a large number of\n temporary files.\n\n To address this issue, the max_file_uploads option introduced in PHP\n 5.3.1 has been backported. This option limits the maximum number of\n files uploaded per request. The default value for this new option is\n 50. See NEWS.Debian for more information.\n\n\nThe following issue has been fixed in the stable (lenny) distribution:\n \nCVE-2009-2626\n\n A flaw in the ini_restore() function could lead to a memory\n disclosure, possibly leading to the disclosure of sensitive data.\n\n\nIn the oldstable (etch) distribution, this update also fixes a regression\nintroduced by the fix for CVE-2008-5658 in DSA-1789-1 (bug #527560).\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 5.2.6.dfsg.1-1+lenny4.\n\nThe oldstable distribution (etch), these problems have been fixed in\nversion 5.2.0+dfsg-8+etch16.\n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), these problems will be fixed in version 5.2.11.dfsg.1-2.\n\nWe recommend that you upgrade your php5 packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 (oldstable) alias etch\n- -------------------------------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg.orig.tar.gz\n Size/MD5 checksum: 8431973 956486a588c577616a5008d185e84968\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg-8+etch16.dsc\n Size/MD5 checksum: 2002 7b5aa6deaeba26e4c5cf3bb6ae33c27b\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg-8+etch16.diff.gz\n Size/MD5 checksum: 134709 612732624d30561ad7dea430903a2807\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg-8+etch16_all.deb\n Size/MD5 checksum: 1044 64a93759ca8a44ce1499fb425af5ba7d\n http://security.debian.org/pool/updates/main/p/php5/php-pear_5.2.0+dfsg-8+etch16_all.deb\n Size/MD5 checksum: 310830 7919b140eee8f8f2e10fedd41fd14fd6\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 5318 a07734d09bbc26ceb28ebcd9b1ffc1f1\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 24970 5d6004f15fe242fccd6c4a182025bcca\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 13476 1ec0f17e50e295fca526dfe06a362f92\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 18610 92848fda2bdb624c9f3a7056077867cc\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 2488466 96a5738358c120ddc413bc953d365623\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 40292 51458abe32e534379fa70daa94a1be66\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 9052 dd0be76eb4566fa6ee6a814e9b2396a5\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 38544 037e4dd443d68eb25435e4b245f5bae1\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 2412676 1ae4f6ba6f50e2c216876c485eeb108a\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 4948 4e19e8a2376c9a24f27cada6cdc9b0d1\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 4790194 0ba2321b5a2c43b08be044ee2c015228\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 36514 1c5ecae2bd1dd1c8d51739f686929d6f\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 70746 130c3501ffc77604dd8db9a4ce0d2197\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 17542 a8380c6c895c2fdbd0b53d5afe304da0\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 19594 24b726bd51ccf6298f252f632df66fae\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 36112 34b76e78b7242d2ac990aae3f53d92d0\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 55668 b95a6625bb267e790770191ef0dc3128\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 2487774 cefb2da57c7effcd314cf511f4e17db4\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 11840 a5b02752d2b7a771833d1520ad908d5b\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 13378 3d2e2b49489c07aac66e0164eac51f01\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 36656 f9f1d4bf23fd249b2cc9521824e7771a\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 221502 261df523100f0509f5a2c5475f1178a8\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_alpha.deb\n Size/MD5 checksum: 342192 e6519637a9221e3adc6b468de2c5bb98\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 2434276 771b474b437c79d99c618b26fe37947a\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 344546 d3bb651649ba842036cc8ac3659a78a5\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 36710 346f128adf65b8a11fa2d8a870ffafe6\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 36432 4dab2ccdcca8f327dd937bb1726baa09\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 24968 ee88dda46b28cc8fb95368df225d1cbd\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 17562 1367309ced589b7e431e208d08c05d4c\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 18648 1c4cdef714b95add864534d00e307b9e\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 13476 642f1853e66c40ba001d9259a0935a55\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 38442 3a4a23a7b9b44034ad431a1bc97c9b43\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 2434744 7df76c20d0638c48fb50ff9837fa2e39\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 37110 3ddb2d6f43bf48d9d39a65be726b0758\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 4898 97b59510d3c93098377f7ce3d035678f\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 71764 df871b2cc8536d86cb98b1deaba12175\n http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 46768 c2b07344538b5a844d2b9d71b2a0af0a\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 4718064 fe712913c6b77092a1232b12e6c253bb\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 12052 a1903f82b61820a26c9dda7539c67256\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 9396 93efa8754c0651aefdd5274a12d080e6\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 2380798 09a2b12cb5b45d0091155b3164814539\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 217832 3996c8de414790cbf69f63b58eb83f3e\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 39156 2b214fc86b2a97dcdbf3bca165eb8082\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 19420 f4c3bbdb831244db2bdd5335efd3edd5\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 13022 4b4c9d4850a1e333ee06890f74af6c7f\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 53950 16daf5e82a9290de8a47bd1322851c70\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_amd64.deb\n Size/MD5 checksum: 5254 b4ea03d4ee1403fd58ce7911e8014cc5\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 33664 dae843d051382e33477c546dc1b17fef\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 4860 b1fa710c79e35f07d8145f5225115a0e\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 24074 1ed613d17e45bdb307e1cc1ee9197140\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 8748 678e85d43e7c2b072086ebe7eda86a4a\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 63830 89fd8a16a38e5422288a255c24dc99b4\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 33754 6bc2e86523dd31e99146cfdff9342ebe\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 11876 c7744360e2fe35758726203f7d7939b3\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 33032 b9bc2d01341a65067db6ba85f6972657\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 218168 448c06872b6b8748d58446c87a625718\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 49458 9bbe16b2389be190bd62c3978e214242\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 33658 46890c77b5e44a2caa00103335b94b54\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 2310596 67a3f80e614d671e74beaf4efe0f308c\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 4634 a174a9be31b05476a3c691d8cd48d02b\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 15836 c1721c65f6f2efaff3b144dd75ac0cca\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 10922 bf0551cbe5780f47e1fb983b6640e8e7\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 33628 eac84953c3c683c11395fbc4672a69a4\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 17076 610841d9f054965028f32f345a371e73\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 2311228 b35fa9a592ce4253f3b48f52fd3a0596\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 17932 80af51b198bd6eee454ab5d276d82d87\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 2304412 bf37c5c338dd12f777b06ccd01661b79\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 4574286 84018b4aa03cd7ec37808837e00bf6f9\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 346624 4efb7f4b43cd76f9fee022e1784734e5\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_arm.deb\n Size/MD5 checksum: 12444 136e8b2d74a618ae25bbbfb2c0a4e4c1\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 2538134 395e4f23913f0473a61cdbf610463072\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 58144 809b3d3489bf894c0171a458729160af\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 346682 1fb4ff12b932f3c622a6b85d631ec137\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 15554 9c86477e663592c81e0e3946483985dd\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 5828 c863a1d79a314b4cf6482335c0bf4493\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 2636726 b6f9767e272499dbbab318d1e324bdc4\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 5500 e33306bada012281838cc47644e6e270\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 12566 bbfbab3fa98a9c01f56686e64fc6f61b\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 75424 a31a53821873d00f008e2aae00355800\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 42130 70efa89890134950479a8633c4c085bf\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 39990 5e53335257ae9d905fdfa8d4b5e276c0\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 28246 13fcc197f0e0bc6846abc3f8e02d9357\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 5036032 7081bd1e68c44a4fe89d2d5f1025dd2a\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 39546 8edb59eacb189a40f3bb52572cad42ff\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 14102 e38c4575055508f9768c3920d6772768\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 9752 a9a32b5958ef64d64e2c0a2b5b6df8b4\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 19590 9059b304df9bab6839a8e20d6071d706\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 224758 e72f41be256c4a9a088ab186782e69d3\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 38274 909e3a3e96acaef143477617539c102f\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 40966 f5a79ab2588446d4441e2310832bef25\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 21124 bbd739683199d65c24e60bcf28ffd15c\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 2636816 73c8b75aaacb6b6b04288d04a40320d5\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_hppa.deb\n Size/MD5 checksum: 20322 bbd9be70bfbbde086c94de1d48b721ff\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 24456 cf35fd3486528755a489d919f5282b67\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 50688 c998895656808d474defb1092f6dfb13\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 34084 dcbb9738d1c5a4a9acff1d70347a9c91\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 16466 7f385824b87318dcd35a23403a3a2500\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 34452 fe3c3515e024463f4e896873b79a4bc8\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 2339286 72b234c3640a6df2aad10c69a0f8dfe4\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 346104 3df62142ddcbcc49e15a19de9b879d63\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 11290 497cdb7245cff2b1066fde84179ff2fb\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 4613124 8e8d3b7def6574fe720e79ef98ab6fb3\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 64858 4e5c2a00ee49040841b3646c119438c9\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 12246 fb358b972aecb710bca7b2a2cb631445\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 33524 875c9a5c173b088710bb2c56963093bf\n http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 44374 07a7d24fe9310d7bd263cd4d44f43059\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 2339884 5643ab1279e6412aca57bee3f30a3c70\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 4762 a533020de317f5fd4b314c52dfbed2f4\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 5038 b1cf04e50a8377be0e303b46a63f54ea\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 12816 02d756a05b3f14f1fde896d6d824633d\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 216260 ef7c751d89f5eaedcb53037b2fe12705\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 36448 880d6ac9a57f777d474a2e0473c6ca8d\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 18388 ea5ff2538f81ecf98b4cec6e94d94698\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 8618 3078e90c875e6ed3f5baf1423e259b69\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 17230 e426661709b814cfd860f920f6994792\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 2325162 61c4b2b50e07c2a39276945f79bd4b9f\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_i386.deb\n Size/MD5 checksum: 34542 bd0d1be2d82bbd7834212fa305edc61f\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 6259582 3d5375c501a26ad6ea4dea0448c00af9\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 3198244 f77bd7b0b646f31738c78819be8922af\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 50650 16f80c37b82b26497e15a2b32522284e\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 236650 8165e88c029aa383c2de8e93c82392c6\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 15436 37b2eb669995db49e672cd23a8e5d843\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 342166 61a661798785c7ae7bb2c11aea8c1a9d\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 76618 9cb83c4bc231bade7184e0ee70486968\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 12012 4bf71b184f6e1c705690baa4cdbde35e\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 6502 3667f95d6ad22016857553df793fe272\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 3199296 1c72d0431f744e4c3c5f48772274b0c1\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 95634 dfdc9e95298840bc92f651c95adecf27\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 24866 a434bf6a52ad51913f2f12134c627ac7\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 25088 9cfb6b47f74723dfd90db2439ef30b2e\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 27146 da115f332ad5629536ea3048f9d9c6cc\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 34408 5dc989369358752ae96d6aa0091886e5\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 54518 c63fa927d47be4ac27a090efc90245fd\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 48404 761b87efe93f3436127f585c7967e5e3\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 3151862 23ebf641671d07e52fe39a9ce95386ba\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 6150 83e8d323f342ee99bcbe7ef152671c78\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 54674 f3ab55e33d7b2b11ebd902fd5c051faa\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 17770 ba86313dd68a72319ad8a68dd0a8a6b5\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 17554 e12e126bb529e29d9b10b374db9de59c\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_ia64.deb\n Size/MD5 checksum: 50242 e5767c446ae9a72b46a678f89f4a8a26\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 5250 2adcdd4cf4b9ad0ab5505455c0669c0e\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 4908 7b0e17a304d90cbc8d8fae662ef92b20\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 35600 f061d038844877e045431adfc1217402\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 17316 24657b31ff82a1a27151395b28b432d5\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 31610 2deca61c78a278b2bbe9b9baeb039fa5\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 12222 4586d11c610f15bc88f7bc1e0bbec344\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 11350 05005a3f93ab1737bbd752432381fd39\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 2414744 fe305917ab4c5157bff749de8d643f93\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 2388420 d1f897a8b8bd63924a01a7de1777aba6\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 63876 a71f64d866732b19a2b2ec79e44f8fbd\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 15732 c7772b1c4e7aebf0ca832feaba178377\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 8280 47dce2b991a5658b06126386050db44b\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 33182 ae8f2414e988be684bc30dc10695a9f6\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 4736866 5c06712f122aa5f8a4b6992033a44ba6\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 2414240 8a0d0eeb3ecfa24b9bd40033862eee7f\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 32766 16b20c8fcc252883b4dc35d2ff284e55\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 12470 57b8c232fbc6deff7319607fe81487c6\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 18504 c37b2ffc3de93308d180a99e7b992a85\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 23356 2bbfb3c09797542afa52df7f6add0163\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 49508 2aad97731fe8768344d22e81299bb2db\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 35260 8997d142d3e05a91cfb7bbd91eb4792f\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 345428 93df600fdcdc87ba609c6a8da5ddd9b2\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_mips.deb\n Size/MD5 checksum: 218086 d151a6431b9673cd261d2466e28ec683\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 33096 bac9fcdde64fa312553a981edcf4bc25\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 8206 4f173f5c397825c2f013e6767213de59\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 4688168 466cb837e25d88ebcb9e1f39b96c7a9f\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 17256 fa6c6d2b04723abd97ca07b6492b6faf\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 31556 dbcf00dcfe9ced18c7ba1c376d5d48cf\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 32300 179ad76c714800b3ed25a42d3571fb50\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 2370122 3841febdc489245d3e98816961df6c81\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 4900 fd5d441737f2993ab9ceff107303094f\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 12140 bf2ef1cdb56906f6e944f5ccb8d9d7ca\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 342238 e4453c6faba3421f48975a0f28b038fe\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 2361064 fae1aa64a85c1dd03a0f89cd37f38af8\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 23368 7410b76ed8935732fa513f52eeeadd18\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 35566 607f39063ac660f277e63929b973d2c0\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 18462 5df5661ab217cb34260d76cb95571cad\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 5234 efdf40378e9adfda2716820e66b28532\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 12430 99938c3c2b69d8544ef3597f4adfb21f\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 2369670 40b4242baf2106b18442b52d10277958\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 49446 123a361ca889ba182de99d715b40dfb5\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 11260 4786eb4877b948ea47ced84ab597c2b4\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 15648 380b6ecaf3adda197254e6076777faec\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 63420 01cde33df9dd5aa1dbb4d2860a2d552d\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 34960 032bf522e8f4d650a9028b9ea5da0df6\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_mipsel.deb\n Size/MD5 checksum: 217366 0dbb1962a33193dadebfdbd411c92c16\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 6744 67259178bf49b2173acd17bee2b0cf0c\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 36002 ed7c290dab79a3d964f64a6dedfc602e\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 4752474 465a9ad1238796ae9fd6d336c1a42b22\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 2443108 c2526968e31ac17e254d0210dd022926\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 342292 6c73de3ca4c191544862aaa3771a37e3\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 37714 88c4d9f2faa2062b69e52a1c8553e005\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 220284 459907137ffb3be31443ed5abc3197bd\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 36480 a055a7d0507090b08be4ea25bb162feb\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 2393974 3c3ba2168e23ec8731397c2031c618e4\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 13756 477f4b7219c2a93fddd27b530058e050\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 18464 712dee6c962985ed08d4202a62c68886\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 19186 039739727c969ae6c25c348bd584f308\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 14748 195f6978bf4394c85ff29e6fa6e6b62e\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 26794 f6444569a73747e3af80ff9a29d1d83f\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 20248 f08b3c2c32dfa446597e2e547d369165\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 2442822 a5e8104d5220100ae63c2fa8be88ff1d\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 38020 144dec220e3b04d64529366003e64160\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 70372 3df17ffe299b4f732a241eac4b4be86d\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 37104 a0a82ea304f529c99a01991ff433c258\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 6358 6cf2471c4684a7d8cdf442e47b6eecc6\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 10120 184db6b188224ddabd99e02b99d42656\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 12706 bf2487d7133fb20a786798ea966439d9\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_powerpc.deb\n Size/MD5 checksum: 54070 7d4da5803bcec2b8687971d4f826f272\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 72606 bb53ebeb6d65b15005186f192b77332f\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 13440 9d20d8ec53d583b78af04c845716dea4\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 4894934 b445a7233feb1a8285dc4f87e46aa1d9\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 19578 77ddd8c5eedb176c19bb82edeb16c3d7\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 40520 f033a73a6c669beb1189b016d7210e42\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 39220 4c7dfb5a9a8eb13ba7ee5fdab08203c0\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 37180 a9760ec96826ef65daa6b9cb779d6e99\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 2536020 4559ac57af97f5988efa4570c77fb745\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 5472 83c382dacd87173219abc1a9543af799\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 18178 ee440d491a3d656d1d28ce203021cec7\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 37272 50f97cab1e56bfd5b129a934566a6447\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 2537052 5de9a94cebf414fe23d373f23221eaf8\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 222178 9fa9899c68f61293c3a83156fde47d6d\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 342138 2fe9217a1b163ccf6389c68fe64f1029\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 25034 501e91a5589aa6d7b4c5cb9a08c66528\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 9186 029a0c56c6192852104f25ce2502d364\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 2466010 c79086d9f7f8a4ccb94882b88de82f4e\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 11952 378f76c9ec6476bd364c755c826d194d\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 19324 253c859ad559f472a175f90ef39f85d7\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 36168 135fadc4f0170dc0e916e8ac07726caf\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 13392 e9caa124604abe127e3f8e26cce6285d\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 56348 f69f6d27de79f0319c379d2ee3e24b1c\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_s390.deb\n Size/MD5 checksum: 5128 30ed87f0fa3cec857d61b4a81913c982\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 47972 6257d4cf3f47f1ed1d25931415bd2ba1\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 32608 1a8b314a54080ec3434594b2c3dc7a55\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 8276 b383dfabe124b614db8c4cb9e43e8ad7\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 33304 ccdcd515bba4b0af5018f4c0c47c48d5\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 11682 46820ee8d403abcab89012b399608acb\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 4874 fcdedd828dfeaad9b080013299a3c0f8\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 217762 fd9a30ba4d8229705db1f75c485dea44\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 34924 6757f07e78caf4a711aa8c59f6c1b5ab\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 4652 f25f72b067ae1a31b6e2aa1a451845ff\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 12632 5fcc1542c1d08b059fb660660575f4c1\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 24658 ff5ac84362babb6d566032efd1189676\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 61848 683a404b8e4bc0e1f8f077d03ac478d4\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 345116 9d302a8d9835e1eb69e58e0b4246b77c\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 16250 79ab057b5b3ec5618cc5864a6e4a4004\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 16586 71f02e0d46f51ddb3ed48c39bbac8d17\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 2334202 793e4680be0b5a56dd884842e3a3d27b\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 10770 f4e8b018c5494ef25ec7382a55e35abc\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 2282048 b8cf51abebd3d4a2d3a4c7aed6dc6f4b\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 31550 c6b59b4ce39133184358efdbf4adec78\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 33090 8e32de2c0c13526753b38b55162dedf5\n http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 2333728 6d0d0f21b1fb819efa89fab8c8a51d33\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 4526406 e38e3132025a9cdc16c08b4b29b8360d\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_sparc.deb\n Size/MD5 checksum: 17462 ebc3f06aafc04f49fb68adab118bbfe9\n\n\nDebian GNU/Linux 5.0 (stable) alias lenny\n- -----------------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.6.dfsg.1-1+lenny4.diff.gz\n Size/MD5 checksum: 164099 957d5e45ad5a1e96d92a864b29590e7b\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.6.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 12173741 b80fcee38363f031229368ceff8ced58\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.6.dfsg.1-1+lenny4.dsc\n Size/MD5 checksum: 2529 a437a2a7a18fd20140862ca43030f388\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/p/php5/php-pear_5.2.6.dfsg.1-1+lenny4_all.deb\n Size/MD5 checksum: 334532 14c1cefa63a25bc9d47f2b613c79a658\n http://security.debian.org/pool/updates/main/p/php5/php5_5.2.6.dfsg.1-1+lenny4_all.deb\n Size/MD5 checksum: 1080 285cecdbe24061cfa77e62f36ae78e99\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 39398 caa273c524b79c59672fbcae753a26ee\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 8928 f414f1c129483b8fe8cbc318a5eedb6e\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 36650 bcc4676043009ca54e18af9dd27e345e\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 37516 4f550822c831649ac425ae22d58a60b8\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 19676 29a0e716656bf8d60f9fd2e1edf2eb0e\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 362784 e3c1ab92a9f1dc91070a8395a9b105d7\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 24996 b34349f14e52b5ac097987585b476175\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 2674430 c3d9f1778f9a74d05501d6520ef16879\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 5080 831374f23d9bd03486b5d85203d086d6\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 12334 c8dad6976ecd6bccdfcb00d62c6e7c0c\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 37164 97d3efa37a7349abd11a562b07d0d3f1\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 41630 02b132c756ed5123aa870b411dfa4287\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 14054 e86232b73c9a6830a0113989917ee4a4\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 2598730 41c38a0d06bf46b566775d92f3137c3a\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 15820 e9bcff8457e6384e8bd74053a7fad687\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 2673700 a03612222ffe9f28c4b43d0d5a7a99a8\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 27604 fff003a8549d23afea2869dbcfc9a4d5\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 19512564 6e8253c7ef2885fd55bc7c69aced60da\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 71714 4d1d39bbeef361c88d848fe23120ea2d\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 57870 fcf66bcb2eb2219b0871d41e8118a00a\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 13802 0a23d4c322b3f5c99e7c31437ff6bec9\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 5412 1d7f872cc8fe84ca92e46087cc49653c\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 17670 dc82380d58f2dc09b6512c238be39688\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 5164256 2c73dc67889c06f055e57f916b7e465a\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_alpha.deb\n Size/MD5 checksum: 369570 3b3d5088cb3117006cbc08b91bfca793\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 5085904 b4f9755926b38c5bbf750130b46c8c36\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 27828 2dd7f5f19633ec3b95edaa32cd1e1a41\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 364864 4e1e7c037801fe32e53ef59a494302a7\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 367114 8e3e12d22761beb6614da92ce72a2e9c\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 5094 24bec334c129f1b8935079be7cb552ab\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 25242 9891b2748fa85b59fd8b104ae8309cea\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 2561414 fe49df2df47d3d7dca2bf88cf20c2a4c\n http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 48442 75c148c766532dce89889ba3d2238f31\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 73538 9eabc5c2efc8c0608c5df1f36cd90a71\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 12326 4ece26705bc6ebfb0ae0eac0d276bb1d\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 38078 ea04ff4ef5701c42535af6db2dee4d03\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 20144 d1a105aa743105a98ceba0ae83192c03\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 39864 d371d0d7d9681278d957b446eeeb984f\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 5430 362ccffa64f9f88d69400dc184611d74\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 8289420 76c467707bd7c4d0d418cb0dd2608d35\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 37030 50b827bc1caff8183b41481c2383d62e\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 40912 fd85bc423f585b3cff9255f1b6776237\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 13928 250ffb692df9fc9ef7d4dae23fa7bdb0\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 56858 bf0c5930e3f91ffb34c464b018231046\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 16504 14698f0330637137b9dbb8f04f42e81f\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 2615932 2ae52b06befad28fa728331e74a69205\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 18124 332b7c10b6ce3b3857a16f43ebbb3347\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 2614644 a1d8a234b347ec857a3e5ac7addeecd8\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 14178 16cc5493c3cfb2895dbc5329e6f63c6c\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 37864 22965210129ba0b90f70a9853eb36508\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_amd64.deb\n Size/MD5 checksum: 9464 c6feec4b12661790a01d0907bbeb339d\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 11264 21b09079dc8345b064fee70347c14712\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 12462578 0d5c8891db819dbc4ba754c967aa7dad\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 24964 6966d1135dc769f79c9cf0a0f50d62e2\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 2439754 78c88915cfa23ab952e0ae911eb7686e\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 4966 5b5d6a3c8e2c6ee906dd8b7507b9df43\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 18024 4532987cf1c53d08befd9bf3d49033a3\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 34476 9081a54f847584db79422fc0ffc458ab\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 2447176 45fb35183c6c62bdd695d8c84224c4a5\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 23648 36353d6341c50ee59d815e115c4208ad\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 4748 66349a6f625201d6f408df225c816ea9\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 34030 2367c64fc75c0d3c82136a3d873a904d\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 34218 f92a97953e10588f74fd65e8cd704c7d\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 63744 f07e0cbd756bb94a306c4d247255d258\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 13852 621dc08b6b5d9198d47d92aaf80b3f6c\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 12790 1ee052caad8fb06cc38c70371cdb1bab\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 34762 b6f021ff248d64188ffde62e8969047f\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 2448492 b887c7658886a987342caedabbe46e4f\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 8366 d189e7c467b55a61286fb5c637031e28\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 16076 b1b5182781a8bb8720e643a134f02a5b\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 367074 cf9afcb9eddb67e676a418ac276b7593\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 12492 1ae0d8ac8dca6b87ebb4f2537cf9ffb9\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 32776 b965920dcf30d35d9239c6dbba47bf63\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 4847110 62e6c494c80fc2c8e77e375b9f72137f\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 366360 20e2c35199b44ff9bdc94fe7cae56da9\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_arm.deb\n Size/MD5 checksum: 51394 532f55af789f67e48884c12210340cc0\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 12605948 15a6d11310f7914fcb448436b6cd77aa\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 8374 04941fececb944a7144a8abad2caa863\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 14340 3ec6c153108015b9ed148dea2df47fb8\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 36148 52122d7fa391e15bbdb82ba5d9f1c3f2\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 25914 cafcab8d11d7ba94303e227e5ad36f2c\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 4847648 a3529551fa0e4dbc7dc2302a678e37f6\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 14692 876464c3794ca133f0fc6723c36ecdaa\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 2448278 41aecffb318a317ecf022de8a7cdbdd5\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 4704 85cfd4d6dcc9f734475d6214cfda5fcc\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 367530 89d077076a7bf4c40f78cd711d2342cc\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 4936 c4097ce8218bd33112f54429614551af\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 2449350 042e29d3ab7120fdf9c17fdd3cf3e617\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 34454 4a9b1aa02da12182a08536476becd257\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 33930 f62d352a5958f3427f08f5d1f0a170e0\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 2440376 4897d22468f259ee9be12e758ca9a0da\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 63818 60772d52fc57e124177a63d26874cb7b\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 51044 b15c349b1db9cb2a8760d14bbe2b2fa7\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 35808 4a06e70291d6c1d87660a98b8a989c91\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 18076 67d05122ccbde4ae855469717ee2cb0d\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 11292 3a7548995eb38f48ba58c0d464f53691\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 366810 818d293089ddb77973fb76269cb119f3\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 12296 542683b324f44cb25b00a6e8c940f6ca\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 16058 32ccdd921eedaf696b342dca5236e8bd\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 34304 bb66943fc47d9f08cdc6d5ba7c27e091\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_armel.deb\n Size/MD5 checksum: 24428 f328cf1256aafd4e120796f9828941e4\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 59412 757873eada94e035c42b40a8223976d0\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 19984 8763715a424bbd34708e5d8294adaf38\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 5248936 56655248faaa50ad3993c80f84e829ae\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 366718 5b1efaaf13e5b149c20a1fd4892d5a12\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 371012 aecfc9e61895739ceb75c0bc4bf55481\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 5602 66ce546286311947f9da8373f6d8f09c\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 39150 330126acd68b112da8645cd1ec6acf96\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 14692 140f15ca96cc15c002901239c6d8293c\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 28974 d15bc6ef572f7ba5b3b90918c1139312\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 12966 017321dd7354698cc2524e22f6f8b2a2\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 40144 4e56fd9f6770f08f20ed28883f2c0fb6\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 16696 84c8f0d176ab76055c4ef6889359773b\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 8825224 65d8084843019118237e3aab5c70bf22\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 21306 d5a2f8f95d1afccdb3bb4907e30daa50\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 2749888 971152f013557ddaefb4070fd0f2e627\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 9726 4f63963cd922f8ac6fedbbbfd1b95b37\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 2642228 7680b8efeb1b256e3276fbbd3cdefe03\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 15678 a73f543734806b1e3f66e061dc9ed23c\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 28010 74e2546c35064930ec2cf55f5ba78638\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 5900 280db1b396a121f74fbee0d1ecaa6963\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 40704 bc0429fdd2e16e91fd966b56404a3f9a\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 41564 0b976a157afa3a07979ef957aedb46b4\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 39008 405c7ccba92d9598d0386d5cc7b24e8f\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 74380 8078c8e674137ecf20433b26247922de\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_hppa.deb\n Size/MD5 checksum: 2748624 bbc0b53b3bd706c43b8ef300d6afe3c6\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 2482922 208f37e972ef75ec8f523b0d23fd96c9\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 52366 3707092cee43aedcde4ce319285497ab\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 33548 c3a037fe3763dd678650f8ecf155d5b1\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 14202 ce163ac3822488ee9a983486ebf4a562\n http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 45164 6e34b5c552ed4078ba2f030ccf813837\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 11602 2223164ddbe8a6a49844d95aa5626d14\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 4911000 92362c5cb984c325520a55e1e002ebcf\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 4850 12262df32db3978db628398d300ae3a7\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 65752 04adcc201acbc00217f45234cb77f6c6\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 34600 0150f3c3acf9a56aa1c50799d7a48340\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 2484322 fa5e02bfc4a02d6eeaa78b6c7311da62\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 365082 4392cd0a81f4476fdd9742acc7bd6c93\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 8470280 72de688ddc3ccd2cd608c2e484f54171\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 12816 90c17f509e3c6fa6572576a0800e461c\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 32390 5744d41850736ea9b996c6cb66e9d837\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 12924 828d2c034635500f64f5b098f7cbb7fb\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 5158 071eaa0a8b2199d592a1797d5e4d5883\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 18236 e5bc99009e981fccf50c904a0052936e\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 37674 e5a88b469517b3e0f934fab003622d43\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 34518 ef1ece7435c66eee3c1c85fd35a493d9\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 8468 669f1fb7284dcd3d20efc112f4b5a9eb\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 2474740 cb9e502935ca06c4302261950d783986\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 365616 fdecf9d9e454bb798f79cb52683170ce\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 23770 6e116b8d6ff24d733aa194e1975f5e0b\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 25576 f458f0d98f3fcaa76f8aa3257eabaead\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_i386.deb\n Size/MD5 checksum: 16608 1fd57beb77f5404babf1a11811f786d7\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 50862 df8f20cf686a980408951d3197594471\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 18608 d8090be691ab1b19fb442d9c6c77238a\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 50642 649e38828a78e8ef512109fb7258103d\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 34384 b955b55f8aa19dc0dbc91dbf3d540f4f\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 384392 ffc66934737f71056e962dd40b04dae8\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 80462 01e1945015c365eb270144a4e188fd16\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 97422 5a623806538b44d685b98d9bba8026cd\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 54638 feaac8e729df35048a6d319fb090d744\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 26676 38a13a34ebc2f46ff8219e682b17cdd7\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 54926 2e013fb3a2e59d02b1ef197a31f60cbd\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 20530 044b9c937f466eec8cbf6ccc1de17227\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 6238 06c8690f431ab5945a1ac80affb52ee6\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 24692 cf39a8df7f09fe83c7b1de899a1662a8\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 11954 e8c1ebf98256ddcc6b85c1b03604e846\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 3380088 b24fcc9af9fd3abda5204eab88a997a6\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 38236 3d5fc653a76612f99de76c138777f0cb\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 3377872 b520a2e4b246e6f83190f8ed92adad97\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 362742 eef1d7d94aa55fab8d7de8647107adee\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 6611744 5d9157db59b594960657c570afd63bce\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 51778 584d492491c39741ca85814e2a4fb69e\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 18192 461302f23ae7e5342dabdd0836f6a24a\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 15854 04a6eda903a99d0181942e3aad91e452\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 3325104 2f19b51e3398e3c8d7f90a1a8066973e\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 6546 976bed7dd4fdd95a97658caf08682106\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_ia64.deb\n Size/MD5 checksum: 17618574 405a18e1d7b1e92db059ab96817a6bea\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 2521042 d82a509595385f3ab5e289f9b65bb2e7\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 362870 e552f36101268867df45cda6d1d9059a\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 18432 7c906ed34659f7dfa3f79d37702908b6\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 32342 c0fe1af9cffd675ebe057500648ae3e1\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 4961170 fae18f6605a53e0b800c539512940d04\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 35782 2c2d89e6837cacb1fb81bf1979bf9abc\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 5308 63cc0839bedc0f115947d844e68a6e82\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 24914 006db50d9a554d4deea8cd47909e0ad6\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 35496 5656e40c5ad2b36af53b4f856195b899\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 12378 96c8087deb4f2f412e92279edaf4d864\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 2492036 9aa43e8786e9f719369b3d55de97dc78\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 23202 80e4dab9faec43d9911775191465fdb1\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 16030 1c343e67452942cea772caccabd9e997\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 32426 fbc68235a41e2716a7b5513199e24a65\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 12924 cb7414eb624b578d63866f78b704c371\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 13308 892af13baf98c5b0be0eb5f1478a8c0a\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 4998 d355969fc758967ace82363e92d04417\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 8272 9dc36f64887ad982e029e23862fa1c34\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 63520 86cd0d2b1a9a9a163bfbf614d1a72e2f\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 9448080 2c68349c22789beee911a0d460ce07ab\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 2519330 e8ee82a24d72678255986d55800a4bca\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 51114 723352f4d34ee8aa299a8419e15279ea\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 11508 2ba522caf5a022f18854dcc1361762c5\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 33802 1647717e78aa144795f7e6adc1a63db3\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_mips.deb\n Size/MD5 checksum: 366552 1aa9231e57a5d970305a92ed228c354e\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 35640 260bf4b4d9d738132dbe75be83278557\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 5264 13dd2dec094142c47e3d6c09aafda25b\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 62768 5fd972e08367cf7f5f6b571eb649f704\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 12836 1306fcd368938a9061c2ccaa9859fd18\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 31786 af4a26316b774376fca06ec5423c91e7\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 35250 a6794920388c39ea6abe16f8c9cff3a7\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 2476812 04e0649d164c002dc0e4e0b4df9568ff\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 4905822 a5a669d753be6c5c51176b26779bdbb1\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 15902 7e213960c00ef0237daafc7578aca562\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 23092 b7cd947925df1b3e74d7bce54c672ed5\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 24748 804813f3b95ab1c40ca198048590741d\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 33614 623a98cfc66c7c9bbfef747a274f0f8e\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 13204 66621ba735e09a3ec50cda4c94f5f2bd\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 12304 6ae4665f265c125753d1d31c433e9dfb\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 362814 ab3354bf4a4a368e685bffedb09376b8\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 2477692 db7ebff59343f16b69f7b20499faf0f9\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 365910 7238434292479e961899ac3b25b83dfc\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 4986 85b05558a4eb271f8cbb269625acc3e9\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 8206 c3422b954faacc955df47a7ff0b7db25\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 8854868 733d49e89123d42778489c71d24b9e8b\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 50820 cbff5479e50dda1d4d71754e13e215cf\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 11436 0ce2418fb50d162941d0bd4a96197764\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 18318 8313fa1ab718d03b78489354c97a8275\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 2467638 c6205ceed2a60357d87717dfa20edd59\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_mipsel.deb\n Size/MD5 checksum: 32256 1d76d7bff4e9ad20e284579468ad24bb\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 42772 a10f78ac0173806b5b0250fca630ca79\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 39126 afa2f55f60ae6605b9a235beee45a0d6\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 30520 e573086adc8f0a6befa32c5304b150d4\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 42346 2239cd7d3129be3c405ad9763f516f52\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 38116 5e8d5608052aea27e58e036fb9307405\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 371994 a29cfdbf741e699d84848029da1f86eb\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 15942 193247fce0a5337d4b3d78f44c3b9f64\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 2646006 a0e172860476b4e0ed542a5e2f59299a\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 20050 9c019238ec6a443662046bb3790f6d17\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 41068 84f536ebf2778dde5efff14714c90344\n http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 56404 ca850bc81f0c9ca5af45adbb81376afc\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 16058 d306dbcc68c5a3cbb394db8259d5ecc9\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 21522 e77fe80b3d108c55704db8b93e607721\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 10986 fb82f425ba08319e81828c7ad42355a3\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 16950 db2f298eca4b27dd848c1863175b4361\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 7520 6e27c85fa52e758b6ff3b197f0cefae6\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 5076366 669efda82f3242bc9e86456f028f2827\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 365198 600eab0c63ddc7ab908c2d50b7e02515\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 2648042 4e01d686d71221de21e78df46fffc589\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 14124 e5a26cfb7fad9c2c8862a92c555a947a\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 7222 27d77bf832f9fa3cd6a22e56c43f29cd\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 77076 c40f6796e97717034eb0dc48e7672c97\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 60226 3332c67d7dd725f69b3feaa027432ebe\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 2559120 e185342a100d9c1a6c324b6bd8348329\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 28050 89733a4b7c5c0f82ab6d98bdfdc0904c\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_powerpc.deb\n Size/MD5 checksum: 9007430 f80ca9c8341ea5cad05a381901f818d3\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 9356 56a344de471f799626465b39711416d9\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 5230158 96112cf26d0089d9d2efac1a08c9580c\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 36318 5cd8828dc17f7e532f6cb6da218679b3\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 14188 c53279b33f59d0e59b75cc94fde8c63e\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 28246 d95b59b18e9c017d7531ab3ded0589f7\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 12362 122c0ce63bb0b6f1a47bc4125c0eefa5\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 2697694 c7ffdcfcb631e374ab084a5f3a989306\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 41960 1141ba26f14d750e4c765f60b62c6083\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 362724 c993784ed600577e353baaed00bea5f4\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 9065776 9783f66f3d79189473aa07331495b42f\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 2634090 54348da8b9648358d62658be37a8a72d\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 39718 aeead9b2523b76d4c2de2d195be14e0a\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 14002 63dae36e061720e94881db620ed33960\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 18600 2633eff8bca65e3dc772922913d0d222\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 38346 6a9c83cc55c6a828236901c20358b276\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 369974 2731c72660d16fd12fb8b6956da74e94\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 37990 416dde4d1c408b50c1549be51ef4eed2\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 73810 7c7df745c1d39056a1d4a7283eeffb5e\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 5592 31e7047d94f0938ab3a4b62fa5932b23\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 2699302 e0b0afb1d5ecde8c93eaffab06e6bd2f\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 15530 aedea8fda2c1c9cafe317b48e4c7cf8b\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 58566 60ced2f87243f641eb0db9ab58165668\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 25194 835ed177060f54073dcce45b8166490d\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 20684 7db377c886fb208d1d4769814442a1d5\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_s390.deb\n Size/MD5 checksum: 5300 8ca0fa30c94c14ebea24e46df78ef76d\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 8391240 ac3b24fe2c94b6b60f81e82d1dbe733c\n http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 5018 70ad7f1d15ac89a0f7886587d607cac0\n http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 11212 cd6b537b33f8ad26d9ba156e20e776ea\n http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 49796 3596f22c8bd2c544352cf0d9b3bda9b3\n http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 16536 b04adeb58919b0acaaaf6d85daf261e7\n http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 13094 6eaa2cad1739078bbe77608d6e9402f3\n http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 4819058 82d9d067a49433234d0aa27e485c7e49\n http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 4814 1d92ce69b9a900410000661e37f13d78\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 2474432 429e7bb0c573e280a2f37be8a1219821\n http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 8198 c246840d64024920e3b13b77ec7a1547\n http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 43994 55de49a1ecd5a79cd2bb3ad4b316a17b\n http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 2475470 20c826e1c15faafbf10168383ac03785\n http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 365376 4fc32fdeaff717f88d2e811041ac4191\n http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 34078 7df2d213d28ea42dbea22c9ba97f9b5d\n http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 32892 31e0f5a679abac892eddf816ea2d8255\n http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 2425906 146247c275cdf061697d3dc22831035e\n http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 367108 cea847606b0797e999585db57fe03b81\n http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 13454 b5392b750166a2add3efc308486df197\n http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 24310 d3dbee9f6b7f6068b2d45c57b50df77b\n http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 62862 214758c2104dc3ed2100c39513e9635f\n http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 17492 0845452499413beff2ebd12867c6e6d4\n http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 35954 23ecc855077d61fe5d2d35e1c7e4e4ca\n http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 12324 6c2ee5f17f1d95c24fada5784163df2f\n http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 24362 721e0d84ff3b0d5947bfea13d009bcb4\n http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 32964 eb58bb0af7602ea6eb7f47612cfbb1bb\n http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_sparc.deb\n Size/MD5 checksum: 32512 5cbc110ce6fd2fced13c1c388bed9ced\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "modified": "2009-11-25T21:51:39", "published": "2009-11-25T21:51:39", "id": "DEBIAN:DSA-1940-1:73225", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00263.html", "title": "[SECURITY] [DSA-1940-1] New php5 packages fix several issues", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T17:41:13", "bulletinFamily": "unix", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Web server.\n\nA heap-based buffer overflow flaw was found in PHP's mbstring extension. A\nremote attacker able to pass arbitrary input to a PHP script using mbstring\nconversion functions could cause the PHP interpreter to crash or, possibly,\nexecute arbitrary code. (CVE-2008-5557)\n\nA flaw was found in the handling of the \"mbstring.func_overload\"\nconfiguration setting. A value set for one virtual host, or in a user's\n.htaccess file, was incorrectly applied to other virtual hosts on the same\nserver, causing the handling of multibyte character strings to not work\ncorrectly. (CVE-2009-0754)\n\nA directory traversal flaw was found in PHP's ZipArchive::extractTo\nfunction. If PHP is used to extract a malicious ZIP archive, it could allow\nan attacker to write arbitrary files anywhere the PHP process has write\npermissions. (CVE-2008-5658)\n\nA buffer overflow flaw was found in PHP's imageloadfont function. If a PHP\nscript allowed a remote attacker to load a carefully crafted font file, it\ncould cause the PHP interpreter to crash or, possibly, execute arbitrary\ncode. (CVE-2008-3658)\n\nA flaw was found in the way PHP handled certain file extensions when\nrunning in FastCGI mode. If the PHP interpreter was being executed via\nFastCGI, a remote attacker could create a request which would cause the PHP\ninterpreter to crash. (CVE-2008-3660)\n\nA memory disclosure flaw was found in the PHP gd extension's imagerotate\nfunction. A remote attacker able to pass arbitrary values as the\n\"background color\" argument of the function could, possibly, view portions\nof the PHP interpreter's memory. (CVE-2008-5498)\n\nA cross-site scripting flaw was found in a way PHP reported errors for\ninvalid cookies. If the PHP interpreter had \"display_errors\" enabled, a\nremote attacker able to set a specially-crafted cookie on a victim's system\ncould possibly inject arbitrary HTML into an error message generated by\nPHP. (CVE-2008-5814)\n\nA flaw was found in PHP's json_decode function. A remote attacker could use\nthis flaw to create a specially-crafted string which could cause the PHP\ninterpreter to crash while being decoded in a PHP script. (CVE-2009-1271)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. The httpd web server\nmust be restarted for the changes to take effect.", "modified": "2018-05-03T23:42:55", "published": "2009-04-14T04:00:00", "id": "RHSA-2009:0350", "href": "https://access.redhat.com/errata/RHSA-2009:0350", "type": "redhat", "title": "(RHSA-2009:0350) Moderate: php security update", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:44:25", "bulletinFamily": "unix", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Web server.\n\nA heap-based buffer overflow flaw was found in PHP's mbstring extension. A\nremote attacker able to pass arbitrary input to a PHP script using mbstring\nconversion functions could cause the PHP interpreter to crash or,\npossibly, execute arbitrary code. (CVE-2008-5557)\n\nA flaw was found in the handling of the \"mbstring.func_overload\"\nconfiguration setting. A value set for one virtual host, or in a user's\n.htaccess file, was incorrectly applied to other virtual hosts on the same\nserver, causing the handling of multibyte character strings to not work\ncorrectly. (CVE-2009-0754)\n\nA buffer overflow flaw was found in PHP's imageloadfont function. If a PHP\nscript allowed a remote attacker to load a carefully crafted font file, it\ncould cause the PHP interpreter to crash or, possibly, execute arbitrary\ncode. (CVE-2008-3658)\n\nA flaw was found in the way PHP handled certain file extensions when\nrunning in FastCGI mode. If the PHP interpreter was being executed via\nFastCGI, a remote attacker could create a request which would cause the PHP\ninterpreter to crash. (CVE-2008-3660)\n\nA memory disclosure flaw was found in the PHP gd extension's imagerotate\nfunction. A remote attacker able to pass arbitrary values as the\n\"background color\" argument of the function could, possibly, view portions\nof the PHP interpreter's memory. (CVE-2008-5498)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. The httpd web server\nmust be restarted for the changes to take effect.", "modified": "2018-05-26T04:26:17", "published": "2009-04-06T04:00:00", "id": "RHSA-2009:0337", "href": "https://access.redhat.com/errata/RHSA-2009:0337", "type": "redhat", "title": "(RHSA-2009:0337) Moderate: php security update", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:40:52", "bulletinFamily": "unix", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Web server.\n\nA heap-based buffer overflow flaw was found in PHP's mbstring extension. A\nremote attacker able to pass arbitrary input to a PHP script using mbstring\nconversion functions could cause the PHP interpreter to crash or,\npossibly, execute arbitrary code. (CVE-2008-5557)\n\nA flaw was found in the handling of the \"mbstring.func_overload\"\nconfiguration setting. A value set for one virtual host, or in a user's\n.htaccess file, was incorrectly applied to other virtual hosts on the same\nserver, causing the handling of multibyte character strings to not work\ncorrectly. (CVE-2009-0754)\n\nA buffer overflow flaw was found in PHP's imageloadfont function. If a PHP\nscript allowed a remote attacker to load a carefully crafted font file, it\ncould cause the PHP interpreter to crash or, possibly, execute arbitrary\ncode. (CVE-2008-3658)\n\nA flaw was found in the way PHP handled certain file extensions when\nrunning in FastCGI mode. If the PHP interpreter was being executed via\nFastCGI, a remote attacker could create a request which would cause the PHP\ninterpreter to crash. (CVE-2008-3660)\n\nA memory disclosure flaw was found in the PHP gd extension's imagerotate\nfunction. A remote attacker able to pass arbitrary values as the\n\"background color\" argument of the function could, possibly, view portions\nof the PHP interpreter's memory. (CVE-2008-5498)\n\nA cross-site scripting flaw was found in a way PHP reported errors for\ninvalid cookies. If the PHP interpreter had \"display_errors\" enabled, a\nremote attacker able to set a specially-crafted cookie on a victim's system\ncould possibly inject arbitrary HTML into an error message generated by\nPHP. (CVE-2008-5814)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. The httpd web server\nmust be restarted for the changes to take effect.", "modified": "2017-09-08T12:08:43", "published": "2009-04-06T04:00:00", "id": "RHSA-2009:0338", "href": "https://access.redhat.com/errata/RHSA-2009:0338", "type": "redhat", "title": "(RHSA-2009:0338) Moderate: php security update", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:43:45", "bulletinFamily": "unix", "description": "[4.3.9-3.22.15]\n- fix merge of CVE-2008-3658 patch\n[4.3.9-3.22.14]\n- add security fixes for CVE-2008-3658, CVE-2008-3660,\n CVE-2008-5498, CVE-2008-5557, CVE-2009-0754 (#487360)\n- split out gd overflow2() and make global with sane symbol name", "modified": "2009-04-06T00:00:00", "published": "2009-04-06T00:00:00", "id": "ELSA-2009-0337", "href": "http://linux.oracle.com/errata/ELSA-2009-0337.html", "title": "php security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:36", "bulletinFamily": "unix", "description": "[5.1.6-23.2.el5]\n- ext/gd: fix overflow2 usage for CVE-2007-3996, CVE-2008-3658\n[5.1.6-23.1.el5]\n- add security fixes for CVE-2008-3658, CVE-2008-3660,\n CVE-2008-5498, CVE-2008-5557, CVE-2008-5814, and mbstring\n func_overload issue (#487369)", "modified": "2009-04-06T00:00:00", "published": "2009-04-06T00:00:00", "id": "ELSA-2009-0338", "href": "http://linux.oracle.com/errata/ELSA-2009-0338.html", "title": "php security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-12T14:45:09", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2009:0337\n\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Web server.\n\nA heap-based buffer overflow flaw was found in PHP's mbstring extension. A\nremote attacker able to pass arbitrary input to a PHP script using mbstring\nconversion functions could cause the PHP interpreter to crash or,\npossibly, execute arbitrary code. (CVE-2008-5557)\n\nA flaw was found in the handling of the \"mbstring.func_overload\"\nconfiguration setting. A value set for one virtual host, or in a user's\n.htaccess file, was incorrectly applied to other virtual hosts on the same\nserver, causing the handling of multibyte character strings to not work\ncorrectly. (CVE-2009-0754)\n\nA buffer overflow flaw was found in PHP's imageloadfont function. If a PHP\nscript allowed a remote attacker to load a carefully crafted font file, it\ncould cause the PHP interpreter to crash or, possibly, execute arbitrary\ncode. (CVE-2008-3658)\n\nA flaw was found in the way PHP handled certain file extensions when\nrunning in FastCGI mode. If the PHP interpreter was being executed via\nFastCGI, a remote attacker could create a request which would cause the PHP\ninterpreter to crash. (CVE-2008-3660)\n\nA memory disclosure flaw was found in the PHP gd extension's imagerotate\nfunction. A remote attacker able to pass arbitrary values as the\n\"background color\" argument of the function could, possibly, view portions\nof the PHP interpreter's memory. (CVE-2008-5498)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. The httpd web server\nmust be restarted for the changes to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015718.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015719.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015720.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015721.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015722.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015723.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015806.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015807.html\n\n**Affected packages:**\nphp\nphp-devel\nphp-domxml\nphp-gd\nphp-imap\nphp-ldap\nphp-mbstring\nphp-mysql\nphp-ncurses\nphp-odbc\nphp-pear\nphp-pgsql\nphp-snmp\nphp-xmlrpc\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0337.html", "modified": "2009-04-20T19:49:21", "published": "2009-04-06T18:44:07", "href": "http://lists.centos.org/pipermail/centos-announce/2009-April/015718.html", "id": "CESA-2009:0337", "title": "php security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:58", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2009:0338\n\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Web server.\n\nA heap-based buffer overflow flaw was found in PHP's mbstring extension. A\nremote attacker able to pass arbitrary input to a PHP script using mbstring\nconversion functions could cause the PHP interpreter to crash or,\npossibly, execute arbitrary code. (CVE-2008-5557)\n\nA flaw was found in the handling of the \"mbstring.func_overload\"\nconfiguration setting. A value set for one virtual host, or in a user's\n.htaccess file, was incorrectly applied to other virtual hosts on the same\nserver, causing the handling of multibyte character strings to not work\ncorrectly. (CVE-2009-0754)\n\nA buffer overflow flaw was found in PHP's imageloadfont function. If a PHP\nscript allowed a remote attacker to load a carefully crafted font file, it\ncould cause the PHP interpreter to crash or, possibly, execute arbitrary\ncode. (CVE-2008-3658)\n\nA flaw was found in the way PHP handled certain file extensions when\nrunning in FastCGI mode. If the PHP interpreter was being executed via\nFastCGI, a remote attacker could create a request which would cause the PHP\ninterpreter to crash. (CVE-2008-3660)\n\nA memory disclosure flaw was found in the PHP gd extension's imagerotate\nfunction. A remote attacker able to pass arbitrary values as the\n\"background color\" argument of the function could, possibly, view portions\nof the PHP interpreter's memory. (CVE-2008-5498)\n\nA cross-site scripting flaw was found in a way PHP reported errors for\ninvalid cookies. If the PHP interpreter had \"display_errors\" enabled, a\nremote attacker able to set a specially-crafted cookie on a victim's system\ncould possibly inject arbitrary HTML into an error message generated by\nPHP. (CVE-2008-5814)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. The httpd web server\nmust be restarted for the changes to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015724.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/015725.html\n\n**Affected packages:**\nphp\nphp-bcmath\nphp-cli\nphp-common\nphp-dba\nphp-devel\nphp-gd\nphp-imap\nphp-ldap\nphp-mbstring\nphp-mysql\nphp-ncurses\nphp-odbc\nphp-pdo\nphp-pgsql\nphp-snmp\nphp-soap\nphp-xml\nphp-xmlrpc\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0338.html", "modified": "2009-04-07T13:21:16", "published": "2009-04-07T13:21:16", "href": "http://lists.centos.org/pipermail/centos-announce/2009-April/015724.html", "id": "CESA-2009:0338", "title": "php security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:54", "bulletinFamily": "unix", "description": "### Background\n\nPHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. \n\n### Description\n\nMultiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below and the associated PHP release notes for details. \n\n### Impact\n\nA context-dependent attacker could execute arbitrary code via a specially crafted string containing an HTML entity when the mbstring extension is enabled. Furthermore a remote attacker could execute arbitrary code via a specially crafted GD graphics file. \n\nA remote attacker could also cause a Denial of Service via a malformed string passed to the json_decode() function, via a specially crafted ZIP file passed to the php_zip_make_relative_path() function, via a malformed JPEG image passed to the exif_read_data() function, or via temporary file exhaustion. It is also possible for an attacker to spoof certificates, bypass various safe_mode and open_basedir restrictions when certain criteria are met, perform Cross-site scripting attacks, more easily perform SQL injection attacks, manipulate settings of other virtual hosts on the same server via a malicious .htaccess entry when running on Apache, disclose memory portions, and write arbitrary files via a specially crafted ZIP archive. Some vulnerabilities with unknown impact and attack vectors have been reported as well. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll PHP users should upgrade to the latest version. As PHP is statically linked against a vulnerable version of the c-client library when the imap or kolab USE flag is enabled (GLSA 200911-03), users should upgrade net-libs/c-client beforehand: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-libs/c-client-2007e\"\n # emerge --ask --oneshot --verbose \">=dev-lang/php-5.2.12\"", "modified": "2010-01-05T00:00:00", "published": "2010-01-05T00:00:00", "id": "GLSA-201001-03", "href": "https://security.gentoo.org/glsa/201001-03", "type": "gentoo", "title": "PHP: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
