Lucene search
This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.SUSE_SA_2006_059.NASLHistoryFeb 18, 2007 - 12:00 a.m.
SUSE-SA:2006:059: php4,php5
2007-02-1800:00:00
This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.
www.tenable.com
183
The remote host is missing the patch for the advisory SUSE-SA:2006:059 (php4,php5).
The ini_restore() method could be exploited to reset options such as open_basedir when set via the web server config file to their default value set in php.ini (CVE-2006-4625).
Additionally php5 on all products as well as php4 on SLES8 were vulnerable to an integer overflow problem in the memory allocation routine. This bug can be exploited to execute arbitrary code with the uid of the web server (CVE-2006-4812).
Thanks to Stefan Esser for reporting the problem.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2006:059
#
if ( ! defined_func("bn_random") ) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if(description)
{
script_id(24437);
script_version("1.10");
name["english"] = "SUSE-SA:2006:059: php4,php5";
script_name(english:name["english"]);
script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a vendor-supplied security patch" );
script_set_attribute(attribute:"description", value:
"The remote host is missing the patch for the advisory SUSE-SA:2006:059 (php4,php5).
The ini_restore() method could be exploited to reset options such as
open_basedir when set via the web server config file to their default
value set in php.ini (CVE-2006-4625).
Additionally php5 on all products as well as php4 on SLES8 were
vulnerable to an integer overflow problem in the memory
allocation routine. This bug can be exploited to execute
arbitrary code with the uid of the web server (CVE-2006-4812).
Thanks to Stefan Esser for reporting the problem." );
script_set_attribute(attribute:"solution", value:
"http://www.novell.com/linux/security/advisories/2006_59_php.html" );
script_set_attribute(attribute:"risk_factor", value:"Medium" );
script_set_attribute(attribute:"plugin_publication_date", value: "2007/02/18");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_end_attributes();
summary["english"] = "Check for the version of the php4,php5 package";
script_summary(english:summary["english"]);
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.");
family["english"] = "SuSE Local Security Checks";
script_family(english:family["english"]);
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/SuSE/rpm-list");
exit(0);
}
include("rpm.inc");
if ( rpm_check( reference:"apache2-mod_php4-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"apache2-mod_php5-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-curl-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-devel-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-exif-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-fastcgi-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-gd-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-imap-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-mbstring-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-pgsql-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-servlet-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-session-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-unixODBC-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-wddx-4.4.0-6.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-bcmath-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-curl-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-devel-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-dom-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-exif-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-fastcgi-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-ftp-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-gd-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-iconv-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-imap-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-ldap-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-mbstring-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-mysql-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-mysqli-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-pear-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-pgsql-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-soap-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-wddx-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-xmlrpc-5.0.4-9.20", release:"SUSE10.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"apache2-mod_php4-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"mod_php4-servlet-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-curl-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-devel-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-exif-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-fastcgi-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-gd-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-imap-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-mbstring-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-pear-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-pgsql-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-session-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-sysvshm-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-wddx-4.3.8-8.33", release:"SUSE9.2") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"apache2-mod_php4-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"apache2-mod_php5-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"mod_php4-servlet-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-curl-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-devel-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-exif-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-fastcgi-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-gd-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-imap-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-mbstring-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-pear-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-pgsql-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-session-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-sysvshm-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php4-wddx-4.3.10-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-bcmath-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-curl-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-dba-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-devel-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-dom-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-exif-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-fastcgi-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-ftp-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-gd-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-iconv-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-imap-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-ldap-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-mbstring-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-mysql-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-mysqli-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-pear-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-pgsql-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-soap-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-sysvmsg-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-sysvshm-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-wddx-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"php5-xmlrpc-5.0.3-14.30", release:"SUSE9.3") )
{
security_warning(0);
exit(0);
}
Related
nessus
nessus
openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-2153)
2007-10-17 00:00:00
SuSE 10 Security Update : PHP (ZYPP Patch Number 2152)
2007-12-13 00:00:00
Ubuntu 5.04 / 5.10 / 6.06 LTS : php4, php5 vulnerabilities (USN-362-1)
2007-11-10 00:00:00
suse
suse
remote code execution in php4,php5
2006-10-09 16:00:37
ubuntu
ubuntu
PHP vulnerabilities
2006-10-11 00:00:00
openvas
openvas
SLES9: Security update for PHP
2009-10-10 00:00:00
SLES9: Security update for PHP
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200610-14 (php)
2008-09-24 00:00:00
securityvulns
securityvulns
PHP 5.1.6 / 4.4.4 Critical php_admin* bypass by ini_restore()
2006-09-11 00:00:00
[Full-disclosure] [ MDKSA-2006:180 ] - Updated php packages fix integer overflow vulnerability
2006-10-06 00:00:00
PHP integer overflow
2006-10-09 00:00:00
ubuntucve
ubuntucve
freebsd
freebsd
php -- _ecalloc Integer Overflow Vulnerability
2006-09-30 00:00:00
cve
cve
gentoo
gentoo
PHP: Integer overflow
2006-10-30 00:00:00
packetstorm
packetstorm
phpBypass.txt
2006-09-13 00:00:00
redhat
redhat
(RHSA-2006:0708) php security update
2006-10-05 00:00:00
(RHSA-2006:0688) php security update
2006-10-05 00:00:00
centos
centos
php security update
2006-10-09 01:04:12
prion
prion
Design/Logic Flaw
2007-11-20 18:46:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: php-5.1.6-1.4
2007-02-26 22:09:19
[SECURITY] Fedora Core 5 Update: php-5.1.6-1.5
2007-04-18 22:42:03
[SECURITY] Fedora Core 5 Update: php-5.1.6-1.6
2007-05-24 05:24:12
Related for SUSE_SA_2006_059.NASL