Lucene search
Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-2126-1.NASLHistoryMar 04, 2014 - 12:00 a.m.
Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : php5 vulnerabilities (USN-2126-1)
2014-03-0400:00:00
Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
Bernd Melchers discovered that PHP’s embedded libmagic library incorrectly handled indirect offset values. An attacker could use this issue to cause PHP to consume resources or crash, resulting in a denial of service. (CVE-2014-1943)
It was discovered that PHP incorrectly handled certain values when using the imagecrop function. An attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, obtain sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 13.10. (CVE-2013-7226, CVE-2013-7327, CVE-2013-7328, CVE-2014-2020).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2126-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(72799);
script_version("1.13");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2013-7226", "CVE-2013-7327", "CVE-2013-7328", "CVE-2014-1943", "CVE-2014-2020");
script_bugtraq_id(65533, 65596, 65656, 65668, 65676);
script_xref(name:"USN", value:"2126-1");
script_name(english:"Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : php5 vulnerabilities (USN-2126-1)");
script_summary(english:"Checks dpkg output for updated packages.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Ubuntu host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"Bernd Melchers discovered that PHP's embedded libmagic library
incorrectly handled indirect offset values. An attacker could use this
issue to cause PHP to consume resources or crash, resulting in a
denial of service. (CVE-2014-1943)
It was discovered that PHP incorrectly handled certain values when
using the imagecrop function. An attacker could possibly use this
issue to cause PHP to crash, resulting in a denial of service, obtain
sensitive information, or possibly execute arbitrary code. This issue
only affected Ubuntu 13.10. (CVE-2013-7226, CVE-2013-7327,
CVE-2013-7328, CVE-2014-2020).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/2126-1/"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cgi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-gd");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:13.10");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/02/18");
script_set_attribute(attribute:"patch_publication_date", value:"2014/03/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/04");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(10\.04|12\.04|12\.10|13\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 10.04 / 12.04 / 12.10 / 13.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"10.04", pkgname:"libapache2-mod-php5", pkgver:"5.3.2-1ubuntu4.23")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"php5-cgi", pkgver:"5.3.2-1ubuntu4.23")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"php5-cli", pkgver:"5.3.2-1ubuntu4.23")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"php5-gd", pkgver:"5.3.2-1ubuntu4.23")) flag++;
if (ubuntu_check(osver:"12.04", pkgname:"libapache2-mod-php5", pkgver:"5.3.10-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"12.04", pkgname:"php5-cgi", pkgver:"5.3.10-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"12.04", pkgname:"php5-cli", pkgver:"5.3.10-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"12.04", pkgname:"php5-gd", pkgver:"5.3.10-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"12.10", pkgname:"libapache2-mod-php5", pkgver:"5.4.6-1ubuntu1.7")) flag++;
if (ubuntu_check(osver:"12.10", pkgname:"php5-cgi", pkgver:"5.4.6-1ubuntu1.7")) flag++;
if (ubuntu_check(osver:"12.10", pkgname:"php5-cli", pkgver:"5.4.6-1ubuntu1.7")) flag++;
if (ubuntu_check(osver:"12.10", pkgname:"php5-gd", pkgver:"5.4.6-1ubuntu1.7")) flag++;
if (ubuntu_check(osver:"13.10", pkgname:"libapache2-mod-php5", pkgver:"5.5.3+dfsg-1ubuntu2.2")) flag++;
if (ubuntu_check(osver:"13.10", pkgname:"php5-cgi", pkgver:"5.5.3+dfsg-1ubuntu2.2")) flag++;
if (ubuntu_check(osver:"13.10", pkgname:"php5-cli", pkgver:"5.5.3+dfsg-1ubuntu2.2")) flag++;
if (ubuntu_check(osver:"13.10", pkgname:"php5-gd", pkgver:"5.5.3+dfsg-1ubuntu2.2")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libapache2-mod-php5 / php5-cgi / php5-cli / php5-gd");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | libapache2-mod-php5 | p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5 |
| canonical | ubuntu_linux | php5-cgi | p-cpe:/a:canonical:ubuntu_linux:php5-cgi |
| canonical | ubuntu_linux | php5-cli | p-cpe:/a:canonical:ubuntu_linux:php5-cli |
| canonical | ubuntu_linux | php5-gd | p-cpe:/a:canonical:ubuntu_linux:php5-gd |
| canonical | ubuntu_linux | 10.04 | cpe:/o:canonical:ubuntu_linux:10.04:-:lts |
| canonical | ubuntu_linux | 12.04 | cpe:/o:canonical:ubuntu_linux:12.04:-:lts |
| canonical | ubuntu_linux | 12.10 | cpe:/o:canonical:ubuntu_linux:12.10 |
| canonical | ubuntu_linux | 13.10 | cpe:/o:canonical:ubuntu_linux:13.10 |
Related
securityvulns
securityvulns
USN-2126-1] PHP vulnerabilities
2014-03-13 00:00:00
PHP multiple security vulnerabilities
2014-03-18 00:00:00
[ MDVSA-2014:059 ] php
2014-03-18 00:00:00
openvas
openvas
Ubuntu Update for php5 USN-2126-1
2014-03-04 00:00:00
Ubuntu: Security Advisory (USN-2126-1)
2014-03-04 00:00:00
PHP Multiple Vulnerabilities - 01 (May 2014)
2014-05-09 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2014-03-03 00:00:00
file vulnerabilities
2014-02-26 00:00:00
f5
f5
SOL15653 - Multiple PHP vulnerabilities
2014-10-02 00:00:00
K15653 : Multiple PHP vulnerabilities
2014-10-02 00:00:00
SOL15648 - PHP vulnerability CVE-2014-2020
2014-10-02 00:00:00
nessus
nessus
PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities
2014-02-14 00:00:00
PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities
2014-02-14 00:00:00
Amazon Linux AMI : php55 (ALAS-2014-314)
2014-03-28 00:00:00
amazon
amazon
ubuntucve
ubuntucve
prion
prion
Null pointer dereference
2014-02-18 11:55:00
Integer overflow
2014-02-18 11:55:00
Design/Logic Flaw
2014-02-18 11:55:00
cve
cve
seebug
seebug
PHP 'ext/gd/gd.c'信息泄漏漏洞
2014-02-20 00:00:00
PHP 'ext/gd/gd.c' gdImageCrop整数符号错误漏洞
2014-02-20 00:00:00
PHP 'ext/gd/gd.c' gdImageCrop空指针返回拒绝服务漏洞
2014-02-20 00:00:00
hackerone
hackerone
Internet Bug Bounty: PHP Heap Overflow Vulnerability in imagecrop()
2013-12-27 02:57:00
checkpoint_advisories
checkpoint_advisories
PHP Fileinfo Call Stack Exhaustion Denial of Service (CVE-2014-1943)
2014-05-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:17
debian
debian
[SECURITY] [DSA 2861-1] file security update
2014-02-16 14:10:06
[SECURITY] [DSA 2868-1] php5 security update
2014-03-02 19:18:49
[SECURITY] [DSA 2868-1] php5 security update
2014-03-02 19:19:10
osv
osv
file - denial of service
2014-02-16 00:00:00
php5 - denial of service
2014-03-02 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: file-5.14-15.fc20
2014-02-23 08:38:00
[SECURITY] Fedora 19 Update: file-5.11-12.fc19
2014-03-04 06:44:00
[SECURITY] Fedora 19 Update: file-5.11-13.fc19
2014-03-27 04:47:52
gentoo
gentoo
file: Denial of service
2014-03-13 00:00:00
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
debiancve
debiancve
CVE-2014-1943
2014-02-18 19:55:00
mageia
mageia
Updated file package fixes security vulnerability
2014-02-22 23:10:59
Updated php packages fix security vulnerabilities
2014-04-04 21:33:24
Updated php packages fix security vulnerabilities
2014-04-04 16:08:18
freebsd
freebsd
file -- denial of service
2014-02-16 00:00:00
FreeBSD -- Multiple vulnerabilities in file(1) and libmagic(3)
2014-06-24 00:00:00
slackware
slackware
[slackware-security] php
2014-03-16 03:31:21
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:16.file
2014-06-24 00:00:00
oraclelinux
oraclelinux
file security and bug fix update
2014-10-15 00:00:00
php53 and php security update
2014-08-06 00:00:00
redhat
redhat
(RHSA-2014:1606) Moderate: file security and bug fix update
2014-10-14 00:00:00
(RHSA-2014:1012) Moderate: php53 and php security update
2014-08-06 00:00:00
(RHSA-2014:1765) Important: php54-php security update
2014-10-30 00:00:00
centos
centos
file, python security update
2014-10-20 18:08:44
php, php53 security update
2014-08-06 14:53:37
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
Related for UBUNTU_USN-2126-1.NASL