Lucene search
Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-549-1.NASLHistoryNov 30, 2007 - 12:00 a.m.
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : php5 vulnerabilities (USN-549-1)
2007-11-3000:00:00
Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22
It was discovered that the wordwrap function did not correctly check lengths. Remote attackers could exploit this to cause a crash or monopolize CPU resources, resulting in a denial of service.
(CVE-2007-3998)
Integer overflows were discovered in the strspn and strcspn functions.
Attackers could exploit this to read arbitrary areas of memory, possibly gaining access to sensitive information. (CVE-2007-4657)
Stanislav Malyshev discovered that money_format function did not correctly handle certain tokens. If a PHP application were tricked into processing a bad format string, a remote attacker could execute arbitrary code with application privileges. (CVE-2007-4658)
It was discovered that the php_openssl_make_REQ function did not correctly check buffer lengths. A remote attacker could send a specially crafted message and execute arbitrary code with application privileges. (CVE-2007-4662)
It was discovered that certain characters in session cookies were not handled correctly. A remote attacker could injection values which could lead to altered application behavior, potentially gaining additional privileges. (CVE-2007-3799)
Gerhard Wagner discovered that the chunk_split function did not correctly handle long strings. A remote attacker could exploit this to execute arbitrary code with application privileges. (CVE-2007-2872, CVE-2007-4660, CVE-2007-4661)
Stefan Esser discovered that deeply nested arrays could be made to fill stack space. A remote attacker could exploit this to cause a crash or monopolize CPU resources, resulting in a denial of service.
(CVE-2007-1285, CVE-2007-4670)
Rasmus Lerdorf discovered that the htmlentities and htmlspecialchars functions did not correctly stop when handling partial multibyte sequences. A remote attacker could exploit this to read certain areas of memory, possibly gaining access to sensitive information.
(CVE-2007-5898)
It was discovered that the output_add_rewrite_var fucntion would sometimes leak session id information to forms targeting remote URLs.
Malicious remote sites could use this information to gain access to a PHP application user’s login credentials. (CVE-2007-5899).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-549-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(28372);
script_version("1.20");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2007-1285", "CVE-2007-2872", "CVE-2007-3799", "CVE-2007-3998", "CVE-2007-4657", "CVE-2007-4658", "CVE-2007-4660", "CVE-2007-4661", "CVE-2007-4662", "CVE-2007-4670", "CVE-2007-5898", "CVE-2007-5899");
script_bugtraq_id(22764, 24261, 24268, 25498, 26403);
script_xref(name:"USN", value:"549-1");
script_name(english:"Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : php5 vulnerabilities (USN-549-1)");
script_summary(english:"Checks dpkg output for updated packages.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Ubuntu host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"It was discovered that the wordwrap function did not correctly check
lengths. Remote attackers could exploit this to cause a crash or
monopolize CPU resources, resulting in a denial of service.
(CVE-2007-3998)
Integer overflows were discovered in the strspn and strcspn functions.
Attackers could exploit this to read arbitrary areas of memory,
possibly gaining access to sensitive information. (CVE-2007-4657)
Stanislav Malyshev discovered that money_format function did not
correctly handle certain tokens. If a PHP application were tricked
into processing a bad format string, a remote attacker could execute
arbitrary code with application privileges. (CVE-2007-4658)
It was discovered that the php_openssl_make_REQ function did not
correctly check buffer lengths. A remote attacker could send a
specially crafted message and execute arbitrary code with application
privileges. (CVE-2007-4662)
It was discovered that certain characters in session cookies were not
handled correctly. A remote attacker could injection values which
could lead to altered application behavior, potentially gaining
additional privileges. (CVE-2007-3799)
Gerhard Wagner discovered that the chunk_split function did not
correctly handle long strings. A remote attacker could exploit this to
execute arbitrary code with application privileges. (CVE-2007-2872,
CVE-2007-4660, CVE-2007-4661)
Stefan Esser discovered that deeply nested arrays could be made to
fill stack space. A remote attacker could exploit this to cause a
crash or monopolize CPU resources, resulting in a denial of service.
(CVE-2007-1285, CVE-2007-4670)
Rasmus Lerdorf discovered that the htmlentities and htmlspecialchars
functions did not correctly stop when handling partial multibyte
sequences. A remote attacker could exploit this to read certain areas
of memory, possibly gaining access to sensitive information.
(CVE-2007-5898)
It was discovered that the output_add_rewrite_var fucntion would
sometimes leak session id information to forms targeting remote URLs.
Malicious remote sites could use this information to gain access to a
PHP application user's login credentials. (CVE-2007-5899).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/549-1/"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(20, 119, 189, 200, 399);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php-pear");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cgi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-curl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-gd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-ldap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-mhash");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-mysqli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-odbc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-pgsql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-pspell");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-recode");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-snmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-sqlite");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-sybase");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-tidy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-xmlrpc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-xsl");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.04");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.10");
script_set_attribute(attribute:"patch_publication_date", value:"2007/11/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/30");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(6\.06|6\.10|7\.04|7\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.06 / 6.10 / 7.04 / 7.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"6.06", pkgname:"libapache2-mod-php5", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php-pear", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-cgi", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-cli", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-common", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-curl", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-dev", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-gd", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-ldap", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-mhash", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-mysql", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-mysqli", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-odbc", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-pgsql", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-recode", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-snmp", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-sqlite", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-sybase", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-xmlrpc", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-xsl", pkgver:"5.1.2-1ubuntu3.10")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"libapache2-mod-php5", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php-pear", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-cgi", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-cli", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-common", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-curl", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-dev", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-gd", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-ldap", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-mhash", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-mysql", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-mysqli", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-odbc", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-pgsql", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-recode", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-snmp", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-sqlite", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-sybase", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-xmlrpc", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-xsl", pkgver:"5.1.6-1ubuntu2.7")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libapache2-mod-php5", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php-pear", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-cgi", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-cli", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-common", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-curl", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-dev", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-gd", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-ldap", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-mhash", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-mysql", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-odbc", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-pgsql", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-pspell", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-recode", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-snmp", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-sqlite", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-sybase", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-tidy", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-xmlrpc", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-xsl", pkgver:"5.2.1-0ubuntu1.5")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libapache2-mod-php5", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php-pear", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-cgi", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-cli", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-common", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-curl", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-dev", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-gd", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-ldap", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-mhash", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-mysql", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-odbc", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-pgsql", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-pspell", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-recode", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-snmp", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-sqlite", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-sybase", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-tidy", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-xmlrpc", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"php5-xsl", pkgver:"5.2.3-1ubuntu6.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libapache2-mod-php5 / php-pear / php5 / php5-cgi / php5-cli / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | php5-mysql | p-cpe:/a:canonical:ubuntu_linux:php5-mysql |
| canonical | ubuntu_linux | php5-mysqli | p-cpe:/a:canonical:ubuntu_linux:php5-mysqli |
| canonical | ubuntu_linux | php5-odbc | p-cpe:/a:canonical:ubuntu_linux:php5-odbc |
| canonical | ubuntu_linux | php5-pgsql | p-cpe:/a:canonical:ubuntu_linux:php5-pgsql |
| canonical | ubuntu_linux | php5-pspell | p-cpe:/a:canonical:ubuntu_linux:php5-pspell |
| canonical | ubuntu_linux | php5-recode | p-cpe:/a:canonical:ubuntu_linux:php5-recode |
| canonical | ubuntu_linux | php5-snmp | p-cpe:/a:canonical:ubuntu_linux:php5-snmp |
| canonical | ubuntu_linux | php5-sqlite | p-cpe:/a:canonical:ubuntu_linux:php5-sqlite |
| canonical | ubuntu_linux | php5-sybase | p-cpe:/a:canonical:ubuntu_linux:php5-sybase |
| canonical | ubuntu_linux | php5-tidy | p-cpe:/a:canonical:ubuntu_linux:php5-tidy |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1285
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2872
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3799
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3998
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4657
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4658
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4660
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4661
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4662
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4670
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5898
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5899
usn.ubuntu.com/549-1/
Related
openvas
openvas
Ubuntu Update for php5 regression USN-549-2
2009-03-23 00:00:00
Ubuntu Update for php5 vulnerabilities USN-549-1
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-549-1)
2009-03-23 00:00:00
nessus
nessus
Ubuntu 7.10 : php5 regression (USN-549-2)
2007-12-04 00:00:00
Debian DSA-1444-2 : php5 - several vulnerabilities
2008-01-04 00:00:00
Oracle Linux 4 / 5 : php (ELSA-2007-0890)
2013-07-12 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2007-11-29 00:00:00
PHP regression
2007-12-03 00:00:00
PHP vulnerabilities
2008-07-23 00:00:00
debian
debian
[SECURITY] [DSA 1444-2] New php5 packages fix regression
2008-01-23 21:29:45
[SECURITY] [DSA 1444-1] New php5 packages fix several vulnerabilities
2008-01-03 20:25:59
[SECURITY] [DSA 1578-1] New php4 packages fix several vulnerabilities
2008-05-17 11:44:14
osv
osv
php5 several issues
2008-01-23 00:00:00
php4 - several vulnerabilities
2008-05-17 00:00:00
securityvulns
securityvulns
PHP multiple security vulnerabilities
2008-01-04 00:00:00
rPSA-2007-0242-1 php5 php5-cgi php5-mysql php5-pear php5-pgsql php5-soap php5-xsl
2007-11-20 00:00:00
PHP multiple Denial of Service conditions
2007-11-20 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: php-5.1.6-3.7.fc6
2007-09-24 20:33:40
[SECURITY] Fedora 8 Update: php-5.2.6-2.fc8
2008-06-20 19:08:56
[SECURITY] Fedora 9 Update: php-5.2.6-2.fc9
2008-07-26 06:03:23
redhat
redhat
(RHSA-2007:0890) Moderate: php security update
2007-09-20 00:00:00
(RHSA-2007:0917) Moderate: php security update
2007-10-23 00:00:00
(RHSA-2007:0891) Moderate: php security update
2007-10-25 00:00:00
centos
centos
php security update
2007-09-20 14:31:37
php security update
2007-09-26 09:03:28
php security update
2007-10-24 03:08:58
freebsd
freebsd
php -- multiple vulnerabilities
2007-08-30 00:00:00
oraclelinux
oraclelinux
Moderate: php security update
2007-09-20 00:00:00
Moderate: php security update
2007-09-26 00:00:00
php security and bug fix update
2008-07-16 00:00:00
ubuntucve
ubuntucve
prion
prion
cve
cve
gentoo
gentoo
PHP: Multiple vulnerabilities
2007-10-07 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:18:59
Denial Of Service (DoS)
2020-04-10 00:18:58
Improper Session Handling
2020-04-10 00:18:57
redhatcve
redhatcve
CVE-2007-4662
2015-10-30 10:05:53
CVE-2007-4657
2015-10-30 09:33:14
suse
suse
remote code execution in php4, php5
2008-01-29 14:18:48
remote denial of service in php4,php5
2007-07-12 16:26:43
slackware
slackware
[slackware-security] php5
2007-06-01 21:19:18
Related for UBUNTU_USN-549-1.NASL