Lucene search
Copyright (C) 2009 E-Soft Inc.OPENVAS:136141256231063253HistoryJan 26, 2009 - 12:00 a.m.
Mandrake Security Advisory MDVSA-2009:022 (php)
2009-01-2600:00:00
Copyright (C) 2009 E-Soft Inc.
plugins.openvas.org
20
8.9 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.048 Low
EPSS
Percentile
92.6%
The remote host is missing an update to php
announced via advisory MDVSA-2009:022.
# SPDX-FileCopyrightText: 2009 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.63253");
script_version("2023-07-19T05:05:15+0000");
script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
script_tag(name:"creation_date", value:"2009-01-26 18:18:20 +0100 (Mon, 26 Jan 2009)");
script_cve_id("CVE-2007-4782", "CVE-2007-4850", "CVE-2008-1384", "CVE-2008-2050", "CVE-2008-3658", "CVE-2008-3659", "CVE-2008-3660", "CVE-2008-5498");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("Mandrake Security Advisory MDVSA-2009:022 (php)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 E-Soft Inc.");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/rpms", re:"ssh/login/release=MNDK_2008\.0");
script_tag(name:"insight", value:"A vulnerability in PHP allowed context-dependent attackers to cause
a denial of service (crash) via a certain long string in the glob()
or fnmatch() functions (CVE-2007-4782).
A vulnerability in the cURL library in PHP allowed context-dependent
attackers to bypass safe_mode and open_basedir restrictions and read
arbitrary files using a special URL request (CVE-2007-4850).
An integer overflow in PHP allowed context-dependent attackers to
cause a denial of service via a special printf() format parameter
(CVE-2008-1384).
A stack-based buffer overflow in the FastCGI SAPI in PHP has unknown
impact and attack vectors (CVE-2008-2050).
A buffer overflow in the imageloadfont() function in PHP allowed
context-dependent attackers to cause a denial of service (crash)
and potentially execute arbitrary code via a crafted font file
(CVE-2008-3658).
A buffer overflow in the memnstr() function allowed context-dependent
attackers to cause a denial of service (crash) and potentially execute
arbitrary code via the delimiter argument to the explode() function
(CVE-2008-3659).
PHP, when used as a FastCGI module, allowed remote attackers to cause
a denial of service (crash) via a request with multiple dots preceding
the extension (CVE-2008-3660).
An array index error in the imageRotate() function in PHP allowed
context-dependent attackers to read the contents of arbitrary memory
locations via a crafted value of the third argument to the function
for an indexed image (CVE-2008-5498).
The updated packages have been patched to correct these issues.
Affected: 2008.0");
script_tag(name:"solution", value:"To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:022");
script_tag(name:"summary", value:"The remote host is missing an update to php
announced via advisory MDVSA-2009:022.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
res = "";
report = "";
if ((res = isrpmvuln(pkg:"libphp5_common5", rpm:"libphp5_common5~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-bcmath", rpm:"php-bcmath~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-bz2", rpm:"php-bz2~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-calendar", rpm:"php-calendar~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-cgi", rpm:"php-cgi~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-ctype", rpm:"php-ctype~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-curl", rpm:"php-curl~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-dba", rpm:"php-dba~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-dbase", rpm:"php-dbase~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-dom", rpm:"php-dom~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-exif", rpm:"php-exif~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-fcgi", rpm:"php-fcgi~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-filter", rpm:"php-filter~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-ftp", rpm:"php-ftp~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-gd", rpm:"php-gd~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-gettext", rpm:"php-gettext~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-gmp", rpm:"php-gmp~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-hash", rpm:"php-hash~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-iconv", rpm:"php-iconv~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-imap", rpm:"php-imap~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-json", rpm:"php-json~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-mcrypt", rpm:"php-mcrypt~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-mhash", rpm:"php-mhash~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-mime_magic", rpm:"php-mime_magic~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-ming", rpm:"php-ming~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-mssql", rpm:"php-mssql~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-mysqli", rpm:"php-mysqli~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-ncurses", rpm:"php-ncurses~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-openssl", rpm:"php-openssl~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-pcntl", rpm:"php-pcntl~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-pdo", rpm:"php-pdo~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-pdo_dblib", rpm:"php-pdo_dblib~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-pdo_mysql", rpm:"php-pdo_mysql~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-pdo_odbc", rpm:"php-pdo_odbc~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-pdo_pgsql", rpm:"php-pdo_pgsql~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-pdo_sqlite", rpm:"php-pdo_sqlite~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-posix", rpm:"php-posix~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-pspell", rpm:"php-pspell~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-readline", rpm:"php-readline~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-recode", rpm:"php-recode~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-session", rpm:"php-session~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-shmop", rpm:"php-shmop~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-simplexml", rpm:"php-simplexml~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-soap", rpm:"php-soap~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-sockets", rpm:"php-sockets~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-sqlite", rpm:"php-sqlite~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-sysvmsg", rpm:"php-sysvmsg~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-sysvsem", rpm:"php-sysvsem~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-sysvshm", rpm:"php-sysvshm~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-tidy", rpm:"php-tidy~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-tokenizer", rpm:"php-tokenizer~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-wddx", rpm:"php-wddx~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-xml", rpm:"php-xml~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-xmlreader", rpm:"php-xmlreader~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-xmlwriter", rpm:"php-xmlwriter~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-xsl", rpm:"php-xsl~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"php-zlib", rpm:"php-zlib~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"lib64php5_common5", rpm:"lib64php5_common5~5.2.4~3.3mdv2008.0", rls:"MNDK_2008.0")) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
Related
nessus
nessus
Mandriva Linux Security Advisory : php (MDVSA-2009:022)
2009-04-23 00:00:00
Mandriva Linux Security Advisory : php (MDVSA-2009:021)
2009-04-23 00:00:00
PHP < 4.4.9 Multiple Vulnerabilities
2008-08-08 00:00:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:022 (php)
2009-01-26 00:00:00
Mandrake Security Advisory MDVSA-2009:023 (php)
2009-01-26 00:00:00
Mandrake Security Advisory MDVSA-2009:023 (php)
2009-01-26 00:00:00
debian
debian
[SECURITY] [DSA 1647-1] New php5 packages fix several vulnerabilities
2008-10-07 06:52:54
[SECURITY] [DSA 1572-1] New php5 packages fix several vulnerabilities
2008-05-11 15:15:59
osv
osv
php5 - several vulnerabilities
2008-10-07 00:00:00
php5 - several vulnerabilities
2008-05-11 00:00:00
oraclelinux
oraclelinux
php security update
2009-04-06 00:00:00
php security update
2009-04-06 00:00:00
redhat
redhat
(RHSA-2009:0337) Moderate: php security update
2009-04-06 00:00:00
(RHSA-2009:0338) Moderate: php security update
2009-04-06 00:00:00
(RHSA-2009:0350) Moderate: php security update
2009-04-14 00:00:00
centos
centos
php security update
2009-04-06 17:44:07
php security update
2009-04-07 12:21:16
php security update
2008-07-16 16:15:51
freebsd
freebsd
php -- multiple vulnerabilities
2008-12-04 00:00:00
php5-gd -- uninitialized memory information disclosure vulnerability
2008-12-24 00:00:00
php -- integer overflow vulnerability
2008-03-21 00:00:00
slackware
slackware
[slackware-security] php
2008-12-05 07:37:41
php
2009-04-07 23:29:51
gentoo
gentoo
PHP: Multiple vulnerabilities
2008-11-16 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2008-07-23 00:00:00
PHP vulnerabilities
2009-02-12 00:00:00
securityvulns
securityvulns
PHP safe mode bypass vulneraebility
2009-04-12 00:00:00
{securityreason.com}PHP 5 *printf() - Integer Overflow
2008-03-22 00:00:00
HP Secure Web Server / HP Internet Express for Tru64 UNIX memory corruption
2008-11-26 00:00:00
seebug
seebug
PHP <= 5.2.8 gd library - imageRotate() Information Leak Vulnerability
2014-07-01 00:00:00
PHP <= 5.2.8 gd library - imageRotate() Information Leak Vulnerability
2009-01-03 00:00:00
PHP imageRotate()未初始化内存信息泄露漏洞
2008-12-30 00:00:00
prion
prion
Memory corruption
2008-12-26 20:30:00
Stack overflow
2008-05-05 17:20:00
Remote code execution
2007-09-10 21:17:00
ubuntucve
ubuntucve
exploitpack
exploitpack
PHP 5.2.8 gd library - imageRotate() Information Leak
2009-01-02 00:00:00
cve
cve
debiancve
debiancve
CVE-2008-5498
2008-12-26 20:30:00
CVE-2011-1071
2011-04-08 15:17:00
fedora
fedora
[SECURITY] Fedora 10 Update: maniadrive-1.2-13.fc10
2009-05-30 02:34:40
[SECURITY] Fedora 9 Update: maniadrive-1.2-13.fc9
2009-05-30 02:38:47
[SECURITY] Fedora 10 Update: php-5.2.9-2.fc10
2009-05-30 02:34:40
veracode
veracode
Information Disclosure
2020-04-10 00:31:23
Denial Of Service (DoS)
2020-04-10 00:22:29
Arbitrary Code Execution
2020-04-10 00:31:22
redhatcve
redhatcve
CVE-2008-1384
2015-10-30 10:11:58
CVE-2006-2050
2015-10-30 09:21:53
exploitdb
exploitdb
PHP 5.2.8 gd library - 'imageRotate()' Information Leak
2009-01-02 00:00:00
f5
f5
K31530542 : PHP vulnerabilities CVE-2007-1777, CVE-2007-3997, CVE-2007-4657, CVE-2008-3658, and CVE-2008-3659
2016-10-20 00:00:00
SOL31530542 - PHP vulnerabilities CVE-2007-1777, CVE-2007-3997, CVE-2007-4657, CVE-2008-3658, and CVE-2008-3659
2016-10-20 00:00:00
SOL15885 - GNU C Library vulnerability CVE-2011-1071
2014-11-27 00:00:00
8.9 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.048 Low
EPSS
Percentile
92.6%
Related for OPENVAS:136141256231063253