Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2015 Greenbone AGOPENVAS:1361412562310703344
HistoryAug 26, 2015 - 12:00 a.m.

Debian: Security Advisory (DSA-3344-1)

2015-08-2600:00:00
Copyright (C) 2015 Greenbone AG
plugins.openvas.org
23

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.076 Low

EPSS

Percentile

94.1%

JSON

The remote host is missing an update for the Debian

# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.703344");
  script_cve_id("CVE-2015-4598", "CVE-2015-4643", "CVE-2015-4644", "CVE-2015-5589", "CVE-2015-5590", "CVE-2015-6831", "CVE-2015-6832", "CVE-2015-6833");
  script_tag(name:"creation_date", value:"2015-08-26 22:00:00 +0000 (Wed, 26 Aug 2015)");
  script_version("2024-02-02T05:06:05+0000");
  script_tag(name:"last_modification", value:"2024-02-02 05:06:05 +0000 (Fri, 02 Feb 2024)");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2016-05-17 12:50:37 +0000 (Tue, 17 May 2016)");

  script_name("Debian: Security Advisory (DSA-3344-1)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2015 Greenbone AG");
  script_family("Debian Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB(7|8)");

  script_xref(name:"Advisory-ID", value:"DSA-3344-1");
  script_xref(name:"URL", value:"https://www.debian.org/security/2015/DSA-3344-1");
  script_xref(name:"URL", value:"https://security-tracker.debian.org/tracker/DSA-3344");

  script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'php5' package(s) announced via the DSA-3344-1 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"Multiple vulnerabilities have been discovered in the PHP language:

CVE-2015-4598

thoger at redhat dot com discovered that paths containing a NUL character were improperly handled, thus allowing an attacker to manipulate unexpected files on the server.

CVE-2015-4643

Max Spelsberg discovered an integer overflow flaw leading to a heap-based buffer overflow in PHP's FTP extension, when parsing listings in FTP server responses. This could lead to a crash or execution of arbitrary code.

CVE-2015-4644

A denial of service through a crash could be caused by a segfault in the php_pgsql_meta_data function.

CVE-2015-5589

kwrnel at hotmail dot com discovered that PHP could crash when processing an invalid phar file, thus leading to a denial of service.

CVE-2015-5590

jared at enhancesoft dot com discovered a buffer overflow in the phar_fix_filepath function, that could causes a crash or execution of arbitrary code.

Additionally, several other vulnerabilities were fixed:

sean dot heelan at gmail dot com discovered a problem in the unserialization of some items, that could lead to arbitrary code execution.

stewie at mail dot ru discovered that the phar extension improperly handled zip archives with relative paths, which would allow an attacker to overwrite files outside of the destination directory.

taoguangchen at icloud dot com discovered several use-after-free vulnerabilities that could lead to arbitrary code execution.

For the oldstable distribution (wheezy), these problems have been fixed in version 5.4.44-0+deb7u1.

For the stable distribution (jessie), these problems have been fixed in version 5.6.12+dfsg-0+deb8u1.

For the unstable distribution (sid), these problems have been fixed in version 5.6.12+dfsg-1.

We recommend that you upgrade your php5 packages.");

  script_tag(name:"affected", value:"'php5' package(s) on Debian 7, Debian 8.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-deb.inc");

release = dpkg_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "DEB7") {

  if(!isnull(res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"libapache2-mod-php5filter", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"libphp5-embed", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php-pear", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-cgi", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-cli", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-common", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-curl", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-dbg", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-dev", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-enchant", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-fpm", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-gd", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-gmp", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-imap", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-interbase", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-intl", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-ldap", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-mcrypt", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-mysql", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-mysqlnd", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-odbc", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-pgsql", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-pspell", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-recode", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-snmp", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-sqlite", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-sybase", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-tidy", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-xsl", ver:"5.4.44-0+deb7u1", rls:"DEB7"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "DEB8") {

  if(!isnull(res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"libapache2-mod-php5filter", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"libphp5-embed", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php-pear", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-cgi", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-cli", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-common", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-curl", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-dbg", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-dev", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-enchant", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-fpm", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-gd", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-gmp", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-imap", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-interbase", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-intl", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-ldap", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-mcrypt", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-mysql", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-mysqlnd", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-odbc", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-pgsql", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-phpdbg", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-pspell", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-readline", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-recode", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-snmp", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-sqlite", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-sybase", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-tidy", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"php5-xsl", ver:"5.6.12+dfsg-0+deb8u1", rls:"DEB8"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Related

nessus 56
osv 4
debian 4
securityvulns 4
openvas 41
amazon 6
freebsd 3
mageia 2
fedora 1
ubuntu 2
veracode 16
kaspersky 2
redhat 5
suse 8
hackerone 4
cve 9
oraclelinux 2
ubuntucve 9
prion 9
f5 4
redhatcve 1
slackware 1
thn 1
gentoo 1
ibm 2
cloudlinux 1
centos 1
nessus
nessus
Debian DSA-3344-1 : php5 - security update
2015-08-28 00:00:00
Amazon Linux AMI : php56 (ALAS-2015-585) (BACKRONYM)
2015-08-18 00:00:00
Amazon Linux AMI : php54 (ALAS-2015-583) (BACKRONYM)
2015-08-18 00:00:00
osv
osv
php5 - security update
2015-08-27 00:00:00
php5 - security update
2015-11-08 00:00:00
php5 - security update
2015-09-07 00:00:00
debian
debian
[SECURITY] [DSA 3344-1] php5 security update
2015-08-27 15:00:09
[SECURITY] [DSA 3344-1] php5 security update
2015-08-27 15:00:09
[SECURITY] [DLA 341-1] php5 security update
2015-11-08 18:51:20
securityvulns
securityvulns
[SECURITY] [DSA 3344-1] php5 security update
2015-08-31 00:00:00
PHP security vulnerabilities
2015-08-31 00:00:00
[USN-2658-1] PHP vulnerabilities
2015-07-13 00:00:00
openvas
openvas
Debian Security Advisory DSA 3344-1 (php5 - security update)
2015-08-27 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-585)
2015-09-08 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-583)
2015-09-08 00:00:00
amazon
amazon
Medium: php54
2015-08-17 12:39:00
Medium: php55
2015-08-17 12:41:00
Medium: php56
2015-08-17 12:46:00
freebsd
freebsd
php5 -- multiple vulnerabilities
2015-08-06 00:00:00
php-phar -- multiple vulnerabilities
2015-06-24 00:00:00
php5 -- multiple vulnerabilities
2015-06-11 00:00:00
mageia
mageia
Updated php package fixes security vulnerability
2015-07-05 20:22:03
Updated php package fixes security vulnerabilities
2015-07-23 12:39:14
fedora
fedora
[SECURITY] Fedora 21 Update: php-5.6.11-1.fc21
2015-07-29 01:58:13
ubuntu
ubuntu
PHP vulnerabilities
2015-09-30 00:00:00
PHP vulnerabilities
2015-07-06 00:00:00
veracode
veracode
Use After Free
2019-05-02 05:27:42
Denial Of Service (DoS)
2019-05-02 05:27:42
Denial Of Service (DoS)
2019-05-02 05:27:42
kaspersky
kaspersky
KLA10747 Obsolete PHP version in XAMPP & WAMP
2016-01-19 00:00:00
KLA10746 Multiple vulnerabilities in PHP
2016-01-19 00:00:00
redhat
redhat
(RHSA-2016:0457) Moderate: rh-php56-php security update
2016-03-15 00:00:00
(RHSA-2015:1219) Moderate: php54-php security update
2015-07-09 00:00:00
(RHSA-2015:1186) Important: php55-php security update
2015-06-25 00:00:00
suse
suse
Security update for php5 (important)
2015-09-25 11:09:46
Security update for php5 (important)
2015-09-25 15:09:56
Security update for php53 (important)
2015-10-26 15:09:54
hackerone
hackerone
Internet Bug Bounty: Dangling pointer in the unserialization of ArrayObject items
2015-07-13 00:00:00
Internet Bug Bounty: Files extracted from archive may be placed outside of destination directory
2015-07-08 00:00:00
Internet Bug Bounty: Improved fix for bug #69545 (Integer overflow in ftp_genlist() resulting in heap overflow)
2015-05-13 00:00:00
cve
cve
CVE-2015-6832
2016-01-19 05:59:00
CVE-2015-4598
2016-05-16 10:59:00
CVE-2015-5589
2016-05-16 10:59:00
oraclelinux
oraclelinux
php54-php security update
2016-02-04 00:00:00
php55-php security update
2016-02-04 00:00:00
ubuntucve
ubuntucve
CVE-2015-5589
2015-07-20 00:00:00
CVE-2015-6833
2015-08-27 00:00:00
CVE-2015-6832
2015-08-27 00:00:00
prion
prion
Design/Logic Flaw
2016-01-19 05:59:00
Design/Logic Flaw
2016-05-16 10:59:00
Directory traversal
2016-01-19 05:59:00
f5
f5
SOL80285422 - PHP vulnerabilities CVE-2015-4642, CVE-2015-4643, and CVE-2015-4644
2016-07-05 00:00:00
K80285422 : PHP vulnerabilities CVE-2015-4642, CVE-2015-4643, and CVE-2015-4644
2016-07-05 00:00:00
K17049 : PHP vulnerability CVE-2015-4598
2015-08-07 00:00:00
redhatcve
redhatcve
CVE-2016-4473
2016-08-22 20:48:41
slackware
slackware
[slackware-security] php
2015-07-17 20:25:21
thn
thn
3 Critical Zero-Day Flaws Found in PHP 7 — One Remains Unpatched!
2016-12-28 23:45:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2016-06-19 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in php affect IBM Flex System Manger (FSM)
2019-01-31 02:10:01
Security Bulletin: IBM Tealeaf Customer Experience PCA Web UI PHP security issues
2018-06-16 19:50:01
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
centos
centos
php security update
2015-06-24 03:28:02

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.076 Low

EPSS

Percentile

94.1%

JSON
Related for OPENVAS:1361412562310703344
nessus56osv4debian4securityvulns4openvas41amazon6freebsd3mageia2fedora1ubuntu2veracode16kaspersky2redhat5suse8hackerone4cve9oraclelinux2ubuntucve9prion9f54redhatcve1slackware1thn1gentoo1ibm2cloudlinux1centos1