Lucene search

K
openvas
Copyright (c) 2010 Greenbone Networks GmbHOPENVAS:1361412562310831285
HistoryDec 28, 2010 - 12:00 a.m.

Mandriva Update for php-intl MDVSA-2010:255 (php-intl)

2010-12-2800:00:00
Copyright (c) 2010 Greenbone Networks GmbH
plugins.openvas.org
18

0.024 Low

EPSS

Percentile

88.7%

Check for the Version of php-intl

###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for php-intl MDVSA-2010:255 (php-intl)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "A vulnerability was discovered and corrected in php-intl:

  Integer overflow in the NumberFormatter::getSymbol (aka
  numfmt_get_symbol) function in PHP 5.3.3 and earlier allows
  context-dependent attackers to cause a denial of service (application
  crash) via an invalid argument (CVE-2010-4409).
  
  The updated packages have been upgraded to php-intl-1.1.2 and patched
  to correct this issue.";
tag_solution = "Please Install the Updated Packages.";

tag_affected = "php-intl on Mandriva Enterprise Server 5,
  Mandriva Enterprise Server 5/X86_64";


if(description)
{
  script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2010-12/msg00016.php");
  script_oid("1.3.6.1.4.1.25623.1.0.831285");
  script_version("$Revision: 8447 $");
  script_tag(name:"last_modification", value:"$Date: 2018-01-17 17:12:19 +0100 (Wed, 17 Jan 2018) $");
  script_tag(name:"creation_date", value:"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_xref(name: "MDVSA", value: "2010:255");
  script_cve_id("CVE-2010-4409");
  script_name("Mandriva Update for php-intl MDVSA-2010:255 (php-intl)");

  script_tag(name: "summary" , value: "Check for the Version of php-intl");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
  script_family("Mandrake Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "MNDK_mes5")
{

  if ((res = isrpmvuln(pkg:"php-intl", rpm:"php-intl~1.1.2~0.1mdvmes5.1", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}
How to find holes in your network?

Try incredible fast Vulners Perimeter Scanner and find vulnerabilities and unnecessary ip and ports in network devices inside your network before anyone else.

Try Network Scanner

0.024 Low

EPSS

Percentile

88.7%

Related for OPENVAS:1361412562310831285