Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (c) 2010 Greenbone Networks GmbHOPENVAS:1361412562310840501
HistorySep 22, 2010 - 12:00 a.m.

Ubuntu Update for php5 vulnerabilities USN-989-1

2010-09-2200:00:00
Copyright (c) 2010 Greenbone Networks GmbH
plugins.openvas.org
29

0.045 Low

EPSS

Percentile

91.5%

JSON

Ubuntu Update for Linux kernel vulnerabilities USN-989-1

###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_989_1.nasl 8495 2018-01-23 07:57:49Z teissa $
#
# Ubuntu Update for php5 vulnerabilities USN-989-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc
  requests. An attacker could exploit this issue to cause the PHP server to
  crash, resulting in a denial of service. This issue only affected Ubuntu
  6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-0397)

  It was discovered that the pseudorandom number generator in PHP did not
  provide the expected entropy. An attacker could exploit this issue to
  predict values that were intended to be random, such as session cookies.
  This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10.
  (CVE-2010-1128)
  
  It was discovered that PHP did not properly handle directory pathnames that
  lacked a trailing slash character. An attacker could exploit this issue to
  bypass safe_mode restrictions. This issue only affected Ubuntu 6.06 LTS,
  8.04 LTS, 9.04 and 9.10. (CVE-2010-1129)
  
  Grzegorz Stachowiak discovered that the PHP session extension did not
  properly handle semicolon characters. An attacker could exploit this issue
  to bypass safe_mode restrictions. This issue only affected Ubuntu 8.04 LTS,
  9.04 and 9.10. (CVE-2010-1130)
  
  Stefan Esser discovered that PHP incorrectly decoded remote HTTP chunked
  encoding streams. An attacker could exploit this issue to cause the PHP
  server to crash and possibly execute arbitrary code with application
  privileges. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-1866)
  
  Mateusz Kocielski discovered that certain PHP SQLite functions incorrectly
  handled empty SQL queries. An attacker could exploit this issue to possibly
  execute arbitrary code with application privileges. (CVE-2010-1868)
  
  Mateusz Kocielski discovered that PHP incorrectly handled certain arguments
  to the fnmatch function. An attacker could exploit this flaw and cause the
  PHP server to consume all available stack memory, resulting in a denial of
  service. (CVE-2010-1917)
  
  Stefan Esser discovered that PHP incorrectly handled certain strings in the
  phar extension. An attacker could exploit this flaw to possibly view
  sensitive information. This issue only affected Ubuntu 10.04 LTS.
  (CVE-2010-2094, CVE-2010-2950)
  
  Stefan Esser discovered that PHP incorrectly handled deserialization of
  SPLObjectStorage objects. A remote attacker could exploit this issue to
  view sensitive information and possibly execute arbitrary code with
  application privileges. This issue only affected Ubuntu 8.04 LTS, 9.04,
  9.10 and 10.04 LTS. (CVE-2010-2225)
  
  It was discovered that PHP incorrectly filtered ... 

  Description truncated, for more information please check the Reference URL";

tag_summary = "Ubuntu Update for Linux kernel vulnerabilities USN-989-1";
tag_affected = "php5 vulnerabilities on Ubuntu 6.06 LTS ,
  Ubuntu 8.04 LTS ,
  Ubuntu 9.04 ,
  Ubuntu 9.10 ,
  Ubuntu 10.04 LTS";
tag_solution = "Please Install the Updated Packages.";


if(description)
{
  script_xref(name: "URL" , value: "http://www.ubuntu.com/usn/usn-989-1/");
  script_oid("1.3.6.1.4.1.25623.1.0.840501");
  script_version("$Revision: 8495 $");
  script_tag(name:"last_modification", value:"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $");
  script_tag(name:"creation_date", value:"2010-09-22 08:32:53 +0200 (Wed, 22 Sep 2010)");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_xref(name: "USN", value: "989-1");
  script_cve_id("CVE-2010-0397", "CVE-2010-1128", "CVE-2010-1129", "CVE-2010-1130", "CVE-2010-1866", "CVE-2010-1868", "CVE-2010-1917", "CVE-2010-2094", "CVE-2010-2225", "CVE-2010-2531", "CVE-2010-2950", "CVE-2010-3065");
  script_name("Ubuntu Update for php5 vulnerabilities USN-989-1");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages");
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-deb.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "UBUNTU9.10")
{

  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cgi", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cli", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-common", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-curl", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-dbg", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-dev", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gd", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gmp", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-ldap", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mhash", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mysql", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-odbc", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pspell", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-recode", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-snmp", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sybase", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-tidy", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xsl", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5filter", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php-pear", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5", ver:"5.2.10.dfsg.1-2ubuntu6.5", rls:"UBUNTU9.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "UBUNTU6.06 LTS")
{

  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cgi", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cli", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-common", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-curl", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-dev", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gd", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-ldap", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mhash", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mysql", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mysqli", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-odbc", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pgsql", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-recode", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-snmp", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sqlite", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sybase", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xsl", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php-pear", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5", ver:"5.1.2-1ubuntu3.19", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "UBUNTU10.04 LTS")
{

  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cgi", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cli", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-common", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-curl", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-dbg", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-dev", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gd", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gmp", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-ldap", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mysql", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-odbc", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pgsql", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pspell", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-recode", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-snmp", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sqlite", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sybase", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-tidy", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xsl", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5filter", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-enchant", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-intl", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php-pear", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5", ver:"5.3.2-1ubuntu4.5", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "UBUNTU9.04")
{

  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cgi", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cli", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-common", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-curl", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-dbg", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-dev", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gd", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gmp", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-ldap", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mhash", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mysql", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-odbc", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pspell", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-recode", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-snmp", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sybase", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-tidy", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xsl", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5filter", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php-pear", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5", ver:"5.2.6.dfsg.1-3ubuntu4.6", rls:"UBUNTU9.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "UBUNTU8.04 LTS")
{

  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cgi", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cli", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-common", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-curl", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-dev", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gd", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gmp", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-ldap", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mhash", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mysql", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-odbc", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pspell", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-recode", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-snmp", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sybase", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-tidy", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xsl", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php-pear", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5", ver:"5.2.4-2ubuntu5.12", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

Related

nessus 39
securityvulns 9
openvas 62
ubuntu 1
osv 3
redhat 2
oraclelinux 2
centos 2
debian 4
slackware 1
fedora 11
ubuntucve 13
veracode 6
prion 13
cve 13
checkpoint_advisories 3
f5 8
seebug 1
freebsd 1
thn 2
threatpost 1
gentoo 1
debiancve 1
nessus
nessus
Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : php5 vulnerabilities (USN-989-1)
2010-09-21 00:00:00
Debian DSA-2089-1 : php5 - several vulnerabilities
2010-08-23 00:00:00
Scientific Linux Security Update : php on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
securityvulns
securityvulns
[USN-989-1] PHP vulnerabilities
2010-09-27 00:00:00
PHP multiple security vulnerabilities
2010-09-27 00:00:00
PHP multiple security vulnerabilities
2010-05-11 00:00:00
openvas
openvas
Ubuntu Update for php5 vulnerabilities USN-989-1
2010-09-22 00:00:00
RedHat Update for php RHSA-2010:0919-01
2010-12-09 00:00:00
RedHat Update for php RHSA-2010:0919-01
2010-12-09 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2010-09-20 00:00:00
osv
osv
php5 - several vulnerabilities
2010-08-06 00:00:00
php5 - null pointer dereference
2010-03-18 00:00:00
php5 - several
2011-06-29 00:00:00
redhat
redhat
(RHSA-2010:0919) Moderate: php security update
2010-11-29 00:00:00
(RHSA-2012:1047) Moderate: php53 security update
2012-06-27 00:00:00
oraclelinux
oraclelinux
php security update
2010-11-29 00:00:00
php53 security update
2012-06-27 00:00:00
centos
centos
php security update
2010-11-30 12:21:14
php53 security update
2012-06-27 20:24:26
debian
debian
[SECURITY] [DSA-2089-1] New php5 packages fix several vulnerabilities
2010-08-06 05:42:32
[SECURITY] [DSA-2018-1] New php5 packages fix null pointer dereference
2010-03-18 16:38:27
[SECURITY] [DSA 2266-1] php5 security update
2011-06-29 18:42:45
slackware
slackware
[slackware-security] php
2010-08-28 16:53:00
fedora
fedora
[SECURITY] Fedora 12 Update: php-eaccelerator-0.9.6.1-2.fc12
2010-08-23 22:08:06
[SECURITY] Fedora 13 Update: php-5.3.3-1.fc13
2010-08-23 22:00:56
[SECURITY] Fedora 13 Update: maniadrive-1.2-22.fc13
2010-08-23 22:00:56
ubuntucve
ubuntucve
CVE-2010-2950
2010-05-27 00:00:00
CVE-2010-2225
2010-06-24 00:00:00
CVE-2010-0397
2010-03-16 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 08:53:47
Denial Of Service (DoS)
2020-04-10 00:53:57
Denial Of Service (DoS)
2020-04-10 00:53:57
prion
prion
Format string
2010-09-28 18:00:00
Design/Logic Flaw
2010-06-24 12:30:00
Code injection
2010-05-07 23:00:00
cve
cve
CVE-2010-2950
2010-09-28 18:00:00
CVE-2010-1866
2010-05-07 23:00:00
CVE-2010-2225
2010-06-24 12:30:00
checkpoint_advisories
checkpoint_advisories
PhpMyAdmin ENV Superglobal Remote Variable Manipulation (CVE-2010-3065)
2014-09-14 00:00:00
PHP Session Serializer Session Data Injection (CVE-2010-3065)
2013-10-20 00:00:00
Zend PHP Advanced Local File Inclusion (CVE-2010-2094)
2015-02-02 00:00:00
f5
f5
SOL12156 - PHP xmlrpc vulnerability - CVE-2010-0397
2010-10-14 00:00:00
SOL12253 - PHP vulnerability CVE-2010-2225
2010-11-03 00:00:00
K12253 : PHP vulnerability CVE-2010-2225
2013-07-03 00:00:00
seebug
seebug
PHP xmlrpc扩展空指针引用拒绝服务漏洞
2010-03-19 00:00:00
freebsd
freebsd
pecl-phar -- format string vulnerability
2010-12-13 00:00:00
thn
thn
Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers
2013-09-09 17:45:00
Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers
2013-09-09 06:45:00
threatpost
threatpost
Call for Ban on Vulnerable PHP SuperGlobal Variables
2013-09-09 14:54:04
gentoo
gentoo
PHP: Multiple vulnerabilities
2011-10-10 00:00:00
debiancve
debiancve
CVE-2011-1071
2011-04-08 15:17:00

0.045 Low

EPSS

Percentile

91.5%

JSON
Related for OPENVAS:1361412562310840501
nessus39securityvulns9openvas62ubuntu1osv3redhat2oraclelinux2centos2debian4slackware1fedora11ubuntucve13veracode6prion13cve13checkpoint_advisories3f58seebug1freebsd1thn2threatpost1gentoo1debiancve1