Search...

Fedora Update for php-ZendFramework FEDORA-2014-8309

2014-07-28T00:00:00

ID OPENVAS:1361412562310868023
Type openvas
Reporter Copyright (C) 2014 Greenbone Networks GmbH
Modified 2019-03-15T00:00:00

Description

The remote host is missing an update for the

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for php-ZendFramework FEDORA-2014-8309
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.868023");
  script_version("$Revision: 14223 $");
  script_tag(name:"last_modification", value:"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $");
  script_tag(name:"creation_date", value:"2014-07-28 16:27:09 +0530 (Mon, 28 Jul 2014)");
  script_cve_id("CVE-2014-4914");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_name("Fedora Update for php-ZendFramework FEDORA-2014-8309");
  script_tag(name:"affected", value:"php-ZendFramework on Fedora 19");
  script_tag(name:"solution", value:"Please install the updated package(s).");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  script_xref(name:"FEDORA", value:"2014-8309");
  script_xref(name:"URL", value:"https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135647.html");
  script_tag(name:"summary", value:"The remote host is missing an update for the 'php-ZendFramework'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC19");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";

if(release == "FC19")
{

  if ((res = isrpmvuln(pkg:"php-ZendFramework", rpm:"php-ZendFramework~1.12.7~1.fc19", rls:"FC19")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:1361412562310868023", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php-ZendFramework FEDORA-2014-8309", "description": "The remote host is missing an update for the ", "published": "2014-07-28T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868023", "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "references": ["https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135647.html", "2014-8309"], "cvelist": ["CVE-2014-4914"], "lastseen": "2019-05-29T18:37:11", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-8309", "CVE-2014-4914"]}, {"type": "openvas", "idList": ["OPENVAS:703265", "OPENVAS:1361412562310868406", "OPENVAS:1361412562310869387", "OPENVAS:1361412562310868404", "OPENVAS:1361412562310120246", "OPENVAS:1361412562310703265", "OPENVAS:1361412562310868018"]}, {"type": "jvn", "idList": ["JVN:71730320"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32176", "SECURITYVULNS:DOC:31240", "SECURITYVULNS:VULN:14479", "SECURITYVULNS:DOC:32109", "SECURITYVULNS:VULN:14025"]}, {"type": "nessus", "idList": ["FEDORA_2014-8309.NASL", "DEBIAN_DLA-251.NASL", "MANDRIVA_MDVSA-2015-097.NASL", "MANDRIVA_MDVSA-2014-145.NASL", "ALA_ALAS-2014-394.NASL", "DEBIAN_DSA-3265.NASL", "FEDORA_2014-8308.NASL"]}, {"type": "fedora", "idList": ["FEDORA:A6F7625D3D", "FEDORA:6065825A07"]}, {"type": "amazon", "idList": ["ALAS-2014-394"]}, {"type": "debian", "idList": ["DEBIAN:DLA-251-1:7D839", "DEBIAN:DSA-3265-1:1C648", "DEBIAN:DSA-3265-2:03C60", "DEBIAN:DLA-251-2:CDAD6"]}], "modified": "2019-05-29T18:37:11", "rev": 2}, "score": {"value": 6.0, "vector": "NONE", "modified": "2019-05-29T18:37:11", "rev": 2}, "vulnersScore": 6.0}, "pluginID": "1361412562310868023", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-ZendFramework FEDORA-2014-8309\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868023\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-28 16:27:09 +0530 (Mon, 28 Jul 2014)\");\n script_cve_id(\"CVE-2014-4914\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php-ZendFramework FEDORA-2014-8309\");\n script_tag(name:\"affected\", value:\"php-ZendFramework on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-8309\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135647.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-ZendFramework'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-ZendFramework\", rpm:\"php-ZendFramework~1.12.7~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}

{"cve": [{"lastseen": "2020-12-09T19:58:25", "description": "The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-29T14:29:00", "title": "CVE-2014-4914", "type": "cve", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4914"], "modified": "2018-01-17T16:50:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:7.0"], "id": "CVE-2014-4914", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4914", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:37:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4914"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-07-28T00:00:00", "id": "OPENVAS:1361412562310868018", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868018", "type": "openvas", "title": "Fedora Update for php-ZendFramework FEDORA-2014-8308", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-ZendFramework FEDORA-2014-8308\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868018\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-28 16:14:17 +0530 (Mon, 28 Jul 2014)\");\n script_cve_id(\"CVE-2014-4914\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php-ZendFramework FEDORA-2014-8308\");\n script_tag(name:\"affected\", value:\"php-ZendFramework on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-8308\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135671.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-ZendFramework'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-ZendFramework\", rpm:\"php-ZendFramework~1.12.7~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T23:01:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4914"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120246", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120246", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-394)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120246\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:21:17 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-394)\");\n\n script_tag(name:\"insight\", value:\"The implementation of the ORDER BY SQL statement in Zend_Db_Select of Zend Framework 1 contains a potential SQL injection\n when the query string passed contains parentheses, as discussed in the referenced vendor advisory.\");\n\n script_xref(name:\"URL\", value:\"http://framework.zend.com/security/advisory/ZF2014-04\");\n script_tag(name:\"solution\", value:\"Run yum update php-ZendFramework to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-394.html\");\n script_cve_id(\"CVE-2014-4914\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Serializer-Adapter-Igbinary\", rpm:\"php-ZendFramework-Serializer-Adapter-Igbinary~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-full\", rpm:\"php-ZendFramework-full~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Db-Adapter-Pdo-Mysql\", rpm:\"php-ZendFramework-Db-Adapter-Pdo-Mysql~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Dojo\", rpm:\"php-ZendFramework-Dojo~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Db-Adapter-Pdo\", rpm:\"php-ZendFramework-Db-Adapter-Pdo~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Pdf\", rpm:\"php-ZendFramework-Pdf~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Services\", rpm:\"php-ZendFramework-Services~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Search-Lucene\", rpm:\"php-ZendFramework-Search-Lucene~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Cache-Backend-Libmemcached\", rpm:\"php-ZendFramework-Cache-Backend-Libmemcached~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework\", rpm:\"php-ZendFramework~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Cache-Backend-Apc\", rpm:\"php-ZendFramework-Cache-Backend-Apc~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-demos\", rpm:\"php-ZendFramework-demos~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Soap\", rpm:\"php-ZendFramework-Soap~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Db-Adapter-Mysqli\", rpm:\"php-ZendFramework-Db-Adapter-Mysqli~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Ldap\", rpm:\"php-ZendFramework-Ldap~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-extras\", rpm:\"php-ZendFramework-extras~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Db-Adapter-Pdo-Pgsql\", rpm:\"php-ZendFramework-Db-Adapter-Pdo-Pgsql~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Captcha\", rpm:\"php-ZendFramework-Captcha~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Db-Adapter-Pdo-Mssql\", rpm:\"php-ZendFramework-Db-Adapter-Pdo-Mssql~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Feed\", rpm:\"php-ZendFramework-Feed~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Auth-Adapter-Ldap\", rpm:\"php-ZendFramework-Auth-Adapter-Ldap~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework-Cache-Backend-Memcached\", rpm:\"php-ZendFramework-Cache-Backend-Memcached~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ZendFramework\", rpm:\"php-ZendFramework~1.12.7~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-02-04T18:47:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3154", "CVE-2014-4914"], "description": "The remote host is missing an update for the ", "modified": "2020-02-04T00:00:00", "published": "2015-06-09T00:00:00", "id": "OPENVAS:1361412562310869387", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869387", "type": "openvas", "title": "Fedora Update for php-ZendFramework FEDORA-2015-8714", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-ZendFramework FEDORA-2015-8714\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869387\");\n script_version(\"2020-02-04T09:04:16+0000\");\n script_tag(name:\"last_modification\", value:\"2020-02-04 09:04:16 +0000 (Tue, 04 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 10:45:40 +0200 (Tue, 09 Jun 2015)\");\n script_cve_id(\"CVE-2014-4914\", \"CVE-2015-3154\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php-ZendFramework FEDORA-2015-8714\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-ZendFramework'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"php-ZendFramework on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-8714\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/159287.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-ZendFramework\", rpm:\"php-ZendFramework~1.12.13~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-02-26T19:00:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8088", "CVE-2014-8089", "CVE-2014-4914"], "description": "Check the version of php-ZendFramework", "modified": "2020-02-25T00:00:00", "published": "2014-10-18T00:00:00", "id": "OPENVAS:1361412562310868406", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868406", "type": "openvas", "title": "Fedora Update for php-ZendFramework FEDORA-2014-12418", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-ZendFramework FEDORA-2014-12418\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868406\");\n script_version(\"2020-02-25T10:11:08+0000\");\n script_tag(name:\"last_modification\", value:\"2020-02-25 10:11:08 +0000 (Tue, 25 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-10-18 05:58:35 +0200 (Sat, 18 Oct 2014)\");\n script_cve_id(\"CVE-2014-4914\", \"CVE-2014-8088\", \"CVE-2014-8089\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php-ZendFramework FEDORA-2014-12418\");\n script_tag(name:\"summary\", value:\"Check the version of php-ZendFramework\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"php-ZendFramework on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-12418\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-October/141106.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-ZendFramework\", rpm:\"php-ZendFramework~1.12.9~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-02-26T19:00:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8088", "CVE-2014-8089", "CVE-2014-4914"], "description": "Check the version of php-ZendFramework", "modified": "2020-02-25T00:00:00", "published": "2014-10-18T00:00:00", "id": "OPENVAS:1361412562310868404", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868404", "type": "openvas", "title": "Fedora Update for php-ZendFramework FEDORA-2014-12344", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-ZendFramework FEDORA-2014-12344\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868404\");\n script_version(\"2020-02-25T10:11:08+0000\");\n script_tag(name:\"last_modification\", value:\"2020-02-25 10:11:08 +0000 (Tue, 25 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-10-18 05:58:33 +0200 (Sat, 18 Oct 2014)\");\n script_cve_id(\"CVE-2014-4914\", \"CVE-2014-8088\", \"CVE-2014-8089\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php-ZendFramework FEDORA-2014-12344\");\n script_tag(name:\"summary\", value:\"Check the version of php-ZendFramework\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"php-ZendFramework on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-12344\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-October/141070.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-ZendFramework\", rpm:\"php-ZendFramework~1.12.9~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:53:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3154", "CVE-2014-8088", "CVE-2012-6532", "CVE-2014-2685", "CVE-2014-2682", "CVE-2014-8089", "CVE-2014-2684", "CVE-2014-4914", "CVE-2012-5657", "CVE-2014-2683", "CVE-2014-2681"], "description": "Multiple vulnerabilities were\ndiscovered in Zend Framework, a PHP framework. Except for CVE-2015-3154 \n, all these issues were already fixed\nin the version initially shipped with Jessie.\n\nCVE-2014-2681Lukas Reschke reported a lack of protection against XML External\nEntity injection attacks in some functions. This fix extends the\nincomplete one from CVE-2012-5657 \n.\n\nCVE-2014-2682Lukas Reschke reported a failure to consider that the\nlibxml_disable_entity_loader setting is shared among threads in the\nPHP-FPM case. This fix extends the incomplete one from\nCVE-2012-5657 \n.\n\nCVE-2014-2683Lukas Reschke reported a lack of protection against XML Entity\nExpansion attacks in some functions. This fix extends the incomplete\none from CVE-2012-6532 \n.\n\nCVE-2014-2684 \nChristian Mainka and Vladislav Mladenov from the Ruhr-University\nBochum reported an error in the consumer", "modified": "2017-07-07T00:00:00", "published": "2015-05-20T00:00:00", "id": "OPENVAS:703265", "href": "http://plugins.openvas.org/nasl.php?oid=703265", "type": "openvas", "title": "Debian Security Advisory DSA 3265-1 (zendframework - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3265.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3265-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703265);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2012-5657\", \"CVE-2012-6532\", \"CVE-2014-2681\", \"CVE-2014-2682\",\n \"CVE-2014-2683\", \"CVE-2014-2684\", \"CVE-2014-2685\", \"CVE-2014-4914\",\n \"CVE-2014-8088\", \"CVE-2014-8089\", \"CVE-2015-3154\");\n script_name(\"Debian Security Advisory DSA 3265-1 (zendframework - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-05-20 00:00:00 +0200 (Wed, 20 May 2015)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3265.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"zendframework on Debian Linux\");\n script_tag(name: \"insight\", value: \"Extending the art & spirit of PHP, Zend\nFramework is based on simplicity, object-oriented best practices, corporate friendly\nlicensing, and a rigorously tested agile codebase. Zend Framework is focused on\nbuilding more secure,reliable, and modern Web 2.0 applications & web services, and\nconsuming widely available APIs from leading vendors like Google, Amazon, Yahoo!,\nFlickr, as well as API providers and cataloguers like StrikeIron and ProgrammableWeb.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 1.11.13-1.1+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.12.9+dfsg-2+deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed\nin version 1.12.12+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.12.12+dfsg-1.\n\nWe recommend that you upgrade your zendframework packages.\");\n script_tag(name: \"summary\", value: \"Multiple vulnerabilities were\ndiscovered in Zend Framework, a PHP framework. Except for CVE-2015-3154 \n, all these issues were already fixed\nin the version initially shipped with Jessie.\n\nCVE-2014-2681Lukas Reschke reported a lack of protection against XML External\nEntity injection attacks in some functions. This fix extends the\nincomplete one from CVE-2012-5657 \n.\n\nCVE-2014-2682Lukas Reschke reported a failure to consider that the\nlibxml_disable_entity_loader setting is shared among threads in the\nPHP-FPM case. This fix extends the incomplete one from\nCVE-2012-5657 \n.\n\nCVE-2014-2683Lukas Reschke reported a lack of protection against XML Entity\nExpansion attacks in some functions. This fix extends the incomplete\none from CVE-2012-6532 \n.\n\nCVE-2014-2684 \nChristian Mainka and Vladislav Mladenov from the Ruhr-University\nBochum reported an error in the consumer's verify method that lead\nto acceptance of wrongly sourced tokens.\n\nCVE-2014-2685 \nChristian Mainka and Vladislav Mladenov from the Ruhr-University\nBochum reported a specification violation in which signing of a\nsingle parameter is incorrectly considered sufficient.\n\nCVE-2014-4914 \nCassiano Dal Pizzol discovered that the implementation of the ORDER\nBY SQL statement in Zend_Db_Select contains a potential SQL\ninjection when the query string passed contains parentheses.\n\nCVE-2014-8088 \nYury Dyachenko at Positive Research Center identified potential XML\neXternal Entity injection vectors due to insecure usage of PHP's DOM\nextension.\n\nCVE-2014-8089 \nJonas Sandstrm discovered an SQL injection vector when manually\nquoting value for sqlsrv extension, using null byte.\n\nCVE-2015-3154 \nFilippo Tessarotto and Maks3w reported potential CRLF injection\nattacks in mail and HTTP headers.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"zendframework\", ver:\"1.11.13-1.1+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zendframework-bin\", ver:\"1.11.13-1.1+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zendframework-resources\", ver:\"1.11.13-1.1+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-02-26T18:58:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3154", "CVE-2014-8088", "CVE-2012-6532", "CVE-2014-2685", "CVE-2014-2682", "CVE-2014-8089", "CVE-2014-2684", "CVE-2014-4914", "CVE-2012-5657", "CVE-2014-2683", "CVE-2014-2681"], "description": "Multiple vulnerabilities were\ndiscovered in Zend Framework, a PHP framework. Except for CVE-2015-3154\n, all these issues were already fixed\nin the version initially shipped with Jessie.\n\nCVE-2014-2681Lukas Reschke reported a lack of protection against XML External\nEntity injection attacks in some functions. This fix extends the\nincomplete one from CVE-2012-5657\n.\n\nCVE-2014-2682Lukas Reschke reported a failure to consider that the\nlibxml_disable_entity_loader setting is shared among threads in the\nPHP-FPM case. This fix extends the incomplete one from\nCVE-2012-5657\n.\n\nCVE-2014-2683Lukas Reschke reported a lack of protection against XML Entity\nExpansion attacks in some functions. This fix extends the incomplete\none from CVE-2012-6532\n.\n\nCVE-2014-2684\nChristian Mainka and Vladislav Mladenov from the Ruhr-University\nBochum reported an error in the consumer", "modified": "2020-02-25T00:00:00", "published": "2015-05-20T00:00:00", "id": "OPENVAS:1361412562310703265", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703265", "type": "openvas", "title": "Debian Security Advisory DSA 3265-1 (zendframework - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# Auto-generated from advisory DSA 3265-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703265\");\n script_version(\"2020-02-25T10:11:08+0000\");\n script_cve_id(\"CVE-2012-5657\", \"CVE-2012-6532\", \"CVE-2014-2681\", \"CVE-2014-2682\",\n \"CVE-2014-2683\", \"CVE-2014-2684\", \"CVE-2014-2685\", \"CVE-2014-4914\",\n \"CVE-2014-8088\", \"CVE-2014-8089\", \"CVE-2015-3154\");\n script_name(\"Debian Security Advisory DSA 3265-1 (zendframework - security update)\");\n script_tag(name:\"last_modification\", value:\"2020-02-25 10:11:08 +0000 (Tue, 25 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-05-20 00:00:00 +0200 (Wed, 20 May 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3265.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"zendframework on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 1.11.13-1.1+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.12.9+dfsg-2+deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed\nin version 1.12.12+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.12.12+dfsg-1.\n\nWe recommend that you upgrade your zendframework packages.\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities were\ndiscovered in Zend Framework, a PHP framework. Except for CVE-2015-3154\n, all these issues were already fixed\nin the version initially shipped with Jessie.\n\nCVE-2014-2681Lukas Reschke reported a lack of protection against XML External\nEntity injection attacks in some functions. This fix extends the\nincomplete one from CVE-2012-5657\n.\n\nCVE-2014-2682Lukas Reschke reported a failure to consider that the\nlibxml_disable_entity_loader setting is shared among threads in the\nPHP-FPM case. This fix extends the incomplete one from\nCVE-2012-5657\n.\n\nCVE-2014-2683Lukas Reschke reported a lack of protection against XML Entity\nExpansion attacks in some functions. This fix extends the incomplete\none from CVE-2012-6532\n.\n\nCVE-2014-2684\nChristian Mainka and Vladislav Mladenov from the Ruhr-University\nBochum reported an error in the consumer's verify method that lead\nto acceptance of wrongly sourced tokens.\n\nCVE-2014-2685\nChristian Mainka and Vladislav Mladenov from the Ruhr-University\nBochum reported a specification violation in which signing of a\nsingle parameter is incorrectly considered sufficient.\n\nCVE-2014-4914\nCassiano Dal Pizzol discovered that the implementation of the ORDER\nBY SQL statement in Zend_Db_Select contains a potential SQL\ninjection when the query string passed contains parentheses.\n\nCVE-2014-8088\nYury Dyachenko at Positive Research Center identified potential XML\neXternal Entity injection vectors due to insecure usage of PHP's DOM\nextension.\n\nCVE-2014-8089\nJonas Sandstrm discovered an SQL injection vector when manually\nquoting value for sqlsrv extension, using null byte.\n\nCVE-2015-3154\nFilippo Tessarotto and Maks3w reported potential CRLF injection\nattacks in mail and HTTP headers.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"zendframework\", ver:\"1.11.13-1.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"zendframework-bin\", ver:\"1.11.13-1.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"zendframework-resources\", ver:\"1.11.13-1.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-07T11:54:40", "description": "A vulnerability has been found and corrected in php-ZendFramework :\n\nThe implementation of the ORDER BY SQL statement in Zend_Db_Select of\nZend Framework 1 contains a potential SQL injection when the query\nstring passed contains parentheses (CVE-2014-4914).\n\nThe updated packages have been upgraded to the latest ZendFramework\n(1.12.7) version which is not vulnerable to this issue.", "edition": 27, "published": "2014-08-01T00:00:00", "title": "Mandriva Linux Security Advisory : php-ZendFramework (MDVSA-2014:145)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4914"], "modified": "2014-08-01T00:00:00", "cpe": ["cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:php-ZendFramework-Captcha", "p-cpe:/a:mandriva:linux:php-ZendFramework-demos", "p-cpe:/a:mandriva:linux:php-ZendFramework-Services", "p-cpe:/a:mandriva:linux:php-ZendFramework-Pdf", "p-cpe:/a:mandriva:linux:php-ZendFramework-Search-Lucene", "p-cpe:/a:mandriva:linux:php-ZendFramework-Cache-Backend-Apc", "p-cpe:/a:mandriva:linux:php-ZendFramework", "p-cpe:/a:mandriva:linux:php-ZendFramework-Cache-Backend-Memcached", "p-cpe:/a:mandriva:linux:php-ZendFramework-Dojo", "p-cpe:/a:mandriva:linux:php-ZendFramework-Gdata", "p-cpe:/a:mandriva:linux:php-ZendFramework-Feed", "p-cpe:/a:mandriva:linux:php-ZendFramework-tests", "p-cpe:/a:mandriva:linux:php-ZendFramework-extras"], "id": "MANDRIVA_MDVSA-2014-145.NASL", "href": "https://www.tenable.com/plugins/nessus/76952", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:145. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76952);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-4914\");\n script_bugtraq_id(68031);\n script_xref(name:\"MDVSA\", value:\"2014:145\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php-ZendFramework (MDVSA-2014:145)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in php-ZendFramework :\n\nThe implementation of the ORDER BY SQL statement in Zend_Db_Select of\nZend Framework 1 contains a potential SQL injection when the query\nstring passed contains parentheses (CVE-2014-4914).\n\nThe updated packages have been upgraded to the latest ZendFramework\n(1.12.7) version which is not vulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://framework.zend.com/security/advisory/ZF2014-04\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Cache-Backend-Apc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Cache-Backend-Memcached\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Captcha\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Dojo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Feed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Gdata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Search-Lucene\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Services\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-ZendFramework-1.12.7-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-ZendFramework-Cache-Backend-Apc-1.12.7-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-ZendFramework-Cache-Backend-Memcached-1.12.7-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-ZendFramework-Captcha-1.12.7-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-ZendFramework-Dojo-1.12.7-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-ZendFramework-Feed-1.12.7-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-ZendFramework-Gdata-1.12.7-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-ZendFramework-Pdf-1.12.7-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-ZendFramework-Search-Lucene-1.12.7-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-ZendFramework-Services-1.12.7-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-ZendFramework-demos-1.12.7-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-ZendFramework-extras-1.12.7-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-ZendFramework-tests-1.12.7-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:13:00", "description": "Update to 1.12.7 fixes CVE-2014-4914 aka. ZF2014-04: Potential SQL\ninjection in the ORDER implementation of Zend_Db_Select\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2014-07-22T00:00:00", "title": "Fedora 20 : php-ZendFramework-1.12.7-1.fc20 (2014-8308)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4914"], "modified": "2014-07-22T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php-ZendFramework", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-8308.NASL", "href": "https://www.tenable.com/plugins/nessus/76626", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-8308.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76626);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-4914\");\n script_bugtraq_id(68031);\n script_xref(name:\"FEDORA\", value:\"2014-8308\");\n\n script_name(english:\"Fedora 20 : php-ZendFramework-1.12.7-1.fc20 (2014-8308)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 1.12.7 fixes CVE-2014-4914 aka. ZF2014-04: Potential SQL\ninjection in the ORDER implementation of Zend_Db_Select\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1117545\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135671.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f5804361\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-ZendFramework package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-ZendFramework\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"php-ZendFramework-1.12.7-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-ZendFramework\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:13:00", "description": "Update to 1.12.7 fixes CVE-2014-4914 aka. ZF2014-04: Potential SQL\ninjection in the ORDER implementation of Zend_Db_Select\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2014-07-22T00:00:00", "title": "Fedora 19 : php-ZendFramework-1.12.7-1.fc19 (2014-8309)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4914"], "modified": "2014-07-22T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:php-ZendFramework"], "id": "FEDORA_2014-8309.NASL", "href": "https://www.tenable.com/plugins/nessus/76627", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-8309.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76627);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-4914\");\n script_bugtraq_id(68031);\n script_xref(name:\"FEDORA\", value:\"2014-8309\");\n\n script_name(english:\"Fedora 19 : php-ZendFramework-1.12.7-1.fc19 (2014-8309)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 1.12.7 fixes CVE-2014-4914 aka. ZF2014-04: Potential SQL\ninjection in the ORDER implementation of Zend_Db_Select\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1117545\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135647.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5d7c67b0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-ZendFramework package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-ZendFramework\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"php-ZendFramework-1.12.7-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-ZendFramework\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T01:18:54", "description": "The implementation of the ORDER BY SQL statement in Zend_Db_Select of\nZend Framework 1 contains a potential SQL injection when the query\nstring passed contains parentheses, as discussed in\nhttp://framework.zend.com/security/advisory/ZF2014-04.", "edition": 28, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2014-10-12T00:00:00", "title": "Amazon Linux AMI : php-ZendFramework (ALAS-2014-394)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4914"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php-ZendFramework-Cache-Backend-Libmemcached", "p-cpe:/a:amazon:linux:php-ZendFramework-extras", "p-cpe:/a:amazon:linux:php-ZendFramework-Db-Adapter-Pdo-Pgsql", "p-cpe:/a:amazon:linux:php-ZendFramework-Pdf", "p-cpe:/a:amazon:linux:php-ZendFramework-Cache-Backend-Memcached", "p-cpe:/a:amazon:linux:php-ZendFramework-Db-Adapter-Pdo-Mssql", "p-cpe:/a:amazon:linux:php-ZendFramework-demos", "p-cpe:/a:amazon:linux:php-ZendFramework-Ldap", "p-cpe:/a:amazon:linux:php-ZendFramework-Auth-Adapter-Ldap", "p-cpe:/a:amazon:linux:php-ZendFramework-Search-Lucene", "p-cpe:/a:amazon:linux:php-ZendFramework-Soap", "p-cpe:/a:amazon:linux:php-ZendFramework-Captcha", "p-cpe:/a:amazon:linux:php-ZendFramework-Cache-Backend-Apc", "p-cpe:/a:amazon:linux:php-ZendFramework-Db-Adapter-Mysqli", "p-cpe:/a:amazon:linux:php-ZendFramework-Services", "p-cpe:/a:amazon:linux:php-ZendFramework-Db-Adapter-Pdo-Mysql", "p-cpe:/a:amazon:linux:php-ZendFramework-full", "p-cpe:/a:amazon:linux:php-ZendFramework-Serializer-Adapter-Igbinary", "p-cpe:/a:amazon:linux:php-ZendFramework", "p-cpe:/a:amazon:linux:php-ZendFramework-Dojo", "p-cpe:/a:amazon:linux:php-ZendFramework-Feed", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:php-ZendFramework-Db-Adapter-Pdo"], "id": "ALA_ALAS-2014-394.NASL", "href": "https://www.tenable.com/plugins/nessus/78337", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-394.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78337);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/11/19 11:02:41\");\n\n script_cve_id(\"CVE-2014-4914\");\n script_xref(name:\"ALAS\", value:\"2014-394\");\n\n script_name(english:\"Amazon Linux AMI : php-ZendFramework (ALAS-2014-394)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The implementation of the ORDER BY SQL statement in Zend_Db_Select of\nZend Framework 1 contains a potential SQL injection when the query\nstring passed contains parentheses, as discussed in\nhttp://framework.zend.com/security/advisory/ZF2014-04.\"\n );\n # http://framework.zend.com/security/advisory/ZF2014-04\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://framework.zend.com/security/advisory/ZF2014-04\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-394.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php-ZendFramework' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Auth-Adapter-Ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Cache-Backend-Apc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Cache-Backend-Libmemcached\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Cache-Backend-Memcached\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Captcha\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Db-Adapter-Mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Db-Adapter-Pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Db-Adapter-Pdo-Mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Db-Adapter-Pdo-Mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Db-Adapter-Pdo-Pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Dojo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Feed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Search-Lucene\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Serializer-Adapter-Igbinary\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Services\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-Soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ZendFramework-full\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Auth-Adapter-Ldap-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Cache-Backend-Apc-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Cache-Backend-Libmemcached-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Cache-Backend-Memcached-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Captcha-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Db-Adapter-Mysqli-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Db-Adapter-Pdo-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Db-Adapter-Pdo-Mssql-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Db-Adapter-Pdo-Mysql-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Db-Adapter-Pdo-Pgsql-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Dojo-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Feed-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Ldap-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Pdf-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Search-Lucene-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Serializer-Adapter-Igbinary-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Services-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-Soap-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-demos-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-extras-1.12.7-1.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ZendFramework-full-1.12.7-1.9.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-ZendFramework / php-ZendFramework-Auth-Adapter-Ldap / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T11:51:40", "description": "Updated php-ZendFramework packages fix multiple vulnerabilities :\n\nXML eXternal Entity (XXE) and XML Entity Expansion (XEE) flaws were\ndiscovered in the Zend Framework. An attacker could use these flaws to\ncause a denial of service, access files accessible to the server\nprocess, or possibly perform other more advanced XML External Entity\n(XXE) attacks (CVE-2014-2681, CVE-2014-2682, CVE-2014-2683).\n\nUsing the Consumer component of Zend_OpenId, it is possible to login\nusing an arbitrary OpenID account (without knowing any secret\ninformation) by using a malicious OpenID Provider. That means OpenID\nit is possible to login using arbitrary OpenID Identity (MyOpenID,\nGoogle, etc), which are not under the control of our own OpenID\nProvider. Thus, we are able to impersonate any OpenID Identity against\nthe framework (CVE-2014-2684, CVE-2014-2685).\n\nThe implementation of the ORDER BY SQL statement in Zend_Db_Select of\nZend Framework 1 contains a potential SQL injection when the query\nstring passed contains parentheses (CVE-2014-4914).\n\nDue to a bug in PHP's LDAP extension, when ZendFramework's Zend_ldap\nclass is used for logins, an attacker can login as any user by using a\nnull byte to bypass the empty password check and perform an\nunauthenticated LDAP bind (CVE-2014-8088).\n\nThe sqlsrv PHP extension, which provides the ability to connect to\nMicrosoft SQL Server from PHP, does not provide a built-in quoting\nmechanism for manually quoting values to pass via SQL queries;\ndevelopers are encouraged to use prepared statements. Zend Framework\nprovides quoting mechanisms via Zend_Db_Adapter_Sqlsrv which uses the\nrecommended double single quote ('') as quoting delimiters. SQL Server\ntreats null bytes in a query as a string terminator, allowing an\nattacker to add arbitrary SQL following a null byte, and thus create a\nSQL injection (CVE-2014-8089).", "edition": 25, "published": "2015-03-30T00:00:00", "title": "Mandriva Linux Security Advisory : php-ZendFramework (MDVSA-2015:097)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8088", "CVE-2014-2685", "CVE-2014-2682", "CVE-2014-8089", "CVE-2014-2684", "CVE-2014-4914", "CVE-2014-2683", "CVE-2014-2681"], "modified": "2015-03-30T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:php-ZendFramework-Captcha", "cpe:/o:mandriva:business_server:2", "p-cpe:/a:mandriva:linux:php-ZendFramework-demos", "p-cpe:/a:mandriva:linux:php-ZendFramework-Services", "p-cpe:/a:mandriva:linux:php-ZendFramework-Pdf", "p-cpe:/a:mandriva:linux:php-ZendFramework-Search-Lucene", "p-cpe:/a:mandriva:linux:php-ZendFramework-Cache-Backend-Apc", "p-cpe:/a:mandriva:linux:php-ZendFramework", "p-cpe:/a:mandriva:linux:php-ZendFramework-Cache-Backend-Memcached", "p-cpe:/a:mandriva:linux:php-ZendFramework-Dojo", "p-cpe:/a:mandriva:linux:php-ZendFramework-Gdata", "p-cpe:/a:mandriva:linux:php-ZendFramework-Feed", "p-cpe:/a:mandriva:linux:php-ZendFramework-tests", "p-cpe:/a:mandriva:linux:php-ZendFramework-extras"], "id": "MANDRIVA_MDVSA-2015-097.NASL", "href": "https://www.tenable.com/plugins/nessus/82350", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:097. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82350);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-2681\", \"CVE-2014-2682\", \"CVE-2014-2683\", \"CVE-2014-2684\", \"CVE-2014-2685\", \"CVE-2014-4914\", \"CVE-2014-8088\", \"CVE-2014-8089\");\n script_xref(name:\"MDVSA\", value:\"2015:097\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php-ZendFramework (MDVSA-2015:097)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php-ZendFramework packages fix multiple vulnerabilities :\n\nXML eXternal Entity (XXE) and XML Entity Expansion (XEE) flaws were\ndiscovered in the Zend Framework. An attacker could use these flaws to\ncause a denial of service, access files accessible to the server\nprocess, or possibly perform other more advanced XML External Entity\n(XXE) attacks (CVE-2014-2681, CVE-2014-2682, CVE-2014-2683).\n\nUsing the Consumer component of Zend_OpenId, it is possible to login\nusing an arbitrary OpenID account (without knowing any secret\ninformation) by using a malicious OpenID Provider. That means OpenID\nit is possible to login using arbitrary OpenID Identity (MyOpenID,\nGoogle, etc), which are not under the control of our own OpenID\nProvider. Thus, we are able to impersonate any OpenID Identity against\nthe framework (CVE-2014-2684, CVE-2014-2685).\n\nThe implementation of the ORDER BY SQL statement in Zend_Db_Select of\nZend Framework 1 contains a potential SQL injection when the query\nstring passed contains parentheses (CVE-2014-4914).\n\nDue to a bug in PHP's LDAP extension, when ZendFramework's Zend_ldap\nclass is used for logins, an attacker can login as any user by using a\nnull byte to bypass the empty password check and perform an\nunauthenticated LDAP bind (CVE-2014-8088).\n\nThe sqlsrv PHP extension, which provides the ability to connect to\nMicrosoft SQL Server from PHP, does not provide a built-in quoting\nmechanism for manually quoting values to pass via SQL queries;\ndevelopers are encouraged to use prepared statements. Zend Framework\nprovides quoting mechanisms via Zend_Db_Adapter_Sqlsrv which uses the\nrecommended double single quote ('') as quoting delimiters. SQL Server\ntreats null bytes in a query as a string terminator, allowing an\nattacker to add arbitrary SQL following a null byte, and thus create a\nSQL injection (CVE-2014-8089).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0151.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0311.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0434.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Cache-Backend-Apc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Cache-Backend-Memcached\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Captcha\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Dojo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Feed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Gdata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Search-Lucene\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-Services\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ZendFramework-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-ZendFramework-1.12.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-ZendFramework-Cache-Backend-Apc-1.12.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-ZendFramework-Cache-Backend-Memcached-1.12.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-ZendFramework-Captcha-1.12.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-ZendFramework-Dojo-1.12.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-ZendFramework-Feed-1.12.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-ZendFramework-Gdata-1.12.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-ZendFramework-Pdf-1.12.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-ZendFramework-Search-Lucene-1.12.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-ZendFramework-Services-1.12.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-ZendFramework-demos-1.12.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-ZendFramework-extras-1.12.9-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-ZendFramework-tests-1.12.9-1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:49:07", "description": "Multiple vulnerabilities were discovered in Zend Framework, a PHP\nframework. Except for CVE-2015-3154, all these issues were already\nfixed in the version initially shipped with Jessie.\n\n - CVE-2014-2681\n Lukas Reschke reported a lack of protection against XML\n External Entity injection attacks in some functions.\n This fix extends the incomplete one from CVE-2012-5657.\n\n - CVE-2014-2682\n Lukas Reschke reported a failure to consider that the\n libxml_disable_entity_loader setting is shared among\n threads in the PHP-FPM case. This fix extends the\n incomplete one from CVE-2012-5657.\n\n - CVE-2014-2683\n Lukas Reschke reported a lack of protection against XML\n Entity Expansion attacks in some functions. This fix\n extends the incomplete one from CVE-2012-6532.\n\n - CVE-2014-2684\n Christian Mainka and Vladislav Mladenov from the\n Ruhr-University Bochum reported an error in the\n consumer's verify method that lead to acceptance of\n wrongly sourced tokens.\n\n - CVE-2014-2685\n Christian Mainka and Vladislav Mladenov from the\n Ruhr-University Bochum reported a specification\n violation in which signing of a single parameter is\n incorrectly considered sufficient.\n\n - CVE-2014-4914\n Cassiano Dal Pizzol discovered that the implementation\n of the ORDER BY SQL statement in Zend_Db_Select contains\n a potential SQL injection when the query string passed\n contains parentheses.\n\n - CVE-2014-8088\n Yury Dyachenko at Positive Research Center identified\n potential XML eXternal Entity injection vectors due to\n insecure usage of PHP's DOM extension.\n\n - CVE-2014-8089\n Jonas Sandstrom discovered a SQL injection vector when\n manually quoting value for sqlsrv extension, using null\n byte.\n\n - CVE-2015-3154\n Filippo Tessarotto and Maks3w reported potential CRLF\n injection attacks in mail and HTTP headers.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-05-21T00:00:00", "title": "Debian DSA-3265-1 : zendframework - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3154", "CVE-2014-8088", "CVE-2012-6532", "CVE-2014-2685", "CVE-2014-2682", "CVE-2014-8089", "CVE-2014-2684", "CVE-2014-4914", "CVE-2012-5657", "CVE-2014-2683", "CVE-2014-2681"], "modified": "2015-05-21T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:zendframework", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3265.NASL", "href": "https://www.tenable.com/plugins/nessus/83748", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3265. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83748);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-2681\", \"CVE-2014-2682\", \"CVE-2014-2683\", \"CVE-2014-2684\", \"CVE-2014-2685\", \"CVE-2014-4914\", \"CVE-2014-8088\", \"CVE-2014-8089\", \"CVE-2015-3154\");\n script_bugtraq_id(66358, 68031, 70011, 70378, 74561);\n script_xref(name:\"DSA\", value:\"3265\");\n\n script_name(english:\"Debian DSA-3265-1 : zendframework - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered in Zend Framework, a PHP\nframework. Except for CVE-2015-3154, all these issues were already\nfixed in the version initially shipped with Jessie.\n\n - CVE-2014-2681\n Lukas Reschke reported a lack of protection against XML\n External Entity injection attacks in some functions.\n This fix extends the incomplete one from CVE-2012-5657.\n\n - CVE-2014-2682\n Lukas Reschke reported a failure to consider that the\n libxml_disable_entity_loader setting is shared among\n threads in the PHP-FPM case. This fix extends the\n incomplete one from CVE-2012-5657.\n\n - CVE-2014-2683\n Lukas Reschke reported a lack of protection against XML\n Entity Expansion attacks in some functions. This fix\n extends the incomplete one from CVE-2012-6532.\n\n - CVE-2014-2684\n Christian Mainka and Vladislav Mladenov from the\n Ruhr-University Bochum reported an error in the\n consumer's verify method that lead to acceptance of\n wrongly sourced tokens.\n\n - CVE-2014-2685\n Christian Mainka and Vladislav Mladenov from the\n Ruhr-University Bochum reported a specification\n violation in which signing of a single parameter is\n incorrectly considered sufficient.\n\n - CVE-2014-4914\n Cassiano Dal Pizzol discovered that the implementation\n of the ORDER BY SQL statement in Zend_Db_Select contains\n a potential SQL injection when the query string passed\n contains parentheses.\n\n - CVE-2014-8088\n Yury Dyachenko at Positive Research Center identified\n potential XML eXternal Entity injection vectors due to\n insecure usage of PHP's DOM extension.\n\n - CVE-2014-8089\n Jonas Sandstrom discovered a SQL injection vector when\n manually quoting value for sqlsrv extension, using null\n byte.\n\n - CVE-2015-3154\n Filippo Tessarotto and Maks3w reported potential CRLF\n injection attacks in mail and HTTP headers.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743175\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754201\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-3154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-2681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-5657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-2682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-5657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-2683\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-6532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-2684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-2685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-4914\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-8088\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-8089\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-3154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/zendframework\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/zendframework\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3265\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the zendframework packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 1.11.13-1.1+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 1.12.9+dfsg-2+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:zendframework\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"zendframework\", reference:\"1.11.13-1.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"zendframework-bin\", reference:\"1.11.13-1.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"zendframework-resources\", reference:\"1.11.13-1.1+deb7u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zendframework\", reference:\"1.12.9+dfsg-2+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zendframework-bin\", reference:\"1.12.9+dfsg-2+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zendframework-resources\", reference:\"1.12.9+dfsg-2+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:43:35", "description": "The previous zendframework upload incorrectly fixes CVE-2015-3154,\ncausing a regression. This update corrects this problem. Thanks to\nЕвгений\nСмолин (Evgeny Smolin)\n<esmolin@inbox.ru>.\n\nCVE-2012-6531\n\nPádraic Brady identified a weakness to handle the\nSimpleXMLElement zendframework class, allowing to remote attackers to\nread arbitrary files or create TCP connections via an XML external\nentity (XXE) injection attack.\n\nCVE-2012-6532\n\nPádraic Brady found that remote attackers could cause a denial\nof service by CPU consumption, via recursive or circular references\nthrough an XML entity expansion (XEE) attack.\n\nCVE-2014-2681\n\nLukas Reschke reported a lack of protection against XML External\nEntity injection attacks in some functions. This fix extends the\nincomplete one from CVE-2012-5657.\n\nCVE-2014-2682\n\nLukas Reschke reported a failure to consider that the\nlibxml_disable_entity_loader setting is shared among threads in the\nPHP-FPM case. This fix extends the incomplete one from CVE-2012-5657.\n\nCVE-2014-2683\n\nLukas Reschke reported a lack of protection against XML Entity\nExpansion attacks in some functions. This fix extends the incomplete\none from CVE-2012-6532.\n\nCVE-2014-2684\n\nChristian Mainka and Vladislav Mladenov from the Ruhr-University\nBochum reported an error in the consumer's verify method that lead to\nacceptance of wrongly sourced tokens.\n\nCVE-2014-2685\n\nChristian Mainka and Vladislav Mladenov from the Ruhr-University\nBochum reported a specification violation in which signing of a single\nparameter is incorrectly considered sufficient.\n\nCVE-2014-4914\n\nCassiano Dal Pizzol discovered that the implementation of the ORDER BY\nSQL statement in Zend_Db_Select contains a potential SQL injection\nwhen the query string passed contains parentheses.\n\nCVE-2014-8088\n\nYury Dyachenko at Positive Research Center identified potential XML\neXternal Entity injection vectors due to insecure usage of PHP's DOM\nextension.\n\nCVE-2014-8089\n\nJonas Sandström discovered a SQL injection vector when manually\nquoting value for sqlsrv extension, using null byte.\n\nCVE-2015-3154\n\nFilippo Tessarotto and Maks3w reported potential CRLF injection\nattacks in mail and HTTP headers.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 16, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-06-22T00:00:00", "title": "Debian DLA-251-2 : zendframework regression update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-3154", "CVE-2014-8088", "CVE-2012-6532", "CVE-2014-2685", "CVE-2014-2682", "CVE-2012-6531", "CVE-2014-8089", "CVE-2014-2684", "CVE-2014-4914", "CVE-2012-5657", "CVE-2014-2683", "CVE-2014-2681"], "modified": "2015-06-22T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:zendframework-bin", "p-cpe:/a:debian:debian_linux:zendframework"], "id": "DEBIAN_DLA-251.NASL", "href": "https://www.tenable.com/plugins/nessus/84297", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-251-2. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84297);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-6531\", \"CVE-2012-6532\", \"CVE-2014-2681\", \"CVE-2014-2682\", \"CVE-2014-2683\", \"CVE-2014-2684\", \"CVE-2014-2685\", \"CVE-2014-4914\", \"CVE-2014-8088\", \"CVE-2014-8089\", \"CVE-2015-3154\");\n script_bugtraq_id(57977, 66358, 68031, 70011, 70378, 74561);\n\n script_name(english:\"Debian DLA-251-2 : zendframework regression update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The previous zendframework upload incorrectly fixes CVE-2015-3154,\ncausing a regression. This update corrects this problem. Thanks to\nЕвгений\nСмолин (Evgeny Smolin)\n<esmolin@inbox.ru>.\n\nCVE-2012-6531\n\nPádraic Brady identified a weakness to handle the\nSimpleXMLElement zendframework class, allowing to remote attackers to\nread arbitrary files or create TCP connections via an XML external\nentity (XXE) injection attack.\n\nCVE-2012-6532\n\nPádraic Brady found that remote attackers could cause a denial\nof service by CPU consumption, via recursive or circular references\nthrough an XML entity expansion (XEE) attack.\n\nCVE-2014-2681\n\nLukas Reschke reported a lack of protection against XML External\nEntity injection attacks in some functions. This fix extends the\nincomplete one from CVE-2012-5657.\n\nCVE-2014-2682\n\nLukas Reschke reported a failure to consider that the\nlibxml_disable_entity_loader setting is shared among threads in the\nPHP-FPM case. This fix extends the incomplete one from CVE-2012-5657.\n\nCVE-2014-2683\n\nLukas Reschke reported a lack of protection against XML Entity\nExpansion attacks in some functions. This fix extends the incomplete\none from CVE-2012-6532.\n\nCVE-2014-2684\n\nChristian Mainka and Vladislav Mladenov from the Ruhr-University\nBochum reported an error in the consumer's verify method that lead to\nacceptance of wrongly sourced tokens.\n\nCVE-2014-2685\n\nChristian Mainka and Vladislav Mladenov from the Ruhr-University\nBochum reported a specification violation in which signing of a single\nparameter is incorrectly considered sufficient.\n\nCVE-2014-4914\n\nCassiano Dal Pizzol discovered that the implementation of the ORDER BY\nSQL statement in Zend_Db_Select contains a potential SQL injection\nwhen the query string passed contains parentheses.\n\nCVE-2014-8088\n\nYury Dyachenko at Positive Research Center identified potential XML\neXternal Entity injection vectors due to insecure usage of PHP's DOM\nextension.\n\nCVE-2014-8089\n\nJonas Sandström discovered a SQL injection vector when manually\nquoting value for sqlsrv extension, using null byte.\n\nCVE-2015-3154\n\nFilippo Tessarotto and Maks3w reported potential CRLF injection\nattacks in mail and HTTP headers.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/06/msg00019.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/zendframework\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected zendframework, and zendframework-bin packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:zendframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:zendframework-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"zendframework\", reference:\"1.10.6-1squeeze4\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"zendframework-bin\", reference:\"1.10.6-1squeeze4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4914"], "description": "Extending the art & spirit of PHP, Zend Framework is based on simplicity, object-oriented best practices, corporate friendly licensing, and a rigorou sly tested agile code base. Zend Framework is focused on building more secure, reliable, and modern Web 2.0 applications & web services, and consuming wid ely available APIs from leading vendors like Google, Amazon, Yahoo!, Flickr, as well as API providers and catalogers like StrikeIron and ProgrammableWeb. ", "modified": "2014-07-22T03:29:47", "published": "2014-07-22T03:29:47", "id": "FEDORA:6065825A07", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: php-ZendFramework-1.12.7-1.fc19", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4914"], "description": "Extending the art & spirit of PHP, Zend Framework is based on simplicity, object-oriented best practices, corporate friendly licensing, and a rigorou sly tested agile code base. Zend Framework is focused on building more secure, reliable, and modern Web 2.0 applications & web services, and consuming wid ely available APIs from leading vendors like Google, Amazon, Yahoo!, Flickr, as well as API providers and catalogers like StrikeIron and ProgrammableWeb. ", "modified": "2014-07-22T03:32:31", "published": "2014-07-22T03:32:31", "id": "FEDORA:A6F7625D3D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: php-ZendFramework-1.12.7-1.fc20", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "jvn": [{"lastseen": "2019-05-29T19:49:17", "bulletinFamily": "info", "cvelist": ["CVE-2014-4914"], "description": "\n ## Description\n\nZend Framework is an open source web application framework. Zend Framework contains an SQL injection vulnerability (CWE-89) due to the argument of the ORDER BY clause.\n\n ## Impact\n\nAn attacker who can access the product may execute SQL commands.\n\n ## Solution\n\n**Update the Software** \nUpdate to the latest version according to the information provided by the developer. \nThis vulnerability has been addressed on 26 August, 2014.\n\n ## Products Affected\n\n * Zend Framework 1.12.7 and earlier\n", "edition": 6, "modified": "2015-12-11T00:00:00", "published": "2015-12-11T00:00:00", "id": "JVN:71730320", "href": "http://jvn.jp/en/jp/JVN71730320/index.html", "title": "JVN#71730320: Zend Framework vulnerable to SQL injection", "type": "jvn", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:36:07", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4914"], "description": "**Issue Overview:**\n\nThe implementation of the ORDER BY SQL statement in Zend_Db_Select of Zend Framework 1 contains a potential SQL injection when the query string passed contains parentheses, as discussed in <http://framework.zend.com/security/advisory/ZF2014-04>.\n\n \n**Affected Packages:** \n\n\nphp-ZendFramework\n\n \n**Issue Correction:** \nRun _yum update php-ZendFramework_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n noarch: \n php-ZendFramework-Serializer-Adapter-Igbinary-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-full-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Db-Adapter-Pdo-Mysql-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Dojo-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Db-Adapter-Pdo-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Pdf-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Services-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Search-Lucene-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Cache-Backend-Libmemcached-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Cache-Backend-Apc-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-demos-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Soap-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Db-Adapter-Mysqli-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Ldap-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-extras-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Db-Adapter-Pdo-Pgsql-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Captcha-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Db-Adapter-Pdo-Mssql-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Feed-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Auth-Adapter-Ldap-1.12.7-1.9.amzn1.noarch \n php-ZendFramework-Cache-Backend-Memcached-1.12.7-1.9.amzn1.noarch \n \n src: \n php-ZendFramework-1.12.7-1.9.amzn1.src \n \n \n", "edition": 4, "modified": "2014-08-21T11:18:00", "published": "2014-08-21T11:18:00", "id": "ALAS-2014-394", "href": "https://alas.aws.amazon.com/ALAS-2014-394.html", "title": "Medium: php-ZendFramework", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:54", "bulletinFamily": "software", "cvelist": ["CVE-2014-4914"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2014:145\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : php-ZendFramework\r\n Date : July 31, 2014\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been found and corrected in php-ZendFramework:\r\n \r\n The implementation of the ORDER BY SQL statement in Zend_Db_Select\r\n of Zend Framework 1 contains a potential SQL injection when the query\r\n string passed contains parentheses (CVE-2014-4914).\r\n \r\n The updated packages have been upgraded to the latest ZendFramework\r\n (1.12.7) version which is not vulnerable to this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4914\r\n http://framework.zend.com/security/advisory/ZF2014-04\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n f9e5804a58b8af73a972bfa0a2da6284 mbs1/x86_64/php-ZendFramework-1.12.7-1.mbs1.noarch.rpm\r\n 1a5d10af134d2b517d3752a8119b2339 mbs1/x86_64/php-ZendFramework-Cache-Backend-Apc-1.12.7-1.mbs1.noarch.rpm\r\n 1d37c1497156c59d7539333b2b413e8b mbs1/x86_64/php-ZendFramework-Cache-Backend-Memcached-1.12.7-1.mbs1.noarch.rpm\r\n 99414b75a630264f9dcfe4c8dfa53e6e mbs1/x86_64/php-ZendFramework-Captcha-1.12.7-1.mbs1.noarch.rpm\r\n 9ac1fb5c76b9f0b71abf1bf90a273ebd mbs1/x86_64/php-ZendFramework-demos-1.12.7-1.mbs1.noarch.rpm\r\n d25f8e0658bbe3ce7f026d20baeebadf mbs1/x86_64/php-ZendFramework-Dojo-1.12.7-1.mbs1.noarch.rpm\r\n 75218f17b04edc9c422aa8117239411d mbs1/x86_64/php-ZendFramework-extras-1.12.7-1.mbs1.noarch.rpm\r\n 9ca8a5d6aa73e77f2e679e5020be0d41 mbs1/x86_64/php-ZendFramework-Feed-1.12.7-1.mbs1.noarch.rpm\r\n 46c3592a516b33b3f30fa6603d9085b7 mbs1/x86_64/php-ZendFramework-Gdata-1.12.7-1.mbs1.noarch.rpm\r\n aecf3e6879dca04b9084660c5f490626 mbs1/x86_64/php-ZendFramework-Pdf-1.12.7-1.mbs1.noarch.rpm\r\n 44829853ef1ac199da93b5affaec8070 mbs1/x86_64/php-ZendFramework-Search-Lucene-1.12.7-1.mbs1.noarch.rpm\r\n 2338a7798d2ce6f72666a1fcedfe9b72 mbs1/x86_64/php-ZendFramework-Services-1.12.7-1.mbs1.noarch.rpm\r\n 914762e556834e2ce9e17d6d10ad81a0 mbs1/x86_64/php-ZendFramework-tests-1.12.7-1.mbs1.noarch.rpm \r\n a8bd5d5bc7c4c8579278e22650a4d3be mbs1/SRPMS/php-ZendFramework-1.12.7-1.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFT2esDmqjQ0CJFipgRAuIqAKDiZkSxIOcYE5rqlzO9pcoZdzQe5QCdF8EM\r\nFqiUcm9b3m34mIxKJh1+ePU=\r\n=aLqo\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2014-10-15T00:00:00", "published": "2014-10-15T00:00:00", "id": "SECURITYVULNS:DOC:31240", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31240", "title": "[ MDVSA-2014:145 ] php-ZendFramework", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:59", "bulletinFamily": "software", "cvelist": ["CVE-2014-8088", "CVE-2014-2685", "CVE-2014-2682", "CVE-2014-8089", "CVE-2014-2684", "CVE-2014-4914", "CVE-2014-2683", "CVE-2014-2681"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2015:097\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : php-ZendFramework\r\n Date : March 28, 2015\r\n Affected: Business Server 2.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Updated php-ZendFramework packages fix multiple vulnerabilities:\r\n \r\n XML eXternal Entity (XXE) and XML Entity Expansion (XEE) flaws were\r\n discovered in the Zend Framework. An attacker could use these flaws\r\n to cause a denial of service, access files accessible to the server\r\n process, or possibly perform other more advanced XML External Entity\r\n (XXE) attacks (CVE-2014-2681, CVE-2014-2682, CVE-2014-2683).\r\n \r\n Using the Consumer component of Zend_OpenId, it is possible to\r\n login using an arbitrary OpenID account (without knowing any secret\r\n information) by using a malicious OpenID Provider. That means OpenID it\r\n is possible to login using arbitrary OpenID Identity (MyOpenID, Google,\r\n etc), which are not under the control of our own OpenID Provider. Thus,\r\n we are able to impersonate any OpenID Identity against the framework\r\n (CVE-2014-2684, CVE-2014-2685).\r\n \r\n The implementation of the ORDER BY SQL statement in Zend_Db_Select\r\n of Zend Framework 1 contains a potential SQL injection when the query\r\n string passed contains parentheses (CVE-2014-4914).\r\n \r\n Due to a bug in PHP's LDAP extension, when ZendFramework's Zend_ldap\r\n class is used for logins, an attacker can login as any user by\r\n using a null byte to bypass the empty password check and perform an\r\n unauthenticated LDAP bind (CVE-2014-8088).\r\n \r\n The sqlsrv PHP extension, which provides the ability to connect to\r\n Microsoft SQL Server from PHP, does not provide a built-in quoting\r\n mechanism for manually quoting values to pass via SQL queries;\r\n developers are encouraged to use prepared statements. Zend Framework\r\n provides quoting mechanisms via Zend_Db_Adapter_Sqlsrv which uses\r\n the recommended double single quote ('') as quoting delimiters. SQL\r\n Server treats null bytes in a query as a string terminator, allowing\r\n an attacker to add arbitrary SQL following a null byte, and thus\r\n create a SQL injection (CVE-2014-8089).\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2681\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2682\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2683\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2684\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2685\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4914\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8088\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8089\r\n http://advisories.mageia.org/MGASA-2014-0151.html\r\n http://advisories.mageia.org/MGASA-2014-0311.html\r\n http://advisories.mageia.org/MGASA-2014-0434.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 2/X86_64:\r\n 02c3b9ebdbe452af6df77ddaf6ca70f4 mbs2/x86_64/php-ZendFramework-1.12.9-1.mbs2.noarch.rpm\r\n 7ee9abec95d67fac97b10885f2dfd177 mbs2/x86_64/php-ZendFramework-Cache-Backend-Apc-1.12.9-1.mbs2.noarch.rpm\r\n f2350b242c7b25969be3c4d3bfc46bd0 mbs2/x86_64/php-ZendFramework-Cache-Backend-Memcached-1.12.9-1.mbs2.noarch.rpm\r\n c6635e6de414967f9f0b412a8b9ff952 mbs2/x86_64/php-ZendFramework-Captcha-1.12.9-1.mbs2.noarch.rpm\r\n 177c35ecd6b3fff97533e8420ba61ba0 mbs2/x86_64/php-ZendFramework-demos-1.12.9-1.mbs2.noarch.rpm\r\n 55d294c2c615919e2510e92f3ba75a97 mbs2/x86_64/php-ZendFramework-Dojo-1.12.9-1.mbs2.noarch.rpm\r\n 7746384bf97f55a83d2496704576efed mbs2/x86_64/php-ZendFramework-extras-1.12.9-1.mbs2.noarch.rpm\r\n aac972c659c681b0334a98c5d2999134 mbs2/x86_64/php-ZendFramework-Feed-1.12.9-1.mbs2.noarch.rpm\r\n f2675cbbeabf8da77e51e9bb155dad67 mbs2/x86_64/php-ZendFramework-Gdata-1.12.9-1.mbs2.noarch.rpm\r\n cde54247acb864f63e957c55e3688c42 mbs2/x86_64/php-ZendFramework-Pdf-1.12.9-1.mbs2.noarch.rpm\r\n 525f594e3b2d939163d898debd94a77e mbs2/x86_64/php-ZendFramework-Search-Lucene-1.12.9-1.mbs2.noarch.rpm\r\n f90cc7d553dc697b77c4ece07b53ce71 mbs2/x86_64/php-ZendFramework-Services-1.12.9-1.mbs2.noarch.rpm\r\n 22be7f86bf806cca47ab64edd9d2d2eb mbs2/x86_64/php-ZendFramework-tests-1.12.9-1.mbs2.noarch.rpm \r\n 2b72d33582d8ec662cebcad5ba58fce7 mbs2/SRPMS/php-ZendFramework-1.12.9-1.mbs2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFVFnlJmqjQ0CJFipgRAjaEAKDzxIBZeklYyKqSbiDpdO3pLGPxugCgkJ8t\r\nPwkLG01bbegH7ISNqzJezXU=\r\n=IXGe\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2015-05-12T00:00:00", "published": "2015-05-12T00:00:00", "id": "SECURITYVULNS:DOC:32109", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32109", "title": "[ MDVSA-2015:097 ] php-ZendFramework", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:59", "bulletinFamily": "software", "cvelist": ["CVE-2015-3154", "CVE-2014-8088", "CVE-2012-6532", "CVE-2014-2685", "CVE-2014-2682", "CVE-2014-8089", "CVE-2014-2684", "CVE-2014-4914", "CVE-2012-5657", "CVE-2014-2683", "CVE-2014-2681"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-3265-1 security@debian.org\r\nhttp://www.debian.org/security/ David PrA\u00a9vot\r\nMay 20, 2015 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : zendframework\r\nCVE ID : CVE-2014-2681 CVE-2014-2682 CVE-2014-2683 CVE-2014-2684 \r\n CVE-2014-2685 CVE-2014-4914 CVE-2014-8088 CVE-2014-8089 \r\n CVE-2015-3154\r\nDebian Bug : 743175 754201\r\n\r\nMultiple vulnerabilities were discovered in Zend Framework, a PHP\r\nframework. Except for CVE-2015-3154, all these issues were already fixed\r\nin the version initially shipped with Jessie.\r\n\r\nCVE-2014-2681\r\n\r\n Lukas Reschke reported a lack of protection against XML External\r\n Entity injection attacks in some functions. This fix extends the\r\n incomplete one from CVE-2012-5657.\r\n\r\nCVE-2014-2682\r\n\r\n Lukas Reschke reported a failure to consider that the\r\n libxml_disable_entity_loader setting is shared among threads in the\r\n PHP-FPM case. This fix extends the incomplete one from\r\n CVE-2012-5657.\r\n\r\nCVE-2014-2683\r\n\r\n Lukas Reschke reported a lack of protection against XML Entity\r\n Expansion attacks in some functions. This fix extends the incomplete\r\n one from CVE-2012-6532.\r\n\r\nCVE-2014-2684\r\n\r\n Christian Mainka and Vladislav Mladenov from the Ruhr-University\r\n Bochum reported an error in the consumer's verify method that lead\r\n to acceptance of wrongly sourced tokens.\r\n\r\nCVE-2014-2685\r\n\r\n Christian Mainka and Vladislav Mladenov from the Ruhr-University\r\n Bochum reported a specification violation in which signing of a\r\n single parameter is incorrectly considered sufficient.\r\n\r\nCVE-2014-4914\r\n\r\n Cassiano Dal Pizzol discovered that the implementation of the ORDER\r\n BY SQL statement in Zend_Db_Select contains a potential SQL\r\n injection when the query string passed contains parentheses.\r\n\r\nCVE-2014-8088\r\n\r\n Yury Dyachenko at Positive Research Center identified potential XML\r\n eXternal Entity injection vectors due to insecure usage of PHP's DOM\r\n extension.\r\n\r\nCVE-2014-8089\r\n\r\n Jonas SandstrA\u00b6m discovered an SQL injection vector when manually\r\n quoting value for sqlsrv extension, using null byte.\r\n\r\nCVE-2015-3154\r\n\r\n Filippo Tessarotto and Maks3w reported potential CRLF injection\r\n attacks in mail and HTTP headers.\r\n\r\nFor the oldstable distribution (wheezy), these problems have been fixed\r\nin version 1.11.13-1.1+deb7u1.\r\n\r\nFor the stable distribution (jessie), these problems have been fixed in\r\nversion 1.12.9+dfsg-2+deb8u1.\r\n\r\nFor the testing distribution (stretch), these problems will be fixed\r\nin version 1.12.12+dfsg-1.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in\r\nversion 1.12.12+dfsg-1.\r\n\r\nWe recommend that you upgrade your zendframework packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: https://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQIcBAEBCgAGBQJVXFXVAAoJEK+lG9bN5XPLIDIP/1ebw6gwJq+uzc/FNeGben3Q\r\nZqbp2akoh4wVVaLBUUWlUSohzpoW48GgTje2eRxBAIasneZHmOwcwjzdpgAdwFhe\r\nh0Xj3Pi0PMvdo9jQIBLWD/GQe8bD9YXlaEvq1D6OayEE0h27k6mrplfG7rwWsmdS\r\nG1o7P8Tnh27PifkVCzSyB43bHTgInRGfmrjoid9AWmOOYnTjuq47oexOaqgE/mQh\r\nXKKKtxlv6ru4ac+XRv06aUJmYQG4LQZJpL3wJ+d0CqIlCsSVP7pDP2X/1/Pqmdms\r\nWLBX4C4N/AM7+C/7P54rPn6uHBemhLBwJLH78cM+3kcEJ6wDuuWk7NYovv4hzXkz\r\n7CDC6nGgi5+YUaUzaiWM+VuwMWDckFAzGIg22wP/moJzSeqG/GfwVpA5AAD0XosV\r\nWW7iPgwnJFj/WWr5doBZ7LVBj/Pd56eAUJY9q4aY7GeDIFf65VD2Zd2jMIleVjSW\r\nq4I/hCElJgMiBza/066ToIfa7TB+Cutj/Fofpdq+Um7mP2GCdYPsMcxPzz6QRbt8\r\nBqcNWVKgktp/9T/yaTkPKkSWn9o1lSSV1urVWCNPg7pgrh9OVC8Ov0fqD0qOvnd4\r\nN4xAuKWnOtyn7Zwbz+vDwBzc47cbAlhx/y1M0v10D2Kf32kXdgC3C0PzK8wUcYvY\r\nXBGbffEaDb86ez3TbNmy\r\n=T2BR\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2015-06-08T00:00:00", "published": "2015-06-08T00:00:00", "id": "SECURITYVULNS:DOC:32176", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32176", "title": "[SECURITY] [DSA 3265-1] zendframework security update", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:57", "bulletinFamily": "software", "cvelist": ["CVE-2014-5129", "CVE-2014-5127", "CVE-2014-1546", "CVE-2014-0986", "CVE-2014-0991", "CVE-2014-4736", "CVE-2014-5393", "CVE-2014-5136", "CVE-2014-0485", "CVE-2014-3810", "CVE-2014-0987", "CVE-2014-0985", "CVE-2014-4172", "CVE-2014-0990", "CVE-2014-6308", "CVE-2014-5391", "CVE-2014-0988", "CVE-2014-0992", "CVE-2014-3737", "CVE-2014-0989", "CVE-2014-3119", "CVE-2014-5392", "CVE-2014-4914", "CVE-2014-4734", "CVE-2014-6280", "CVE-2014-4170", "CVE-2014-3920"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2014-10-15T00:00:00", "published": "2014-10-15T00:00:00", "id": "SECURITYVULNS:VULN:14025", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14025", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:00", "bulletinFamily": "software", "cvelist": ["CVE-2015-2750", "CVE-2015-2172", "CVE-2015-0225", "CVE-2014-9258", "CVE-2015-2843", "CVE-2015-0845", "CVE-2015-2845", "CVE-2014-2027", "CVE-2014-8764", "CVE-2015-2844", "CVE-2014-8360", "CVE-2014-2685", "CVE-2014-5361", "CVE-2014-8762", "CVE-2015-2206", "CVE-2015-2934", "CVE-2014-8761", "CVE-2015-2938", "CVE-2015-2749", "CVE-2014-8763", "CVE-2015-2933", "CVE-2014-5020", "CVE-2015-2939", "CVE-2014-2682", "CVE-2014-5021", "CVE-2015-2940", "CVE-2014-2983", "CVE-2014-3704", "CVE-2015-2781", "CVE-2014-9253", "CVE-2015-2842", "CVE-2014-8089", "CVE-2015-2690", "CVE-2015-2932", "CVE-2015-2937", "CVE-2014-5019", "CVE-2015-1773", "CVE-2015-2559", "CVE-2014-5022", "CVE-2015-2931", "CVE-2014-2684", "CVE-2014-4914", "CVE-2014-5362", "CVE-2014-5032", "CVE-2015-2936", "CVE-2015-2935", "CVE-2014-2683", "CVE-2014-2681", "CVE-2015-2560"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2015-05-12T00:00:00", "published": "2015-05-12T00:00:00", "id": "SECURITYVULNS:VULN:14479", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14479", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-08-12T00:57:09", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3154", "CVE-2014-8088", "CVE-2012-6532", "CVE-2014-2685", "CVE-2014-2682", "CVE-2014-8089", "CVE-2014-2684", "CVE-2014-4914", "CVE-2012-5657", "CVE-2014-2683", "CVE-2014-2681"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3265-1 security@debian.org\nhttp://www.debian.org/security/ David Pr\u00c3\u00a9vot\nMay 20, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : zendframework\nCVE ID : CVE-2014-2681 CVE-2014-2682 CVE-2014-2683 CVE-2014-2684 \n CVE-2014-2685 CVE-2014-4914 CVE-2014-8088 CVE-2014-8089 \n CVE-2015-3154\nDebian Bug : 743175 754201\n\nMultiple vulnerabilities were discovered in Zend Framework, a PHP\nframework. Except for CVE-2015-3154, all these issues were already fixed\nin the version initially shipped with Jessie.\n\nCVE-2014-2681\n\n Lukas Reschke reported a lack of protection against XML External\n Entity injection attacks in some functions. This fix extends the\n incomplete one from CVE-2012-5657.\n\nCVE-2014-2682\n\n Lukas Reschke reported a failure to consider that the\n libxml_disable_entity_loader setting is shared among threads in the\n PHP-FPM case. This fix extends the incomplete one from\n CVE-2012-5657.\n\nCVE-2014-2683\n\n Lukas Reschke reported a lack of protection against XML Entity\n Expansion attacks in some functions. This fix extends the incomplete\n one from CVE-2012-6532.\n\nCVE-2014-2684\n\n Christian Mainka and Vladislav Mladenov from the Ruhr-University\n Bochum reported an error in the consumer's verify method that lead\n to acceptance of wrongly sourced tokens.\n\nCVE-2014-2685\n\n Christian Mainka and Vladislav Mladenov from the Ruhr-University\n Bochum reported a specification violation in which signing of a\n single parameter is incorrectly considered sufficient.\n\nCVE-2014-4914\n\n Cassiano Dal Pizzol discovered that the implementation of the ORDER\n BY SQL statement in Zend_Db_Select contains a potential SQL\n injection when the query string passed contains parentheses.\n\nCVE-2014-8088\n\n Yury Dyachenko at Positive Research Center identified potential XML\n eXternal Entity injection vectors due to insecure usage of PHP's DOM\n extension.\n\nCVE-2014-8089\n\n Jonas Sandstr\u00c3\u00b6m discovered an SQL injection vector when manually\n quoting value for sqlsrv extension, using null byte.\n\nCVE-2015-3154\n\n Filippo Tessarotto and Maks3w reported potential CRLF injection\n attacks in mail and HTTP headers.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 1.11.13-1.1+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.12.9+dfsg-2+deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed\nin version 1.12.12+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.12.12+dfsg-1.\n\nWe recommend that you upgrade your zendframework packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 9, "modified": "2015-05-20T09:37:45", "published": "2015-05-20T09:37:45", "id": "DEBIAN:DSA-3265-1:1C648", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00155.html", "title": "[SECURITY] [DSA 3265-1] zendframework security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T01:09:01", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3154", "CVE-2014-8088", "CVE-2012-6532", "CVE-2014-2685", "CVE-2014-2682", "CVE-2014-8089", "CVE-2014-2684", "CVE-2014-4914", "CVE-2012-5657", "CVE-2014-2683", "CVE-2014-2681"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3265-2 security@debian.org\nhttp://www.debian.org/security/ Alessandro Ghedini\nMay 24, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : zendframework\n\nThe update for zendframework issued as DSA-3265-1 introduced a regression\npreventing the use of non-string or non-stringable objects as header\nvalues. A fix for this problem is now applied, along with the final patch\nfor CVE-2015-3154. For reference the original advisory text follows.\n\nMultiple vulnerabilities were discovered in Zend Framework, a PHP\nframework. Except for CVE-2015-3154, all these issues were already fixed\nin the version initially shipped with Jessie.\n\nCVE-2014-2681\n\n Lukas Reschke reported a lack of protection against XML External\n Entity injection attacks in some functions. This fix extends the\n incomplete one from CVE-2012-5657.\n\nCVE-2014-2682\n\n Lukas Reschke reported a failure to consider that the\n libxml_disable_entity_loader setting is shared among threads in the\n PHP-FPM case. This fix extends the incomplete one from\n CVE-2012-5657.\n\nCVE-2014-2683\n\n Lukas Reschke reported a lack of protection against XML Entity\n Expansion attacks in some functions. This fix extends the incomplete\n one from CVE-2012-6532.\n\nCVE-2014-2684\n\n Christian Mainka and Vladislav Mladenov from the Ruhr-University\n Bochum reported an error in the consumer's verify method that lead\n to acceptance of wrongly sourced tokens.\n\nCVE-2014-2685\n\n Christian Mainka and Vladislav Mladenov from the Ruhr-University\n Bochum reported a specification violation in which signing of a\n single parameter is incorrectly considered sufficient.\n\nCVE-2014-4914\n\n Cassiano Dal Pizzol discovered that the implementation of the ORDER\n BY SQL statement in Zend_Db_Select contains a potential SQL\n injection when the query string passed contains parentheses.\n\nCVE-2014-8088\n\n Yury Dyachenko at Positive Research Center identified potential XML\n eXternal Entity injection vectors due to insecure usage of PHP's DOM\n extension.\n\nCVE-2014-8089\n\n Jonas Sandstr\u00c3\u00b6m discovered an SQL injection vector when manually\n quoting value for sqlsrv extension, using null byte.\n\nCVE-2015-3154\n\n Filippo Tessarotto and Maks3w reported potential CRLF injection\n attacks in mail and HTTP headers.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.11.13-1.1+deb7u2.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.12.9+dfsg-2+deb8u2.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 1.12.13+dfsg-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.12.13+dfsg-1.\n\nWe recommend that you upgrade your zendframework packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 15, "modified": "2015-05-24T11:55:45", "published": "2015-05-24T11:55:45", "id": "DEBIAN:DSA-3265-2:03C60", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00164.html", "title": "[SECURITY] [DSA 3265-2] zendframework regression update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-11T13:12:42", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3154", "CVE-2014-8088", "CVE-2012-6532", "CVE-2014-2685", "CVE-2014-2682", "CVE-2012-6531", "CVE-2014-8089", "CVE-2014-2684", "CVE-2014-4914", "CVE-2012-5657", "CVE-2014-2683", "CVE-2014-2681"], "description": "Package : zendframework\nVersion : 1.10.6-1squeeze4\nCVE ID : CVE-2012-6531 CVE-2012-6532 CVE-2014-2681 CVE-2014-2682\n CVE-2014-2683 CVE-2014-2684 CVE-2014-2685 CVE-2014-4914\n CVE-2014-8088 CVE-2014-8089 CVE-2015-3154\nDebian Bug : 743175 754201\n\nThe previous zendframework upload incorrectly fixes CVE-2015-3154,\ncausing a regression. This update corrects this problem. Thanks to\n\u0415\u0432\u0433\u0435\u043d\u0438\u0439 \u0421\u043c\u043e\u043b\u0438\u043d (Evgeny Smolin) <esmolin@inbox.ru>.\n\nCVE-2012-6531\n\n P\u00e1draic Brady identified a weakness to handle the SimpleXMLElement\n zendframework class, allowing to remote attackers to read arbitrary\n files or create TCP connections via an XML external entity (XXE)\n injection attack.\n\nCVE-2012-6532\n\n P\u00e1draic Brady found that remote attackers could cause a denial of\n service by CPU consumption, via recursive or circular references\n through an XML entity expansion (XEE) attack.\n\nCVE-2014-2681\n\n Lukas Reschke reported a lack of protection against XML External\n Entity injection attacks in some functions. This fix extends the\n incomplete one from CVE-2012-5657.\n\nCVE-2014-2682\n\n Lukas Reschke reported a failure to consider that the\n libxml_disable_entity_loader setting is shared among threads in the\n PHP-FPM case. This fix extends the incomplete one from\n CVE-2012-5657.\n\nCVE-2014-2683\n\n Lukas Reschke reported a lack of protection against XML Entity\n Expansion attacks in some functions. This fix extends the incomplete\n one from CVE-2012-6532.\n\nCVE-2014-2684\n\n Christian Mainka and Vladislav Mladenov from the Ruhr-University\n Bochum reported an error in the consumer's verify method that lead\n to acceptance of wrongly sourced tokens.\n\nCVE-2014-2685\n\n Christian Mainka and Vladislav Mladenov from the Ruhr-University\n Bochum reported a specification violation in which signing of a\n single parameter is incorrectly considered sufficient.\n\nCVE-2014-4914\n\n Cassiano Dal Pizzol discovered that the implementation of the ORDER\n BY SQL statement in Zend_Db_Select contains a potential SQL\n injection when the query string passed contains parentheses.\n\nCVE-2014-8088\n\n Yury Dyachenko at Positive Research Center identified potential XML\n eXternal Entity injection vectors due to insecure usage of PHP's DOM\n extension.\n\nCVE-2014-8089\n\n Jonas Sandstr\u00f6m discovered an SQL injection vector when manually\n quoting value for sqlsrv extension, using null byte.\n\nCVE-2015-3154\n\n Filippo Tessarotto and Maks3w reported potential CRLF injection\n attacks in mail and HTTP headers.\n", "edition": 7, "modified": "2015-06-23T20:27:21", "published": "2015-06-23T20:27:21", "id": "DEBIAN:DLA-251-2:CDAD6", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201506/msg00019.html", "title": "[SECURITY] [DLA 251-2] zendframework regression update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-11T13:30:14", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3154", "CVE-2014-8088", "CVE-2012-6532", "CVE-2014-2685", "CVE-2014-2682", "CVE-2012-6531", "CVE-2014-8089", "CVE-2014-2684", "CVE-2014-4914", "CVE-2012-5657", "CVE-2014-2683", "CVE-2014-2681"], "description": "Package : zendframework\nVersion : 1.10.6-1squeeze3\nCVE ID : CVE-2012-6531 CVE-2012-6532 CVE-2014-2681 CVE-2014-2682\n CVE-2014-2683 CVE-2014-2684 CVE-2014-2685 CVE-2014-4914\n CVE-2014-8088 CVE-2014-8089 CVE-2015-3154\nDebian Bug : 743175 754201\n\nSeveral vulnerabilities were found in the Zend PHP framework:\n\nCVE-2012-6531\n\n P\u00e1draic Brady identified a weakness to handle the SimpleXMLElement\n zendframework class, allowing to remote attackers to read arbitrary\n files or create TCP connections via an XML external entity (XXE)\n injection attack.\n\nCVE-2012-6532\n\n P\u00e1draic Brady found that remote attackers could cause a denial of\n service by CPU consumption, via recursive or circular references\n through an XML entity expansion (XEE) attack.\n\nCVE-2014-2681\n\n Lukas Reschke reported a lack of protection against XML External\n Entity injection attacks in some functions. This fix extends the\n incomplete one from CVE-2012-5657.\n\nCVE-2014-2682\n\n Lukas Reschke reported a failure to consider that the\n libxml_disable_entity_loader setting is shared among threads in the\n PHP-FPM case. This fix extends the incomplete one from\n CVE-2012-5657.\n\nCVE-2014-2683\n\n Lukas Reschke reported a lack of protection against XML Entity\n Expansion attacks in some functions. This fix extends the incomplete\n one from CVE-2012-6532.\n\nCVE-2014-2684\n\n Christian Mainka and Vladislav Mladenov from the Ruhr-University\n Bochum reported an error in the consumer's verify method that lead\n to acceptance of wrongly sourced tokens.\n\nCVE-2014-2685\n\n Christian Mainka and Vladislav Mladenov from the Ruhr-University\n Bochum reported a specification violation in which signing of a\n single parameter is incorrectly considered sufficient.\n\nCVE-2014-4914\n\n Cassiano Dal Pizzol discovered that the implementation of the ORDER\n BY SQL statement in Zend_Db_Select contains a potential SQL\n injection when the query string passed contains parentheses.\n\nCVE-2014-8088\n\n Yury Dyachenko at Positive Research Center identified potential XML\n eXternal Entity injection vectors due to insecure usage of PHP's DOM\n extension.\n\nCVE-2014-8089\n\n Jonas Sandstr\u00f6m discovered an SQL injection vector when manually\n quoting value for sqlsrv extension, using null byte.\n\nCVE-2015-3154\n\n Filippo Tessarotto and Maks3w reported potential CRLF injection\n attacks in mail and HTTP headers.\n\nFor Debian 6 "Squeeze", these issues have been fixed in zendframework\nversion 1.10.6-1squeeze3.\n", "edition": 3, "modified": "2015-06-20T18:41:19", "published": "2015-06-20T18:41:19", "id": "DEBIAN:DLA-251-1:7D839", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201506/msg00017.html", "title": "[SECURITY] [DLA 251-1] zendframework security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}