Search...

PHP dba_replace Denial of Service Vulnerability

2009-08-27T00:00:00

ID OPENVAS:1361412562310900925
Type openvas
Reporter Copyright (C) 2009 SecPod
Modified 2019-03-07T00:00:00

Description

The host is running PHP and is prone to Denial of Service vulnerability.

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
# $Id: secpod_php_dba_replace_dos_vuln.nasl 14031 2019-03-07 10:47:29Z cfischer $
#
# PHP dba_replace Denial of Service Vulnerability
#
# Authors:
# Nikita MR &lt;rnikita@secpod.com&gt;
#
# Copyright (c) 2009 SecPod, http://www.secpod.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

CPE = "cpe:/a:php:php";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.900925");
  script_version("$Revision: 14031 $");
  script_tag(name:"last_modification", value:"$Date: 2019-03-07 11:47:29 +0100 (Thu, 07 Mar 2019) $");
  script_tag(name:"creation_date", value:"2009-08-27 13:43:20 +0200 (Thu, 27 Aug 2009)");
  script_tag(name:"cvss_base", value:"6.4");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:P");
  script_cve_id("CVE-2008-7068");
  script_bugtraq_id(33498);
  script_name("PHP dba_replace Denial of Service Vulnerability");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 SecPod");
  script_family("Denial of Service");
  script_dependencies("gb_php_detect.nasl");
  script_mandatory_keys("php/installed");

  script_xref(name:"URL", value:"http://xforce.iss.net/xforce/xfdb/47316");
  script_xref(name:"URL", value:"http://www.securityfocus.com/archive/1/archive/1/498746/100/0/threaded");

  script_tag(name:"impact", value:"Successful exploitation could allow attackers to execute arbitrary code
  corrupt files and cause denial of service.");

  script_tag(name:"affected", value:"PHP 4.x and 5.2.6 on all running platform.");

  script_tag(name:"insight", value:"An error occurs in 'dba_replace()' function while processing malformed
  user supplied data containing a key with the NULL byte.");

  script_tag(name:"solution", value:"Upgrade to version 5.2.7 or later.");

  script_tag(name:"summary", value:"The host is running PHP and is prone to Denial of Service
  vulnerability.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"remote_banner_unreliable");

  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if( isnull( phpPort = get_app_port( cpe:CPE ) ) )
  exit( 0 );

if( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) )
  exit( 0 );

if( phpVer =~ "^4\." || version_is_equal( version:phpVer, test_version:"5.2.6" ) ) {
  report = report_fixed_ver( installed_version:phpVer, fixed_version:"5.2.7" );
  security_message( data:report, port:phpPort );
  exit( 0 );
}

exit( 99 );

JSON Vulners Source

Initial Source

{"id": "OPENVAS:1361412562310900925", "bulletinFamily": "scanner", "title": "PHP dba_replace Denial of Service Vulnerability", "description": "The host is running PHP and is prone to Denial of Service\n vulnerability.", "published": "2009-08-27T00:00:00", "modified": "2019-03-07T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900925", "reporter": "Copyright (C) 2009 SecPod", "references": ["http://www.securityfocus.com/archive/1/archive/1/498746/100/0/threaded", "http://xforce.iss.net/xforce/xfdb/47316"], "cvelist": ["CVE-2008-7068"], "type": "openvas", "lastseen": "2019-03-07T20:19:01", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2008-7068"], "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "description": "The host is running PHP and is prone to Denial of Service\n vulnerability.", "edition": 4, "enchantments": {"dependencies": {"modified": "2018-09-02T00:06:02", "references": [{"idList": ["MANDRIVA_MDVSA-2009-324.NASL", "UBUNTU_USN-862-1.NASL", "FREEBSD_PKG_1E8031BE425811DEB67A0030843D3802.NASL", "MANDRIVA_MDVSA-2009-247.NASL", "PHP_5_2_7.NASL"], "type": "nessus"}, {"idList": ["CVE-2008-7068"], "type": "cve"}, {"idList": ["1E8031BE-4258-11DE-B67A-0030843D3802"], "type": "freebsd"}, {"idList": ["SECURITYVULNS:VULN:9469"], "type": "securityvulns"}, {"idList": ["OPENVAS:64959", "OPENVAS:136141256231066420", "OPENVAS:136141256231064958", "OPENVAS:64958", "OPENVAS:66338", "OPENVAS:136141256231064001", "OPENVAS:136141256231064959", "OPENVAS:64001", "OPENVAS:66420"], "type": "openvas"}, {"idList": ["USN-862-1"], "type": "ubuntu"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "hash": "696d3037c9bbab26e086e03443d0f671d2df469beb37d006f8f3acdf4522938c", "hashmap": [{"hash": "711d051a7c0db70ca108b804aa5319ac", "key": "naslFamily"}, {"hash": "956b0cce3d9454921494ef535bcdf2a4", "key": "cvss"}, {"hash": "6a3f1860a320101d84231bdf350478f2", "key": "published"}, {"hash": "48d60a46ed3f845ea90484e4bf421124", "key": "modified"}, {"hash": "a021a3692614a7c69055764075908c6f", "key": "reporter"}, {"hash": "2e2f45162b152d26081b4abb2a35290f", "key": "title"}, {"hash": "2f56053864ca3319bc3dab7509a0be0a", "key": "sourceData"}, {"hash": "6268d66176a18f7e99dd1ff25294dd88", "key": "cvelist"}, {"hash": "08faddbd957006b1218a5057df0106c9", "key": "pluginID"}, {"hash": "6a3ba4daca625e63e1312b537ece534c", "key": "references"}, {"hash": "2f13d973497ad2c32c40e4367867d4c4", "key": "description"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "935c4a7991c8f716051af30f3fe6a493", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900925", "id": "OPENVAS:1361412562310900925", "lastseen": "2018-09-02T00:06:02", "modified": "2018-07-09T00:00:00", "naslFamily": "Denial of Service", "objectVersion": "1.3", "pluginID": "1361412562310900925", "published": "2009-08-27T00:00:00", "references": ["http://www.securityfocus.com/archive/1/archive/1/498746/100/0/threaded", "http://xforce.iss.net/xforce/xfdb/47316"], "reporter": "Copyright (C) 2009 SecPod", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_php_dba_replace_dos_vuln.nasl 10459 2018-07-09 07:41:24Z cfischer $\n#\n# PHP dba_replace Denial of Service Vulnerability\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900925\");\n script_version(\"$Revision: 10459 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 09:41:24 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-27 13:43:20 +0200 (Thu, 27 Aug 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2008-7068\");\n script_bugtraq_id(33498);\n script_name(\"PHP dba_replace Denial of Service Vulnerability\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\");\n\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/47316\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/archive/1/archive/1/498746/100/0/threaded\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code\n corrupt files and cause denial of service.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP 4.x and 5.2.6 on all running platform.\");\n\n script_tag(name:\"insight\", value:\"An error occurs in 'dba_replace()' function while processing malformed\n user supplied data containing a key with the NULL byte.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 5.2.7 or later,\n http://www.php.net/downloads.php\");\n\n script_tag(name:\"summary\", value:\"The host is running PHP and is prone to Denial of Service\n vulnerability.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif( phpVer =~ \"^4\\.\" || version_is_equal( version:phpVer, test_version:\"5.2.6\" ) ) {\n report = report_fixed_ver( installed_version:phpVer, fixed_version:\"5.2.7\" );\n security_message( data:report, port:phpPort );\n exit( 0 );\n}\n\nexit( 99 );", "title": "PHP dba_replace Denial of Service Vulnerability", "type": "openvas", "viewCount": 3}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2018-09-02T00:06:02"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2008-7068"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The host is running PHP and is prone to Denial of Service\n vulnerability.", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "299ad5c498364d19f1af37109a52cfc1dfdb12b87497e292cd784f9f77f5368c", "hashmap": [{"hash": "711d051a7c0db70ca108b804aa5319ac", "key": "naslFamily"}, {"hash": "6a3f1860a320101d84231bdf350478f2", "key": "published"}, {"hash": "48d60a46ed3f845ea90484e4bf421124", "key": "modified"}, {"hash": "a021a3692614a7c69055764075908c6f", "key": "reporter"}, {"hash": "2e2f45162b152d26081b4abb2a35290f", "key": "title"}, {"hash": "2f56053864ca3319bc3dab7509a0be0a", "key": "sourceData"}, {"hash": "6268d66176a18f7e99dd1ff25294dd88", "key": "cvelist"}, {"hash": "08faddbd957006b1218a5057df0106c9", "key": "pluginID"}, {"hash": "6a3ba4daca625e63e1312b537ece534c", "key": "references"}, {"hash": "2f13d973497ad2c32c40e4367867d4c4", "key": "description"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "935c4a7991c8f716051af30f3fe6a493", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900925", "id": "OPENVAS:1361412562310900925", "lastseen": "2018-08-30T19:28:18", "modified": "2018-07-09T00:00:00", "naslFamily": "Denial of Service", "objectVersion": "1.3", "pluginID": "1361412562310900925", "published": "2009-08-27T00:00:00", "references": ["http://www.securityfocus.com/archive/1/archive/1/498746/100/0/threaded", "http://xforce.iss.net/xforce/xfdb/47316"], "reporter": "Copyright (C) 2009 SecPod", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_php_dba_replace_dos_vuln.nasl 10459 2018-07-09 07:41:24Z cfischer $\n#\n# PHP dba_replace Denial of Service Vulnerability\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900925\");\n script_version(\"$Revision: 10459 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 09:41:24 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-27 13:43:20 +0200 (Thu, 27 Aug 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2008-7068\");\n script_bugtraq_id(33498);\n script_name(\"PHP dba_replace Denial of Service Vulnerability\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\");\n\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/47316\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/archive/1/archive/1/498746/100/0/threaded\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code\n corrupt files and cause denial of service.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP 4.x and 5.2.6 on all running platform.\");\n\n script_tag(name:\"insight\", value:\"An error occurs in 'dba_replace()' function while processing malformed\n user supplied data containing a key with the NULL byte.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 5.2.7 or later,\n http://www.php.net/downloads.php\");\n\n script_tag(name:\"summary\", value:\"The host is running PHP and is prone to Denial of Service\n vulnerability.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif( phpVer =~ \"^4\\.\" || version_is_equal( version:phpVer, test_version:\"5.2.6\" ) ) {\n report = report_fixed_ver( installed_version:phpVer, fixed_version:\"5.2.7\" );\n security_message( data:report, port:phpPort );\n exit( 0 );\n}\n\nexit( 99 );", "title": "PHP dba_replace Denial of Service Vulnerability", "type": "openvas", "viewCount": 3}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:28:18"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2008-7068"], "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "description": "The host is running PHP and is prone to Denial of Service\n vulnerability.", "edition": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "f429a3e4811fe78bf92e81796042c6311e4ac2eadfa8df4ecf6d13e33f209fb3", "hashmap": [{"hash": "711d051a7c0db70ca108b804aa5319ac", "key": "naslFamily"}, {"hash": "956b0cce3d9454921494ef535bcdf2a4", "key": "cvss"}, {"hash": "6a3f1860a320101d84231bdf350478f2", "key": "published"}, {"hash": "cb5aa2e39769df793b50011963908b65", "key": "sourceData"}, {"hash": "a021a3692614a7c69055764075908c6f", "key": "reporter"}, {"hash": "2e2f45162b152d26081b4abb2a35290f", "key": "title"}, {"hash": "6268d66176a18f7e99dd1ff25294dd88", "key": "cvelist"}, {"hash": "08faddbd957006b1218a5057df0106c9", "key": "pluginID"}, {"hash": "6a3ba4daca625e63e1312b537ece534c", "key": "references"}, {"hash": "2f13d973497ad2c32c40e4367867d4c4", "key": "description"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "935c4a7991c8f716051af30f3fe6a493", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "3044cdbad1ed41bd94a84f79f899b09e", "key": "modified"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900925", "id": "OPENVAS:1361412562310900925", "lastseen": "2017-07-02T21:14:03", "modified": "2016-11-14T00:00:00", "naslFamily": "Denial of Service", "objectVersion": "1.3", "pluginID": "1361412562310900925", "published": "2009-08-27T00:00:00", "references": ["http://www.securityfocus.com/archive/1/archive/1/498746/100/0/threaded", "http://xforce.iss.net/xforce/xfdb/47316"], "reporter": "Copyright (C) 2009 SecPod", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_php_dba_replace_dos_vuln.nasl 4505 2016-11-14 15:16:47Z cfi $\n#\n# PHP dba_replace Denial of Service Vulnerability\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900925\");\n script_version(\"$Revision: 4505 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-11-14 16:16:47 +0100 (Mon, 14 Nov 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-27 13:43:20 +0200 (Thu, 27 Aug 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2008-7068\");\n script_bugtraq_id(33498);\n script_name(\"PHP dba_replace Denial of Service Vulnerability\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"php/installed\");\n\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/47316\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/archive/1/archive/1/498746/100/0/threaded\");\n\n tag_impact = \"Successful exploitation could allow attackers to execute arbitrary code\n corrupt files and cause denial of service.\n\n Impact Level: Application\";\n\n tag_affected = \"PHP 4.x and 5.2.6 on all running platform.\";\n\n tag_insight = \"An error occurs in 'dba_replace()' function while processing malformed\n user supplied data containing a key with the NULL byte.\";\n\n tag_solution = \"Upgrade to version 5.2.7 or later,\n http://www.php.net/downloads.php\";\n\n tag_summary = \"The host is running PHP and is prone to Denial of Service\n vulnerability.\";\n\n script_tag(name:\"impact\", value:tag_impact);\n script_tag(name:\"affected\", value:tag_affected);\n script_tag(name:\"insight\", value:tag_insight);\n script_tag(name:\"solution\", value:tag_solution);\n script_tag(name:\"summary\", value:tag_summary);\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\n# Grep for version 4.x and 5.2.6\nif( phpVer =~ \"^4\" || version_is_equal( version:phpVer, test_version:\"5.2.6\" ) ) {\n report = report_fixed_ver( installed_version:phpVer, fixed_version:\"5.2.7\" );\n security_message( data:report, port:phpPort );\n exit( 0 );\n}\n\nexit( 99 );", "title": "PHP dba_replace Denial of Service Vulnerability", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:14:03"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2008-7068"], "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}, "description": "The host is running PHP and is prone to Denial of Service\n vulnerability.", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "696d3037c9bbab26e086e03443d0f671d2df469beb37d006f8f3acdf4522938c", "hashmap": [{"hash": "711d051a7c0db70ca108b804aa5319ac", "key": "naslFamily"}, {"hash": "956b0cce3d9454921494ef535bcdf2a4", "key": "cvss"}, {"hash": "6a3f1860a320101d84231bdf350478f2", "key": "published"}, {"hash": "48d60a46ed3f845ea90484e4bf421124", "key": "modified"}, {"hash": "a021a3692614a7c69055764075908c6f", "key": "reporter"}, {"hash": "2e2f45162b152d26081b4abb2a35290f", "key": "title"}, {"hash": "2f56053864ca3319bc3dab7509a0be0a", "key": "sourceData"}, {"hash": "6268d66176a18f7e99dd1ff25294dd88", "key": "cvelist"}, {"hash": "08faddbd957006b1218a5057df0106c9", "key": "pluginID"}, {"hash": "6a3ba4daca625e63e1312b537ece534c", "key": "references"}, {"hash": "2f13d973497ad2c32c40e4367867d4c4", "key": "description"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "935c4a7991c8f716051af30f3fe6a493", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900925", "id": "OPENVAS:1361412562310900925", "lastseen": "2018-07-10T17:56:45", "modified": "2018-07-09T00:00:00", "naslFamily": "Denial of Service", "objectVersion": "1.3", "pluginID": "1361412562310900925", "published": "2009-08-27T00:00:00", "references": ["http://www.securityfocus.com/archive/1/archive/1/498746/100/0/threaded", "http://xforce.iss.net/xforce/xfdb/47316"], "reporter": "Copyright (C) 2009 SecPod", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_php_dba_replace_dos_vuln.nasl 10459 2018-07-09 07:41:24Z cfischer $\n#\n# PHP dba_replace Denial of Service Vulnerability\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900925\");\n script_version(\"$Revision: 10459 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 09:41:24 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-27 13:43:20 +0200 (Thu, 27 Aug 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2008-7068\");\n script_bugtraq_id(33498);\n script_name(\"PHP dba_replace Denial of Service Vulnerability\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\");\n\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/47316\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/archive/1/archive/1/498746/100/0/threaded\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code\n corrupt files and cause denial of service.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP 4.x and 5.2.6 on all running platform.\");\n\n script_tag(name:\"insight\", value:\"An error occurs in 'dba_replace()' function while processing malformed\n user supplied data containing a key with the NULL byte.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 5.2.7 or later,\n http://www.php.net/downloads.php\");\n\n script_tag(name:\"summary\", value:\"The host is running PHP and is prone to Denial of Service\n vulnerability.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif( phpVer =~ \"^4\\.\" || version_is_equal( version:phpVer, test_version:\"5.2.6\" ) ) {\n report = report_fixed_ver( installed_version:phpVer, fixed_version:\"5.2.7\" );\n security_message( data:report, port:phpPort );\n exit( 0 );\n}\n\nexit( 99 );", "title": "PHP dba_replace Denial of Service Vulnerability", "type": "openvas", "viewCount": 3}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-07-10T17:56:45"}], "edition": 5, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "6268d66176a18f7e99dd1ff25294dd88"}, {"key": "cvss", "hash": "956b0cce3d9454921494ef535bcdf2a4"}, {"key": "description", "hash": "2f13d973497ad2c32c40e4367867d4c4"}, {"key": "href", "hash": "935c4a7991c8f716051af30f3fe6a493"}, {"key": "modified", "hash": "239e98079e29ae495f96882251231d51"}, {"key": "naslFamily", "hash": "711d051a7c0db70ca108b804aa5319ac"}, {"key": "pluginID", "hash": "08faddbd957006b1218a5057df0106c9"}, {"key": "published", "hash": "6a3f1860a320101d84231bdf350478f2"}, {"key": "references", "hash": "6a3ba4daca625e63e1312b537ece534c"}, {"key": "reporter", "hash": "a021a3692614a7c69055764075908c6f"}, {"key": "sourceData", "hash": "8789bc71752db2724ba7871eab39c875"}, {"key": "title", "hash": "2e2f45162b152d26081b4abb2a35290f"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "556cb4436f43714e3597a7bf3f20927eb589a79052ff624466a28307d0c0b087", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-7068"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9469"]}, {"type": "freebsd", "idList": ["1E8031BE-4258-11DE-B67A-0030843D3802"]}, {"type": "openvas", "idList": ["OPENVAS:64001", "OPENVAS:136141256231064001", "OPENVAS:64958", "OPENVAS:136141256231064958", "OPENVAS:136141256231064959", "OPENVAS:64959", "OPENVAS:66338", "OPENVAS:66420", "OPENVAS:136141256231066420"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_1E8031BE425811DEB67A0030843D3802.NASL", "MANDRIVA_MDVSA-2009-247.NASL", "UBUNTU_USN-862-1.NASL", "PHP_5_2_7.NASL", "MANDRIVA_MDVSA-2009-324.NASL"]}, {"type": "ubuntu", "idList": ["USN-862-1"]}], "modified": "2019-03-07T20:19:01"}, "score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_php_dba_replace_dos_vuln.nasl 14031 2019-03-07 10:47:29Z cfischer $\n#\n# PHP dba_replace Denial of Service Vulnerability\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900925\");\n script_version(\"$Revision: 14031 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-07 11:47:29 +0100 (Thu, 07 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-27 13:43:20 +0200 (Thu, 27 Aug 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2008-7068\");\n script_bugtraq_id(33498);\n script_name(\"PHP dba_replace Denial of Service Vulnerability\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\");\n\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/47316\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/archive/1/archive/1/498746/100/0/threaded\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code\n corrupt files and cause denial of service.\");\n\n script_tag(name:\"affected\", value:\"PHP 4.x and 5.2.6 on all running platform.\");\n\n script_tag(name:\"insight\", value:\"An error occurs in 'dba_replace()' function while processing malformed\n user supplied data containing a key with the NULL byte.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 5.2.7 or later.\");\n\n script_tag(name:\"summary\", value:\"The host is running PHP and is prone to Denial of Service\n vulnerability.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) )\n exit( 0 );\n\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) )\n exit( 0 );\n\nif( phpVer =~ \"^4\\.\" || version_is_equal( version:phpVer, test_version:\"5.2.6\" ) ) {\n report = report_fixed_ver( installed_version:phpVer, fixed_version:\"5.2.7\" );\n security_message( data:report, port:phpPort );\n exit( 0 );\n}\n\nexit( 99 );", "naslFamily": "Denial of Service", "pluginID": "1361412562310900925", "scheme": null}

{"cve": [{"lastseen": "2018-11-01T05:11:59", "bulletinFamily": "NVD", "description": "The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file.", "modified": "2018-10-30T12:26:21", "published": "2009-08-25T06:30:00", "id": "CVE-2008-7068", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7068", "title": "CVE-2008-7068", "type": "cve", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:11:54", "bulletinFamily": "scanner", "description": "securityfocus research reports :\n\nA bug that leads to the emptying of the INI file contents if the database key was not found exists in PHP dba extension in versions 5.2.6, 4.4.9 and earlier.\n\nFunction dba_replace() are not filtering strings key and value. There is a possibility for the destruction of the file.", "modified": "2018-12-19T00:00:00", "id": "FREEBSD_PKG_1E8031BE425811DEB67A0030843D3802.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38799", "published": "2009-05-18T00:00:00", "title": "FreeBSD : php -- ini database truncation inside dba_replace() function (1e8031be-4258-11de-b67a-0030843d3802)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38799);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/12/19 13:21:18\");\n\n script_cve_id(\"CVE-2008-7068\");\n\n script_name(english:\"FreeBSD : php -- ini database truncation inside dba_replace() function (1e8031be-4258-11de-b67a-0030843d3802)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"securityfocus research reports :\n\nA bug that leads to the emptying of the INI file contents if the\ndatabase key was not found exists in PHP dba extension in versions\n5.2.6, 4.4.9 and earlier.\n\nFunction dba_replace() are not filtering strings key and value. There\nis a possibility for the destruction of the file.\"\n );\n # http://www.securityfocus.com/archive/1/498746/30/0/threaded\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.securityfocus.com/archive/1/498746/30/0/threaded\"\n );\n # http://securityreason.com/achievement_securityalert/58\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://cxsecurity.com/issue/WLB-2008110058\"\n );\n # https://vuxml.freebsd.org/freebsd/1e8031be-4258-11de-b67a-0030843d3802.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?44d08bef\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php4-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"php4-dba<4.4.9_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php5-dba<5.2.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:12:32", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities was discovered and corrected in php :\n\nThe dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file (CVE-2008-7068).\n\nThe php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates (CVE-2009-3291).\n\nUnspecified vulnerability in PHP before 5.2.11 has unknown impact and attack vectors related to missing sanity checks around exif processing. (CVE-2009-3292)\n\nUnspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect sanity check for the color index. (CVE-2009-3293). However in Mandriva we don't use the bundled libgd source in php per default, there is a unsupported package in contrib named php-gd-bundled that eventually will get updated to pickup these fixes.\n\nThis update provides a solution to these vulnerabilities.", "modified": "2018-07-19T00:00:00", "id": "MANDRIVA_MDVSA-2009-247.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41639", "published": "2009-09-28T00:00:00", "title": "Mandriva Linux Security Advisory : php (MDVSA-2009:247)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:247. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41639);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/07/19 20:59:16\");\n\n script_cve_id(\"CVE-2008-7068\", \"CVE-2009-3291\", \"CVE-2009-3292\", \"CVE-2009-3293\");\n script_bugtraq_id(36449);\n script_xref(name:\"MDVSA\", value:\"2009:247\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php (MDVSA-2009:247)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities was discovered and corrected in php :\n\nThe dba_replace function in PHP 5.2.6 and 4.x allows context-dependent\nattackers to cause a denial of service (file truncation) via a key\nwith the NULL byte. NOTE: this might only be a vulnerability in\nlimited circumstances in which the attacker can modify or add database\nentries but does not have permissions to truncate the file\n(CVE-2008-7068).\n\nThe php_openssl_apply_verification_policy function in PHP before\n5.2.11 does not properly perform certificate validation, which has\nunknown impact and attack vectors, probably related to an ability to\nspoof certificates (CVE-2009-3291).\n\nUnspecified vulnerability in PHP before 5.2.11 has unknown impact and\nattack vectors related to missing sanity checks around exif\nprocessing. (CVE-2009-3292)\n\nUnspecified vulnerability in the imagecolortransparent function in PHP\nbefore 5.2.11 has unknown impact and attack vectors related to an\nincorrect sanity check for the color index. (CVE-2009-3293). However\nin Mandriva we don't use the bundled libgd source in php per default,\nthere is a unsupported package in contrib named php-gd-bundled that\neventually will get updated to pickup these fixes.\n\nThis update provides a solution to these vulnerabilities.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64php5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libphp5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mhash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mime_magic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libphp5_common5-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-bcmath-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-bz2-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-calendar-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-cgi-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-cli-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-ctype-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-curl-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-dba-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-dbase-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-devel-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-dom-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-exif-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-fcgi-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-filter-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-ftp-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-gd-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-gettext-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-gmp-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-hash-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-iconv-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-imap-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-json-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-ldap-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mbstring-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mcrypt-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mhash-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mime_magic-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-ming-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mssql-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mysql-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-mysqli-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-ncurses-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-odbc-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-openssl-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pcntl-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pdo-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pdo_dblib-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pdo_mysql-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pdo_odbc-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pdo_pgsql-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pdo_sqlite-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pgsql-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-posix-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-pspell-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-readline-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-recode-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-session-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-shmop-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-snmp-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-soap-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-sockets-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-sqlite-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-sysvmsg-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-sysvsem-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-sysvshm-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-tidy-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-tokenizer-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-wddx-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-xml-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-xmlreader-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-xmlrpc-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-xmlwriter-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-xsl-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"php-zlib-5.2.5-14.7mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libphp5_common5-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-bcmath-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-bz2-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-calendar-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-cgi-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-cli-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ctype-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-curl-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-dba-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-dbase-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-devel-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-dom-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-exif-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-fcgi-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-filter-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ftp-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-gd-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-gettext-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-gmp-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-hash-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-iconv-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-imap-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-json-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ldap-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mbstring-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mcrypt-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mhash-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mime_magic-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ming-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mssql-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mysql-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mysqli-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ncurses-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-odbc-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-openssl-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pcntl-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_dblib-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_mysql-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_odbc-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_pgsql-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_sqlite-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pgsql-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-posix-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pspell-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-readline-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-recode-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-session-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-shmop-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-snmp-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-soap-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sockets-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sqlite-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sybase-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sysvmsg-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sysvsem-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sysvshm-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-tidy-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-tokenizer-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-wddx-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xml-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xmlreader-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xmlrpc-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xmlwriter-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xsl-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-zlib-5.2.6-18.7mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:12:46", "bulletinFamily": "scanner", "description": "Maksymilian Arciemowicz discovered that PHP did not properly validate arguments to the dba_replace function. If a script passed untrusted input to the dba_replace function, an attacker could truncate the database. This issue only applied to Ubuntu 6.06 LTS, 8.04 LTS, and 8.10. (CVE-2008-7068)\n\nIt was discovered that PHP's php_openssl_apply_verification_policy function did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (CVE-2009-3291)\n\nIt was discovered that PHP did not properly handle certain malformed images when being parsed by the Exif module. A remote attacker could exploit this flaw and cause the PHP server to crash, resulting in a denial of service. (CVE-2009-3292)\n\nGrzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the tempnam function. An attacker could exploit this issue to bypass safe_mode restrictions. (CVE-2009-3557)\n\nGrzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the posix_mkfifo function. An attacker could exploit this issue to bypass open_basedir restrictions. (CVE-2009-3558)\n\nBogdan Calin discovered that PHP did not limit the number of temporary files created when handling multipart/form-data POST requests. A remote attacker could exploit this flaw and cause the PHP server to consume all available resources, resulting in a denial of service.\n(CVE-2009-4017)\n\nATTENTION: This update changes previous PHP behaviour by limiting the number of files in a POST request to 50. This may be increased by adding a 'max_file_uploads' directive to the php.ini configuration file.\n\nIt was discovered that PHP did not properly enforce restrictions in the proc_open function. An attacker could exploit this issue to bypass safe_mode_protected_env_vars restrictions and possibly execute arbitrary code with application privileges. (CVE-2009-4018).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-28T00:00:00", "id": "UBUNTU_USN-862-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42930", "published": "2009-11-30T00:00:00", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : php5 vulnerabilities (USN-862-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-862-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42930);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/28 22:47:45\");\n\n script_cve_id(\"CVE-2008-7068\", \"CVE-2009-3291\", \"CVE-2009-3292\", \"CVE-2009-3557\", \"CVE-2009-3558\", \"CVE-2009-4017\", \"CVE-2009-4018\");\n script_bugtraq_id(36449, 37079, 37138);\n script_xref(name:\"USN\", value:\"862-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : php5 vulnerabilities (USN-862-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Maksymilian Arciemowicz discovered that PHP did not properly validate\narguments to the dba_replace function. If a script passed untrusted\ninput to the dba_replace function, an attacker could truncate the\ndatabase. This issue only applied to Ubuntu 6.06 LTS, 8.04 LTS, and\n8.10. (CVE-2008-7068)\n\nIt was discovered that PHP's php_openssl_apply_verification_policy\nfunction did not correctly handle SSL certificates with zero bytes in\nthe Common Name. A remote attacker could exploit this to perform a man\nin the middle attack to view sensitive information or alter encrypted\ncommunications. (CVE-2009-3291)\n\nIt was discovered that PHP did not properly handle certain malformed\nimages when being parsed by the Exif module. A remote attacker could\nexploit this flaw and cause the PHP server to crash, resulting in a\ndenial of service. (CVE-2009-3292)\n\nGrzegorz Stachowiak discovered that PHP did not properly enforce\nrestrictions in the tempnam function. An attacker could exploit this\nissue to bypass safe_mode restrictions. (CVE-2009-3557)\n\nGrzegorz Stachowiak discovered that PHP did not properly enforce\nrestrictions in the posix_mkfifo function. An attacker could exploit\nthis issue to bypass open_basedir restrictions. (CVE-2009-3558)\n\nBogdan Calin discovered that PHP did not limit the number of temporary\nfiles created when handling multipart/form-data POST requests. A\nremote attacker could exploit this flaw and cause the PHP server to\nconsume all available resources, resulting in a denial of service.\n(CVE-2009-4017)\n\nATTENTION: This update changes previous PHP behaviour by limiting the\nnumber of files in a POST request to 50. This may be increased by\nadding a 'max_file_uploads' directive to the php.ini configuration\nfile.\n\nIt was discovered that PHP did not properly enforce restrictions in\nthe proc_open function. An attacker could exploit this issue to bypass\nsafe_mode_protected_env_vars restrictions and possibly execute\narbitrary code with application privileges. (CVE-2009-4018).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/862-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-mhash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2018 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|8\\.10|9\\.04|9\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10 / 9.04 / 9.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php-pear\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-cgi\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-cli\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-common\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-curl\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-dev\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-gd\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-ldap\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-mhash\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-mysql\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-mysqli\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-odbc\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-pgsql\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-recode\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-snmp\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-sqlite\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-sybase\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-xmlrpc\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-xsl\", pkgver:\"5.1.2-1ubuntu3.17\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php-pear\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-cgi\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-cli\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-common\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-curl\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-dev\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-gd\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-gmp\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-ldap\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-mhash\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-mysql\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-odbc\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-pgsql\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-pspell\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-recode\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-snmp\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-sqlite\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-sybase\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-tidy\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-xmlrpc\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-xsl\", pkgver:\"5.2.4-2ubuntu5.9\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libapache2-mod-php5filter\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php-pear\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-cgi\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-cli\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-common\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-curl\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-dbg\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-dev\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-gd\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-gmp\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-ldap\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-mhash\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-mysql\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-odbc\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-pgsql\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-pspell\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-recode\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-snmp\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-sqlite\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-sybase\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-tidy\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-xmlrpc\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"php5-xsl\", pkgver:\"5.2.6-2ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libapache2-mod-php5filter\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php-pear\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-cgi\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-cli\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-common\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-curl\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-dbg\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-dev\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-gd\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-gmp\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-ldap\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-mhash\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-mysql\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-odbc\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-pgsql\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-pspell\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-recode\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-snmp\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-sqlite\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-sybase\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-tidy\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-xmlrpc\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-xsl\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libapache2-mod-php5filter\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php-pear\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-cgi\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-cli\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-common\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-curl\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-dbg\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-dev\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-gd\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-gmp\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-ldap\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-mhash\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-mysql\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-odbc\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-pgsql\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-pspell\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-recode\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-snmp\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-sqlite\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-sybase\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-tidy\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-xmlrpc\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-xsl\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-mod-php5 / libapache2-mod-php5filter / php-pear / php5 / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:12:47", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities was discovered and corrected in php :\n\nThe dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file (CVE-2008-7068).\n\nThe JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function (CVE-2009-1271).\n\n - Fixed upstream bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files) (CVE-2009-2687).\n\nThe php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates (CVE-2009-3291).\n\nUnspecified vulnerability in PHP before 5.2.11 has unknown impact and attack vectors related to missing sanity checks around exif processing. (CVE-2009-3292)\n\nUnspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect sanity check for the color index. (CVE-2009-3293)\n\nThe _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third-party information (CVE-2009-3546).\n\nThe tempnam function in ext/standard/file.c in PHP 5.2.11 and earlier, and 5.3.x before 5.3.1, allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments (CVE-2009-3557).\n\nThe posix_mkfifo function in ext/posix/posix.c in PHP 5.2.11 and earlier, and 5.3.x before 5.3.1, allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file (CVE-2009-3558).\n\nPHP 5.2.11, and 5.3.x before 5.3.1, does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive (CVE-2009-4017).\n\nThe proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, as demonstrated by a crafted value of the LD_LIBRARY_PATH environment variable (CVE-2009-4018).\n\nThe dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file (CVE-2008-7068).\n\nThe php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates (CVE-2009-3291).\n\nUnspecified vulnerability in PHP before 5.2.11 has unknown impact and attack vectors related to missing sanity checks around exif processing. (CVE-2009-3292)\n\nUnspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect sanity check for the color index. (CVE-2009-3293). However in Mandriva we don't use the bundled libgd source in php per default, there is a unsupported package in contrib named php-gd-bundled that eventually will get updated to pickup these fixes.\n\nThe php-suhosin package has been upgraded to 0.9.22 which has better support for apache vhosts.\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers\n\nThis update provides a solution to these vulnerabilities.", "modified": "2019-01-02T00:00:00", "id": "MANDRIVA_MDVSA-2009-324.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=43043", "published": "2009-12-08T00:00:00", "title": "Mandriva Linux Security Advisory : php (MDVSA-2009:324)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:324. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(43043);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2019/01/02 16:37:54\");\n\n script_cve_id(\"CVE-2008-7068\", \"CVE-2009-1271\", \"CVE-2009-2687\", \"CVE-2009-3291\", \"CVE-2009-3292\", \"CVE-2009-3293\", \"CVE-2009-3546\", \"CVE-2009-3557\", \"CVE-2009-3558\", \"CVE-2009-4017\", \"CVE-2009-4018\");\n script_bugtraq_id(35440, 36449, 36712, 37079, 37138);\n script_xref(name:\"MDVSA\", value:\"2009:324\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php (MDVSA-2009:324)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities was discovered and corrected in php :\n\nThe dba_replace function in PHP 5.2.6 and 4.x allows context-dependent\nattackers to cause a denial of service (file truncation) via a key\nwith the NULL byte. NOTE: this might only be a vulnerability in\nlimited circumstances in which the attacker can modify or add database\nentries but does not have permissions to truncate the file\n(CVE-2008-7068).\n\nThe JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before\n5.2.9 allows remote attackers to cause a denial of service\n(segmentation fault) via a malformed string to the json_decode API\nfunction (CVE-2009-1271).\n\n - Fixed upstream bug #48378 (exif_read_data() segfaults on\n certain corrupted .jpeg files) (CVE-2009-2687).\n\nThe php_openssl_apply_verification_policy function in PHP before\n5.2.11 does not properly perform certificate validation, which has\nunknown impact and attack vectors, probably related to an ability to\nspoof certificates (CVE-2009-3291).\n\nUnspecified vulnerability in PHP before 5.2.11 has unknown impact and\nattack vectors related to missing sanity checks around exif\nprocessing. (CVE-2009-3292)\n\nUnspecified vulnerability in the imagecolortransparent function in PHP\nbefore 5.2.11 has unknown impact and attack vectors related to an\nincorrect sanity check for the color index. (CVE-2009-3293)\n\nThe _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the\nGD Graphics Library 2.x, does not properly verify a certain\ncolorsTotal structure member, which might allow remote attackers to\nconduct buffer overflow or buffer over-read attacks via a crafted GD\nfile, a different vulnerability than CVE-2009-3293. NOTE: some of\nthese details are obtained from third-party information\n(CVE-2009-3546).\n\nThe tempnam function in ext/standard/file.c in PHP 5.2.11 and earlier,\nand 5.3.x before 5.3.1, allows context-dependent attackers to bypass\nsafe_mode restrictions, and create files in group-writable or\nworld-writable directories, via the dir and prefix arguments\n(CVE-2009-3557).\n\nThe posix_mkfifo function in ext/posix/posix.c in PHP 5.2.11 and\nearlier, and 5.3.x before 5.3.1, allows context-dependent attackers to\nbypass open_basedir restrictions, and create FIFO files, via the\npathname and mode arguments, as demonstrated by creating a .htaccess\nfile (CVE-2009-3558).\n\nPHP 5.2.11, and 5.3.x before 5.3.1, does not restrict the number of\ntemporary files created when handling a multipart/form-data POST\nrequest, which allows remote attackers to cause a denial of service\n(resource exhaustion), and makes it easier for remote attackers to\nexploit local file inclusion vulnerabilities, via multiple requests,\nrelated to lack of support for the max_file_uploads directive\n(CVE-2009-4017).\n\nThe proc_open function in ext/standard/proc_open.c in PHP before\n5.2.11 and 5.3.x before 5.3.1 does not enforce the (1)\nsafe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars\ndirectives, which allows context-dependent attackers to execute\nprograms with an arbitrary environment via the env parameter, as\ndemonstrated by a crafted value of the LD_LIBRARY_PATH environment\nvariable (CVE-2009-4018).\n\nThe dba_replace function in PHP 5.2.6 and 4.x allows context-dependent\nattackers to cause a denial of service (file truncation) via a key\nwith the NULL byte. NOTE: this might only be a vulnerability in\nlimited circumstances in which the attacker can modify or add database\nentries but does not have permissions to truncate the file\n(CVE-2008-7068).\n\nThe php_openssl_apply_verification_policy function in PHP before\n5.2.11 does not properly perform certificate validation, which has\nunknown impact and attack vectors, probably related to an ability to\nspoof certificates (CVE-2009-3291).\n\nUnspecified vulnerability in PHP before 5.2.11 has unknown impact and\nattack vectors related to missing sanity checks around exif\nprocessing. (CVE-2009-3292)\n\nUnspecified vulnerability in the imagecolortransparent function in PHP\nbefore 5.2.11 has unknown impact and attack vectors related to an\nincorrect sanity check for the color index. (CVE-2009-3293). However\nin Mandriva we don't use the bundled libgd source in php per default,\nthere is a unsupported package in contrib named php-gd-bundled that\neventually will get updated to pickup these fixes.\n\nThe php-suhosin package has been upgraded to 0.9.22 which has better\nsupport for apache vhosts.\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers\n\nThis update provides a solution to these vulnerabilities.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64php5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libphp5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mhash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mime_magic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-simplexml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libphp5_common5-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-bcmath-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-bz2-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-calendar-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-cgi-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-cli-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-ctype-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-curl-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-dba-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-dbase-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-devel-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-dom-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-exif-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-fcgi-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-filter-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-ftp-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-gd-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-gettext-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-gmp-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-hash-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-iconv-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-imap-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-ini-5.2.4-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-json-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-ldap-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mbstring-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mcrypt-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mhash-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mime_magic-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-ming-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mssql-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mysql-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-mysqli-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-ncurses-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-odbc-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-openssl-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pcntl-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pdo-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pdo_dblib-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pdo_mysql-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pdo_odbc-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pdo_pgsql-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pdo_sqlite-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pgsql-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-posix-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pspell-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-readline-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-recode-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-session-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-shmop-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-simplexml-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-snmp-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-soap-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-sockets-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-sqlite-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-suhosin-0.9.22-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-sysvmsg-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-sysvsem-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-sysvshm-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-tidy-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-tokenizer-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-wddx-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-xml-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-xmlreader-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-xmlrpc-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-xmlwriter-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-xsl-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-zlib-5.2.4-3.6mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:11:22", "bulletinFamily": "scanner", "description": "According to its banner, the version of PHP installed on the remote host is prior to 5.2.7. It is, therefore, affected by multiple vulnerabilities :\n\n - There is a buffer overflow flaw in the bundled PCRE library that allows a denial of service attack.\n (CVE-2008-2371)\n\n - Multiple directory traversal vulnerabilities exist in functions such as 'posix_access', 'chdir', and 'ftok' that allow a remote attacker to bypass 'safe_mode' restrictions. (CVE-2008-2665 and CVE-2008-2666).\n\n - A buffer overflow flaw in 'php_imap.c' may be triggered when processing long message headers due to the use of obsolete API calls. This can be exploited to cause a denial of service or to execute arbitrary code.\n (CVE-2008-2829)\n\n - A buffer overflow in the 'imageloadfont' function in 'ext/gd/gd.c' can be triggered when a specially crafted font is given. This can be exploited to cause a denial of service or to execute arbitrary code. (CVE-2008-3658)\n\n - A buffer overflow flaw exists in PHP's internal function 'memnstr' which can be exploited by an attacker using the delimiter argument to the 'explode' function. This can be used to cause a denial of service or to execute arbitrary code. (CVE-2008-3659)\n\n - When PHP is used as a FastCGI module, an attacker by requesting a file whose file name extension is preceded by multiple dots can cause a denial of service.\n (CVE-2008-3660)\n\n - A heap-based buffer overflow flaw in the mbstring extension can be triggered via a specially crafted string containing an HTML entity that is not handled during Unicode conversion. This can be exploited to execute arbitrary code.(CVE-2008-5557)\n\n - Improper initialization of global variables 'page_uid' and 'page_gid' when PHP is used as an Apache module allows the bypassing of security restriction due to SAPI 'php_getuid' function overloading. (CVE-2008-5624)\n\n - PHP does not enforce the correct restrictions when 'safe_mode' is enabled through a 'php_admin_flag' setting in 'httpd.conf'. This allows an attacker, by placing a specially crafted 'php_value' entry in '.htaccess', to able to write to arbitrary files.\n (CVE-2008-5625)\n\n - The 'ZipArchive::extractTo' function in the ZipArchive extension fails to filter directory traversal sequences from file names. An attacker can exploit this to write to arbitrary files. (CVE-2008-5658)\n\n - Under limited circumstances, an attacker can cause a file truncation to occur when calling the 'dba_replace' function with an invalid argument. (CVE-2008-7068)\n\n - A buffer overflow error exists in the function 'date_from_ISO8601' function within file 'xmlrpc.c' because user-supplied input is improperly validated.\n This can be exploited by a remote attacker to cause a denial of service or to execute arbitrary code.\n (CVE-2014-8626)", "modified": "2018-11-15T00:00:00", "id": "PHP_5_2_7.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=35043", "published": "2008-12-05T00:00:00", "title": "PHP 5 < 5.2.7 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35043);\n script_version(\"1.30\");\n script_cvs_date(\"Date: 2018/11/15 20:50:18\");\n\n script_cve_id(\n \"CVE-2008-2371\",\n \"CVE-2008-2665\",\n \"CVE-2008-2666\",\n \"CVE-2008-2829\",\n \"CVE-2008-3658\",\n \"CVE-2008-3659\",\n \"CVE-2008-3660\",\n \"CVE-2008-5557\",\n \"CVE-2008-5624\",\n \"CVE-2008-5625\",\n \"CVE-2008-5658\",\n \"CVE-2008-7068\",\n \"CVE-2014-8626\"\n );\n script_bugtraq_id(\n 29796,\n 29797,\n 29829,\n 30087,\n 30649,\n 31612,\n 32383,\n 32625,\n 32688,\n 32948,\n # 33498 nb: retired 29-Jan-2009\n 70928\n );\n\n script_name(english:\"PHP 5 < 5.2.7 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of PHP.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP installed on the remote\nhost is prior to 5.2.7. It is, therefore, affected by multiple\nvulnerabilities :\n\n - There is a buffer overflow flaw in the bundled PCRE\n library that allows a denial of service attack.\n (CVE-2008-2371)\n\n - Multiple directory traversal vulnerabilities exist in\n functions such as 'posix_access', 'chdir', and 'ftok'\n that allow a remote attacker to bypass 'safe_mode'\n restrictions. (CVE-2008-2665 and CVE-2008-2666).\n\n - A buffer overflow flaw in 'php_imap.c' may be triggered\n when processing long message headers due to the use of\n obsolete API calls. This can be exploited to cause a\n denial of service or to execute arbitrary code.\n (CVE-2008-2829)\n\n - A buffer overflow in the 'imageloadfont' function in\n 'ext/gd/gd.c' can be triggered when a specially crafted\n font is given. This can be exploited to cause a denial\n of service or to execute arbitrary code. (CVE-2008-3658)\n\n - A buffer overflow flaw exists in PHP's internal function\n 'memnstr' which can be exploited by an attacker using\n the delimiter argument to the 'explode' function. This\n can be used to cause a denial of service or to execute\n arbitrary code. (CVE-2008-3659)\n\n - When PHP is used as a FastCGI module, an attacker by\n requesting a file whose file name extension is preceded\n by multiple dots can cause a denial of service.\n (CVE-2008-3660)\n\n - A heap-based buffer overflow flaw in the mbstring\n extension can be triggered via a specially crafted\n string containing an HTML entity that is not handled\n during Unicode conversion. This can be exploited to\n execute arbitrary code.(CVE-2008-5557)\n\n - Improper initialization of global variables 'page_uid'\n and 'page_gid' when PHP is used as an Apache module\n allows the bypassing of security restriction due to\n SAPI 'php_getuid' function overloading. (CVE-2008-5624)\n\n - PHP does not enforce the correct restrictions when\n 'safe_mode' is enabled through a 'php_admin_flag'\n setting in 'httpd.conf'. This allows an attacker, by\n placing a specially crafted 'php_value' entry in\n '.htaccess', to able to write to arbitrary files.\n (CVE-2008-5625)\n\n - The 'ZipArchive::extractTo' function in the ZipArchive\n extension fails to filter directory traversal sequences\n from file names. An attacker can exploit this to write\n to arbitrary files. (CVE-2008-5658)\n\n - Under limited circumstances, an attacker can cause a\n file truncation to occur when calling the 'dba_replace'\n function with an invalid argument. (CVE-2008-7068)\n\n - A buffer overflow error exists in the function\n 'date_from_ISO8601' function within file 'xmlrpc.c'\n because user-supplied input is improperly validated.\n This can be exploited by a remote attacker to cause a\n denial of service or to execute arbitrary code.\n (CVE-2014-8626)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://cxsecurity.com/issue/WLB-2008110041\");\n script_set_attribute(attribute:\"see_also\", value:\"http://cxsecurity.com/issue/WLB-2008110058\");\n script_set_attribute(attribute:\"see_also\", value:\"http://cxsecurity.com/issue/WLB-2008120011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2008/Jun/237\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2008/Jun/238\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openwall.com/lists/oss-security/2008/08/08/2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openwall.com/lists/oss-security/2008/08/13/8\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2008/Nov/674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2008/Dec/90\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=42862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=45151\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=45722\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/releases/5_2_7.php\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.2.7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.2.8 or later.\n\nNote that version 5.2.7 has been removed from distribution because of\na regression in that version that results in the 'magic_quotes_gpc'\nsetting remaining off even if it was set to on.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 22, 119, 264);\n\n # CVE-2008-2665\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"audit.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\nif (version =~ \"^5\\.[01]\\.\" ||\n version =~ \"^5\\.2\\.[0-6]($|[^0-9])\"\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version+\n '\\n Fixed version : 5.2.7\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-04-06T11:40:25", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2018-04-06T00:00:00", "published": "2009-05-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064001", "id": "OPENVAS:136141256231064001", "type": "openvas", "title": "FreeBSD Ports: php4-dba", "sourceData": "#\n#VID 1e8031be-4258-11de-b67a-0030843d3802\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 1e8031be-4258-11de-b67a-0030843d3802\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n php4-dba\n php5-dba\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.securityfocus.com/archive/1/498746/30/0/threaded\nhttp://securityreason.com/achievement_securityalert/58\nhttp://www.vuxml.org/freebsd/1e8031be-4258-11de-b67a-0030843d3802.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64001\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2008-7068\");\n script_name(\"FreeBSD Ports: php4-dba\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"php4-dba\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.4.9_1\")<0) {\n txt += 'Package php4-dba version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"php5-dba\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.2.7\")<0) {\n txt += 'Package php5-dba version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:17", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-12-23T00:00:00", "published": "2009-05-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64001", "id": "OPENVAS:64001", "title": "FreeBSD Ports: php4-dba", "type": "openvas", "sourceData": "#\n#VID 1e8031be-4258-11de-b67a-0030843d3802\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 1e8031be-4258-11de-b67a-0030843d3802\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n php4-dba\n php5-dba\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.securityfocus.com/archive/1/498746/30/0/threaded\nhttp://securityreason.com/achievement_securityalert/58\nhttp://www.vuxml.org/freebsd/1e8031be-4258-11de-b67a-0030843d3802.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(64001);\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_version(\"$Revision: 4847 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-23 10:33:16 +0100 (Fri, 23 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-20 00:17:15 +0200 (Wed, 20 May 2009)\");\n script_cve_id(\"CVE-2008-7068\");\n script_name(\"FreeBSD Ports: php4-dba\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"php4-dba\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.4.9_1\")<0) {\n txt += 'Package php4-dba version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"php5-dba\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.2.7\")<0) {\n txt += 'Package php5-dba version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:35", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php\nannounced via advisory MDVSA-2009:247.", "modified": "2017-07-06T00:00:00", "published": "2009-09-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64959", "id": "OPENVAS:64959", "title": "Mandrake Security Advisory MDVSA-2009:247 (php)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_247.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:247 (php)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities was discovered and corrected in php:\n\nThe dba_replace function in PHP 5.2.6 and 4.x allows context-dependent\nattackers to cause a denial of service (file truncation) via a key with\nthe NULL byte. NOTE: this might only be a vulnerability in limited\ncircumstances in which the attacker can modify or add database entries\nbut does not have permissions to truncate the file (CVE-2008-7068).\n\nThe php_openssl_apply_verification_policy function in PHP before\n5.2.11 does not properly perform certificate validation, which has\nunknown impact and attack vectors, probably related to an ability to\nspoof certificates (CVE-2009-3291).\n\nUnspecified vulnerability in PHP before 5.2.11 has unknown impact\nand attack vectors related to missing sanity checks around exif\nprocessing. (CVE-2009-3292)\n\nUnspecified vulnerability in the imagecolortransparent function in\nPHP before 5.2.11 has unknown impact and attack vectors related to an\nincorrect sanity check for the color index. (CVE-2009-3293). However\nin Mandriva we don't use the bundled libgd source in php per default,\nthere is a unsupported package in contrib named php-gd-bundled that\neventually will get updated to pickup these fixes.\n\nThis update provides a solution to these vulnerabilities.\n\nAffected: 2008.1, 2009.0, Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:247\";\ntag_summary = \"The remote host is missing an update to php\nannounced via advisory MDVSA-2009:247.\";\n\n \n\nif(description)\n{\n script_id(64959);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-28 19:09:13 +0200 (Mon, 28 Sep 2009)\");\n script_cve_id(\"CVE-2008-7068\", \"CVE-2009-3291\", \"CVE-2009-3292\", \"CVE-2009-3293\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:247 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sybase\", rpm:\"php-sybase~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sybase\", rpm:\"php-sybase~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:44", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php\nannounced via advisory MDVSA-2009:247.", "modified": "2018-04-06T00:00:00", "published": "2009-09-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064959", "id": "OPENVAS:136141256231064959", "title": "Mandrake Security Advisory MDVSA-2009:247 (php)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_247.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:247 (php)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities was discovered and corrected in php:\n\nThe dba_replace function in PHP 5.2.6 and 4.x allows context-dependent\nattackers to cause a denial of service (file truncation) via a key with\nthe NULL byte. NOTE: this might only be a vulnerability in limited\ncircumstances in which the attacker can modify or add database entries\nbut does not have permissions to truncate the file (CVE-2008-7068).\n\nThe php_openssl_apply_verification_policy function in PHP before\n5.2.11 does not properly perform certificate validation, which has\nunknown impact and attack vectors, probably related to an ability to\nspoof certificates (CVE-2009-3291).\n\nUnspecified vulnerability in PHP before 5.2.11 has unknown impact\nand attack vectors related to missing sanity checks around exif\nprocessing. (CVE-2009-3292)\n\nUnspecified vulnerability in the imagecolortransparent function in\nPHP before 5.2.11 has unknown impact and attack vectors related to an\nincorrect sanity check for the color index. (CVE-2009-3293). However\nin Mandriva we don't use the bundled libgd source in php per default,\nthere is a unsupported package in contrib named php-gd-bundled that\neventually will get updated to pickup these fixes.\n\nThis update provides a solution to these vulnerabilities.\n\nAffected: 2008.1, 2009.0, Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:247\";\ntag_summary = \"The remote host is missing an update to php\nannounced via advisory MDVSA-2009:247.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64959\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-28 19:09:13 +0200 (Mon, 28 Sep 2009)\");\n script_cve_id(\"CVE-2008-7068\", \"CVE-2009-3291\", \"CVE-2009-3292\", \"CVE-2009-3293\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:247 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.5~14.7mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sybase\", rpm:\"php-sybase~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.6~18.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sybase\", rpm:\"php-sybase~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.6~18.8mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:50", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php\nannounced via advisory MDVSA-2009:246.", "modified": "2018-04-06T00:00:00", "published": "2009-09-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064958", "id": "OPENVAS:136141256231064958", "title": "Mandrake Security Advisory MDVSA-2009:246 (php)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_246.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:246 (php)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities was discovered and corrected in php:\n\nThe dba_replace function in PHP 5.2.6 and 4.x allows context-dependent\nattackers to cause a denial of service (file truncation) via a key with\nthe NULL byte. NOTE: this might only be a vulnerability in limited\ncircumstances in which the attacker can modify or add database entries\nbut does not have permissions to truncate the file (CVE-2008-7068).\n\nThe php_openssl_apply_verification_policy function in PHP before\n5.2.11 does not properly perform certificate validation, which has\nunknown impact and attack vectors, probably related to an ability to\nspoof certificates (CVE-2009-3291).\n\nUnspecified vulnerability in PHP before 5.2.11 has unknown impact\nand attack vectors related to missing sanity checks around exif\nprocessing. (CVE-2009-3292)\n\nUnspecified vulnerability in the imagecolortransparent function in\nPHP before 5.2.11 has unknown impact and attack vectors related to\nan incorrect sanity check for the color index. (CVE-2009-3293)\n\nThis update provides a solution to these vulnerabilities.\n\nAffected: Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:246\";\ntag_summary = \"The remote host is missing an update to php\nannounced via advisory MDVSA-2009:246.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64958\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-28 19:09:13 +0200 (Mon, 28 Sep 2009)\");\n script_cve_id(\"CVE-2008-7068\", \"CVE-2009-3291\", \"CVE-2009-3292\", \"CVE-2009-3293\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:246 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libphp_common432\", rpm:\"libphp_common432~4.3.4~4.30.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php432-devel\", rpm:\"php432-devel~4.3.4~4.30.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~4.3.4~4.30.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~4.3.4~4.30.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba_bundle\", rpm:\"php-dba_bundle~4.3.4~1.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.4~1.8.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php_common432\", rpm:\"lib64php_common432~4.3.4~4.30.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp4_common4\", rpm:\"libphp4_common4~4.4.4~1.12.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.1.6~1.14.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php4-cgi\", rpm:\"php4-cgi~4.4.4~1.12.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php4-cli\", rpm:\"php4-cli~4.4.4~1.12.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php4-dba_bundle\", rpm:\"php4-dba_bundle~4.4.4~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php4-devel\", rpm:\"php4-devel~4.4.4~1.12.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php4-exif\", rpm:\"php4-exif~4.4.4~1.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.1.6~1.14.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~1.14.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~1.14.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.1.6~1.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.1.6~1.14.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php4_common4\", rpm:\"lib64php4_common4~4.4.4~1.12.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.1.6~1.14.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp_common432\", rpm:\"libphp_common432~4.3.4~4.30.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php432-devel\", rpm:\"php432-devel~4.3.4~4.30.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~4.3.4~4.30.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~4.3.4~4.30.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.4~1.8.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:57", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php\nannounced via advisory MDVSA-2009:246.", "modified": "2017-07-07T00:00:00", "published": "2009-09-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64958", "id": "OPENVAS:64958", "title": "Mandrake Security Advisory MDVSA-2009:246 (php)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_246.nasl 6587 2017-07-07 06:35:35Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:246 (php)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities was discovered and corrected in php:\n\nThe dba_replace function in PHP 5.2.6 and 4.x allows context-dependent\nattackers to cause a denial of service (file truncation) via a key with\nthe NULL byte. NOTE: this might only be a vulnerability in limited\ncircumstances in which the attacker can modify or add database entries\nbut does not have permissions to truncate the file (CVE-2008-7068).\n\nThe php_openssl_apply_verification_policy function in PHP before\n5.2.11 does not properly perform certificate validation, which has\nunknown impact and attack vectors, probably related to an ability to\nspoof certificates (CVE-2009-3291).\n\nUnspecified vulnerability in PHP before 5.2.11 has unknown impact\nand attack vectors related to missing sanity checks around exif\nprocessing. (CVE-2009-3292)\n\nUnspecified vulnerability in the imagecolortransparent function in\nPHP before 5.2.11 has unknown impact and attack vectors related to\nan incorrect sanity check for the color index. (CVE-2009-3293)\n\nThis update provides a solution to these vulnerabilities.\n\nAffected: Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:246\";\ntag_summary = \"The remote host is missing an update to php\nannounced via advisory MDVSA-2009:246.\";\n\n \n\nif(description)\n{\n script_id(64958);\n script_version(\"$Revision: 6587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 08:35:35 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-28 19:09:13 +0200 (Mon, 28 Sep 2009)\");\n script_cve_id(\"CVE-2008-7068\", \"CVE-2009-3291\", \"CVE-2009-3292\", \"CVE-2009-3293\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:246 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libphp_common432\", rpm:\"libphp_common432~4.3.4~4.30.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php432-devel\", rpm:\"php432-devel~4.3.4~4.30.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~4.3.4~4.30.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~4.3.4~4.30.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba_bundle\", rpm:\"php-dba_bundle~4.3.4~1.1.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.4~1.8.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php_common432\", rpm:\"lib64php_common432~4.3.4~4.30.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp4_common4\", rpm:\"libphp4_common4~4.4.4~1.12.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.1.6~1.14.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php4-cgi\", rpm:\"php4-cgi~4.4.4~1.12.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php4-cli\", rpm:\"php4-cli~4.4.4~1.12.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php4-dba_bundle\", rpm:\"php4-dba_bundle~4.4.4~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php4-devel\", rpm:\"php4-devel~4.4.4~1.12.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php4-exif\", rpm:\"php4-exif~4.4.4~1.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.1.6~1.14.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~1.14.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~1.14.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.1.6~1.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.1.6~1.14.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php4_common4\", rpm:\"lib64php4_common4~4.4.4~1.12.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.1.6~1.14.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libphp_common432\", rpm:\"libphp_common432~4.3.4~4.30.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php432-devel\", rpm:\"php432-devel~4.3.4~4.30.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~4.3.4~4.30.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~4.3.4~4.30.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.4~1.8.C30mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:29:58", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php5\nannounced via advisory USN-862-1.", "modified": "2017-12-01T00:00:00", "published": "2009-12-03T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66338", "id": "OPENVAS:66338", "title": "Ubuntu USN-862-1 (php5)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_862_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_862_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-862-1 (php5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n libapache2-mod-php5 5.1.2-1ubuntu3.17\n php5-cgi 5.1.2-1ubuntu3.17\n php5-cli 5.1.2-1ubuntu3.17\n\nUbuntu 8.04 LTS:\n libapache2-mod-php5 5.2.4-2ubuntu5.9\n php5-cgi 5.2.4-2ubuntu5.9\n php5-cli 5.2.4-2ubuntu5.9\n\nUbuntu 8.10:\n libapache2-mod-php5 5.2.6-2ubuntu4.5\n php5-cgi 5.2.6-2ubuntu4.5\n php5-cli 5.2.6-2ubuntu4.5\n\nUbuntu 9.04:\n libapache2-mod-php5 5.2.6.dfsg.1-3ubuntu4.4\n php5-cgi 5.2.6.dfsg.1-3ubuntu4.4\n php5-cli 5.2.6.dfsg.1-3ubuntu4.4\n\nUbuntu 9.10:\n libapache2-mod-php5 5.2.10.dfsg.1-2ubuntu6.3\n php5-cgi 5.2.10.dfsg.1-2ubuntu6.3\n php5-cli 5.2.10.dfsg.1-2ubuntu6.3\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-862-1\";\n\ntag_insight = \"Maksymilian Arciemowicz discovered that PHP did not properly validate\narguments to the dba_replace function. If a script passed untrusted input\nto the dba_replace function, an attacker could truncate the database. This\nissue only applied to Ubuntu 6.06 LTS, 8.04 LTS, and 8.10. (CVE-2008-7068)\n\nIt was discovered that PHP's php_openssl_apply_verification_policy\nfunction did not correctly handle SSL certificates with zero bytes in the\nCommon Name. A remote attacker could exploit this to perform a man in the\nmiddle attack. (CVE-2009-3291)\n\nIt was discovered that PHP did not properly handle certain malformed images\nwhen being parsed by the Exif module. A remote attacker could exploit this\nflaw and cause the PHP server to crash, resulting in a denial of service.\n(CVE-2009-3292)\n\nGrzegorz Stachowiak discovered that PHP did not properly enforce\nrestrictions in the tempnam function. An attacker could exploit this issue\nto bypass safe_mode restrictions. (CVE-2009-3557)\n\nGrzegorz Stachowiak discovered that PHP did not properly enforce\nrestrictions in the posix_mkfifo function. An attacker could exploit this\nissue to bypass open_basedir restrictions. (CVE-2009-3558)\n\nBogdan Calin discovered that PHP did not limit the number of temporary\nfiles created when handling multipart/form-data POST requests. A remote\nattacker could exploit this flaw and cause the PHP server to consume all\navailable resources, resulting in a denial of service. (CVE-2009-4017)\n\nATTENTION: This update changes previous PHP behaviour by limiting the\nnumber of files in a POST request to 50. This may be increased by adding a\nmax_file_uploads directive to php.ini.\n\nIt was discovered that PHP did not properly enforce restrictions in the\nproc_open function. An attacker could exploit this issue to bypass\nsafe_mode_protected_env_vars restrictions and possibly execute arbitrary\ncode with application privileges. (CVE-2009-4018)\";\ntag_summary = \"The remote host is missing an update to php5\nannounced via advisory USN-862-1.\";\n\n \n\n\nif(description)\n{\n script_id(66338);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-03 22:10:42 +0100 (Thu, 03 Dec 2009)\");\n script_cve_id(\"CVE-2008-7068\", \"CVE-2009-3291\", \"CVE-2009-3292\", \"CVE-2009-3557\", \"CVE-2009-3558\", \"CVE-2009-4017\", \"CVE-2009-4018\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu USN-862-1 (php5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-862-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqli\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.1.2-1ubuntu3.17\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.4-2ubuntu5.9\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6-2ubuntu4.5\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6.dfsg.1-3ubuntu4.4\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.10.dfsg.1-2ubuntu6.3\", rls:\"UBUNTU9.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:15", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php\nannounced via advisory MDVSA-2009:324.", "modified": "2017-07-06T00:00:00", "published": "2009-12-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66420", "id": "OPENVAS:66420", "title": "Mandriva Security Advisory MDVSA-2009:324 (php)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_324.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:324 (php)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed with this update, please\nvisit the referenced security advisories.\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nThis update provides a solution to these vulnerabilities.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:324\";\ntag_summary = \"The remote host is missing an update to php\nannounced via advisory MDVSA-2009:324.\";\n\n \n\nif(description)\n{\n script_id(66420);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2008-7068\", \"CVE-2009-1271\", \"CVE-2009-2687\", \"CVE-2009-3291\", \"CVE-2009-3292\", \"CVE-2009-3293\", \"CVE-2009-3546\", \"CVE-2009-3557\", \"CVE-2009-3558\", \"CVE-2009-4017\", \"CVE-2009-4018\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:324 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.2.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-simplexml\", rpm:\"php-simplexml~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.22~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:50", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php\nannounced via advisory MDVSA-2009:324.", "modified": "2018-04-06T00:00:00", "published": "2009-12-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066420", "id": "OPENVAS:136141256231066420", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:324 (php)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_324.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:324 (php)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed with this update, please\nvisit the referenced security advisories.\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nThis update provides a solution to these vulnerabilities.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:324\";\ntag_summary = \"The remote host is missing an update to php\nannounced via advisory MDVSA-2009:324.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66420\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2008-7068\", \"CVE-2009-1271\", \"CVE-2009-2687\", \"CVE-2009-3291\", \"CVE-2009-3292\", \"CVE-2009-3293\", \"CVE-2009-3546\", \"CVE-2009-3557\", \"CVE-2009-3558\", \"CVE-2009-4017\", \"CVE-2009-4018\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:324 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.2.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-simplexml\", rpm:\"php-simplexml~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.22~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.4~3.6mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:26", "bulletinFamily": "unix", "description": "\nsecurityfocus research reports:\n\nA bug that leads to the emptying of the INI file contents if\n\t the database key was not found exists in PHP dba extension in\n\t versions 5.2.6, 4.4.9 and earlier.\nFunction dba_replace() are not filtering strings key and value.\n\t There is a possibility for the destruction of the file.\n\n", "modified": "2013-06-16T00:00:00", "published": "2008-11-28T00:00:00", "id": "1E8031BE-4258-11DE-B67A-0030843D3802", "href": "https://vuxml.freebsd.org/freebsd/1e8031be-4258-11de-b67a-0030843d3802.html", "title": "php -- ini database truncation inside dba_replace() function", "type": "freebsd", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:31", "bulletinFamily": "software", "description": "It's possible to destroy ini-file content.", "modified": "2008-12-01T00:00:00", "published": "2008-12-01T00:00:00", "id": "SECURITYVULNS:VULN:9469", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9469", "title": "PHP dba_replace() DoS", "type": "securityvulns", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:06", "bulletinFamily": "unix", "description": "Maksymilian Arciemowicz discovered that PHP did not properly validate arguments to the dba_replace function. If a script passed untrusted input to the dba_replace function, an attacker could truncate the database. This issue only applied to Ubuntu 6.06 LTS, 8.04 LTS, and 8.10. (CVE-2008-7068)\n\nIt was discovered that PHP\u2019s php_openssl_apply_verification_policy function did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (CVE-2009-3291)\n\nIt was discovered that PHP did not properly handle certain malformed images when being parsed by the Exif module. A remote attacker could exploit this flaw and cause the PHP server to crash, resulting in a denial of service. (CVE-2009-3292)\n\nGrzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the tempnam function. An attacker could exploit this issue to bypass safe_mode restrictions. (CVE-2009-3557)\n\nGrzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the posix_mkfifo function. An attacker could exploit this issue to bypass open_basedir restrictions. (CVE-2009-3558)\n\nBogdan Calin discovered that PHP did not limit the number of temporary files created when handling multipart/form-data POST requests. A remote attacker could exploit this flaw and cause the PHP server to consume all available resources, resulting in a denial of service. (CVE-2009-4017)\n\nATTENTION: This update changes previous PHP behaviour by limiting the number of files in a POST request to 50. This may be increased by adding a \u201cmax_file_uploads\u201d directive to the php.ini configuration file.\n\nIt was discovered that PHP did not properly enforce restrictions in the proc_open function. An attacker could exploit this issue to bypass safe_mode_protected_env_vars restrictions and possibly execute arbitrary code with application privileges. (CVE-2009-4018)", "modified": "2009-11-26T00:00:00", "published": "2009-11-26T00:00:00", "id": "USN-862-1", "href": "https://usn.ubuntu.com/862-1/", "title": "PHP vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}