Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (c) 2007 E-Soft Inc. http://www.securityspace.comOPENVAS:58452
HistoryJan 17, 2008 - 12:00 a.m.

Debian Security Advisory DSA 1331-1 (php4)

2008-01-1700:00:00
Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com
plugins.openvas.org
21

0.045 Low

EPSS

Percentile

91.6%

JSON

The remote host is missing an update to php4
announced via advisory DSA 1331-1.

# OpenVAS Vulnerability Test
# $Id: deb_1331_1.nasl 6616 2017-07-07 12:10:49Z cfischer $
# Description: Auto-generated from advisory DSA 1331-1
#
# Authors:
# Thomas Reinke <[email protected]>
#
# Copyright:
# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largerly excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

include("revisions-lib.inc");
tag_insight = "Several remote vulnerabilities have been discovered in PHP, a
server-side, HTML-embedded scripting language, which may lead to the
execution of arbitrary code. The Common Vulnerabilities and Exposures
project identifies the following problems:

CVE-2006-0207
Stefan Esser discovered HTTP response splitting vulnerabilities
in the session extension. This only affects Debian 3.1 (Sarge).

CVE-2006-4486
Stefan Esser discovered that an integer overflow in memory allocation
routines allows the bypass of memory limit restrictions. This only
affects Debian 3.1 (Sarge) on 64 bit architectures.

CVE-2007-1864
It was discovered that a buffer overflow in the xmlrpc extension
allows the execution of arbitrary code.

For the oldstable distribution (sarge) these problems have been fixed
in version 4.3.10-22.

For the stable distribution (etch) these problems have been fixed
in version 4.4.4-8+etch4.

The unstable distribution (sid) no longer contains php4.

We recommend that you upgrade your PHP packages. Sarge packages for";
tag_summary = "The remote host is missing an update to php4
announced via advisory DSA 1331-1.";

tag_solution = "https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201331-1";

if(description)
{
 script_id(58452);
 script_version("$Revision: 6616 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $");
 script_tag(name:"creation_date", value:"2008-01-17 23:19:52 +0100 (Thu, 17 Jan 2008)");
 script_cve_id("CVE-2006-4486", "CVE-2006-0207", "CVE-2007-1864");
 script_tag(name:"cvss_base", value:"7.5");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
 script_name("Debian Security Advisory DSA 1331-1 (php4)");



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com");
 script_family("Debian Local Security Checks");
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages");
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "insight" , value : tag_insight);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-deb.inc");

res = "";
report = "";
if ((res = isdpkgvuln(pkg:"php4-pear", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libapache-mod-php4", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libapache2-mod-php4", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-cgi", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-cli", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-common", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-curl", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-dev", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-domxml", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-gd", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-imap", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-ldap", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-mcal", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-mhash", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-mysql", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-odbc", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-recode", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-snmp", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-sybase", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-xslt", ver:"4.3.10-22", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-pear", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libapache-mod-php4", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libapache2-mod-php4", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-cgi", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-cli", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-common", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-curl", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-dev", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-domxml", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-gd", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-imap", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-ldap", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-mcal", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-mcrypt", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-mhash", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-mysql", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-odbc", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-pgsql", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-pspell", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-recode", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-snmp", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-sybase", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-xslt", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"php4-interbase", ver:"4.4.4-8+etch4", rls:"DEB4.0")) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

Related

openvas 25
nessus 32
debian 2
osv 2
securityvulns 1
ubuntucve 4
cve 4
prion 3
veracode 1
oraclelinux 4
centos 4
redhat 6
ubuntu 3
gentoo 2
fedora 2
freebsd 1
suse 2
f5 3
openvas
openvas
Debian: Security Advisory (DSA-1331-1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200603-22 (php)
2008-09-24 00:00:00
Debian Security Advisory DSA 1330-1 (php5)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-1331-1 : php4 - several vulnerabilities
2007-07-10 00:00:00
Ubuntu 4.10 / 5.04 / 5.10 : php4, php5 vulnerabilities (USN-261-1)
2006-03-13 00:00:00
RHEL 4 : php (RHSA-2007:0349)
2007-05-10 00:00:00
debian
debian
[SECURITY] [DSA 1331-1] New php4 packages fix arbitrary code execution
2007-07-07 15:00:42
[SECURITY] [DSA 1330-1] New php5 packages fix arbitrary code execution
2007-07-07 14:24:03
osv
osv
php4 - several vulnerabilities
2007-07-07 00:00:00
php5 - several vulnerabilities
2007-07-07 00:00:00
securityvulns
securityvulns
PHP libxmlrpc buffer overflow
2007-05-12 00:00:00
ubuntucve
ubuntucve
CVE-2006-4486
2006-08-31 00:00:00
CVE-2006-0207
2006-01-13 00:00:00
CVE-2007-1864
2007-05-09 00:00:00
cve
cve
CVE-2006-4486
2006-08-31 21:04:00
CVE-2007-1864
2007-05-09 00:19:00
CVE-2006-0207
2006-01-13 23:03:00
prion
prion
Design/Logic Flaw
2006-01-13 23:03:00
Buffer overflow
2007-05-09 00:19:00
Sql injection
2007-07-16 22:30:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:17:46
oraclelinux
oraclelinux
Important: php security update
2007-05-09 00:00:00
Important php security update
2006-11-30 00:00:00
Important php security update
2006-11-30 00:00:00
centos
centos
php security update
2007-05-09 15:32:48
php security update
2007-05-10 14:34:11
php security update
2006-09-25 01:32:16
redhat
redhat
(RHSA-2007:0349) Important: php security update
2007-05-09 00:00:00
(RHSA-2007:0348) Important: php security update
2007-05-08 00:00:00
(RHSA-2007:0355) Important: php security update
2007-05-10 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2007-07-17 00:00:00
PHP vulnerabilities
2006-03-10 00:00:00
PHP vulnerabilities
2006-10-11 00:00:00
gentoo
gentoo
PHP: Format string and XSS vulnerabilities
2006-03-22 00:00:00
PHP: Multiple vulnerabilities
2007-05-26 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: php-5.1.6-3.6.fc6
2007-05-14 17:11:53
[SECURITY] Fedora Core 5 Update: php-5.1.6-1.6
2007-05-24 05:24:12
freebsd
freebsd
php -- multiple vulnerabilities
2006-08-18 00:00:00
suse
suse
remote code execution in php4,php5
2006-09-21 10:05:51
remote denial of service in php4,php5
2007-07-12 16:26:43
f5
f5
SOL7859 - Multiple PHP vulnerabilities
2007-09-16 00:00:00
K13519 : Multiple PHP vulnerabilities
2013-09-20 00:00:00
SOL13519 - Multiple PHP vulnerabilities
2012-04-04 00:00:00

0.045 Low

EPSS

Percentile

91.6%

JSON
Related for OPENVAS:58452
openvas25nessus32debian2osv2securityvulns1ubuntucve4cve4prion3veracode1oraclelinux4centos4redhat6ubuntu3gentoo2fedora2freebsd1suse2f53