Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2009 Greenbone Networks GmbHOPENVAS:840283
HistoryMar 23, 2009 - 12:00 a.m.

Ubuntu Update for php5 vulnerabilities USN-628-1

2009-03-2300:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
15

0.085 Low

EPSS

Percentile

93.8%

JSON

Ubuntu Update for Linux kernel vulnerabilities USN-628-1

###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_628_1.nasl 7969 2017-12-01 09:23:16Z santu $
#
# Ubuntu Update for php5 vulnerabilities USN-628-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "It was discovered that PHP did not properly check the length of the
  string parameter to the fnmatch function. An attacker could cause a
  denial of service in the PHP interpreter if a script passed untrusted
  input to the fnmatch function. (CVE-2007-4782)

  Maksymilian Arciemowicz discovered a flaw in the cURL library that
  allowed safe_mode and open_basedir restrictions to be bypassed. If a
  PHP application were tricked into processing a bad file:// request,
  an attacker could read arbitrary files. (CVE-2007-4850)
  
  Rasmus Lerdorf discovered that the htmlentities and htmlspecialchars
  functions did not correctly stop when handling partial multibyte
  sequences. A remote attacker could exploit this to read certain areas
  of memory, possibly gaining access to sensitive information. This
  issue affects Ubuntu 8.04 LTS, and an updated fix is included for
  Ubuntu 6.06 LTS, 7.04 and 7.10. (CVE-2007-5898)
  
  It was discovered that the output_add_rewrite_var function would
  sometimes leak session id information to forms targeting remote URLs.
  Malicious remote sites could use this information to gain access to a
  PHP application user's login credentials. This issue only affects
  Ubuntu 8.04 LTS. (CVE-2007-5899)
  
  It was discovered that PHP did not properly calculate the length of
  PATH_TRANSLATED. If a PHP application were tricked into processing
  a malicious URI, and attacker may be able to execute arbitrary code
  with application privileges. (CVE-2008-0599)
  
  An integer overflow was discovered in the php_sprintf_appendstring
  function. Attackers could exploit this to cause a denial of service.
  (CVE-2008-1384)
  
  Andrei Nigmatulin discovered stack-based overflows in the FastCGI SAPI
  of PHP. An attacker may be able to leverage this issue to perform
  attacks against PHP applications. (CVE-2008-2050)
  
  It was discovered that the escapeshellcmd did not properly process
  multibyte characters. An attacker may be able to bypass quoting
  restrictions and possibly execute arbitrary code with application
  privileges. (CVE-2008-2051)
  
  It was discovered that the GENERATE_SEED macro produced a predictable
  seed under certain circumstances. Attackers may by able to easily
  predict the results of the rand and mt_rand functions.
  (CVE-2008-2107, CVE-2008-2108)
  
  Tavis Ormandy discovered that the PCRE library did not correctly
  handle certain in-pattern options. An attacker could cause PHP
  applications using pcre to crash, leading to a denial of service.
  USN-624-1 fixed vulnerabilities in  ... 

  Description truncated, for more information please check the Reference URL";

tag_summary = "Ubuntu Update for Linux kernel vulnerabilities USN-628-1";
tag_affected = "php5 vulnerabilities on Ubuntu 6.06 LTS ,
  Ubuntu 7.04 ,
  Ubuntu 7.10 ,
  Ubuntu 8.04 LTS";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name: "URL" , value: "http://www.ubuntu.com/usn/usn-628-1/");
  script_id(840283);
  script_version("$Revision: 7969 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $");
  script_tag(name:"creation_date", value:"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_xref(name: "USN", value: "628-1");
  script_cve_id("CVE-2007-4782", "CVE-2007-4850", "CVE-2007-5898", "CVE-2007-5899", "CVE-2008-0599", "CVE-2008-1384", "CVE-2008-2050", "CVE-2008-2051", "CVE-2008-2107", "CVE-2008-2108", "CVE-2008-2371", "CVE-2008-2829");
  script_name( "Ubuntu Update for php5 vulnerabilities USN-628-1");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages");
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-deb.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "UBUNTU6.06 LTS")
{

  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cgi", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cli", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-common", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-curl", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-dev", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gd", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-ldap", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mhash", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mysql", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mysqli", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-odbc", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pgsql", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-recode", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-snmp", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sqlite", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sybase", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xsl", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php-pear", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5", ver:"5.1.2-1ubuntu3.12", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "UBUNTU7.04")
{

  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cgi", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cli", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-common", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-curl", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-dev", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gd", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-ldap", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mhash", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mysql", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-odbc", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pspell", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-recode", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-snmp", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sybase", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-tidy", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xsl", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php-pear", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5", ver:"5.2.1-0ubuntu1.6", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "UBUNTU8.04 LTS")
{

  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cgi", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cli", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-common", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-curl", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-dev", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gd", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gmp", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-ldap", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mhash", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mysql", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-odbc", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pspell", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-recode", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-snmp", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sybase", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-tidy", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xsl", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php-pear", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5", ver:"5.2.4-2ubuntu5.3", rls:"UBUNTU8.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "UBUNTU7.10")
{

  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cgi", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-cli", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-common", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-curl", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-dev", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-gd", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-ldap", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mhash", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-mysql", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-odbc", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pgsql", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-pspell", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-recode", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-snmp", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sqlite", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-sybase", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-tidy", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xmlrpc", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5-xsl", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php-pear", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"php5", ver:"5.2.3-1ubuntu6.4", rls:"UBUNTU7.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

Related

nessus 41
ubuntu 3
openvas 66
fedora 6
oraclelinux 2
redhat 5
centos 3
gentoo 2
osv 2
debian 2
cve 12
prion 12
ubuntucve 12
securityvulns 10
veracode 7
seebug 6
freebsd 2
cert 1
redhatcve 1
slackware 2
attackerkb 1
debiancve 1
nessus
nessus
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : php5 vulnerabilities (USN-628-1)
2008-07-24 00:00:00
Mandriva Linux Security Advisory : php (MDVSA-2008:127)
2009-04-23 00:00:00
Fedora 8 : php-5.2.6-2.fc8 (2008-3864)
2008-06-24 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2008-07-23 00:00:00
Erlang vulnerability
2010-04-09 00:00:00
PCRE vulnerability
2008-07-15 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-628-1)
2009-03-23 00:00:00
Mandriva Update for php MDVSA-2008:127 (php)
2009-04-09 00:00:00
Mandriva Update for php MDVSA-2008:127 (php)
2009-04-09 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: php-5.2.6-2.fc8
2008-06-20 19:08:56
[SECURITY] Fedora 9 Update: php-5.2.6-2.fc9
2008-07-26 06:03:23
[SECURITY] Fedora 9 Update: php-5.2.6-2.fc9
2008-06-20 19:09:41
oraclelinux
oraclelinux
php security update
2008-07-16 00:00:00
php security and bug fix update
2008-07-16 00:00:00
redhat
redhat
(RHSA-2008:0545) Moderate: php security and bug fix update
2008-07-16 00:00:00
(RHSA-2008:0544) Moderate: php security update
2008-07-16 00:00:00
(RHSA-2008:0582) Moderate: php security update
2008-07-22 00:00:00
centos
centos
php security update
2008-07-16 16:10:52
php security update
2008-07-16 16:15:51
php security update
2008-07-18 05:00:21
gentoo
gentoo
PHP: Multiple vulnerabilities
2008-11-16 00:00:00
PCRE: Buffer overflow
2008-07-07 00:00:00
osv
osv
php5 - several vulnerabilities
2008-05-11 00:00:00
pcre3 - arbitrary code execution
2008-07-05 00:00:00
debian
debian
[SECURITY] [DSA 1572-1] New php5 packages fix several vulnerabilities
2008-05-11 15:15:59
[SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution
2008-07-05 12:37:12
cve
cve
CVE-2008-4107
2008-09-18 17:59:00
CVE-2008-2050
2008-05-05 17:20:00
CVE-2008-2829
2008-06-23 20:41:00
prion
prion
Default credentials
2008-09-18 17:59:00
Stack overflow
2008-05-05 17:20:00
Design/Logic Flaw
2007-11-20 19:46:00
ubuntucve
ubuntucve
CVE-2008-4107
2008-09-18 00:00:00
CVE-2007-5899
2007-11-20 00:00:00
CVE-2008-2050
2008-05-05 00:00:00
securityvulns
securityvulns
PHP safe mode bypass vulneraebility
2009-04-12 00:00:00
{securityreason.com}PHP 5 *printf() - Integer Overflow
2008-03-22 00:00:00
PCRE library buffer overflow
2008-07-07 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:22:32
Cross-site Scripting (XSS)
2020-04-10 00:22:31
Denial Of Service (DoS)
2020-04-10 00:22:29
seebug
seebug
PHP 'rfc822_write_address()' 功能缓冲区溢出漏洞
2008-12-10 00:00:00
PHP 5 php_sprintf_appendstring()函数整数溢出漏洞
2008-03-25 00:00:00
PHP 5.2.6修复多个安全漏洞
2008-05-07 00:00:00
freebsd
freebsd
php -- multiple vulnerabilities
2008-12-04 00:00:00
php -- integer overflow vulnerability
2008-03-21 00:00:00
cert
cert
PHP path translation vulnerability
2008-05-06 00:00:00
redhatcve
redhatcve
CVE-2008-1384
2015-10-30 10:11:58
slackware
slackware
[slackware-security] pcre
2008-07-29 05:34:14
[slackware-security] php
2008-05-08 03:53:08
attackerkb
attackerkb
CVE-2008-0599
2008-05-05 00:00:00
debiancve
debiancve
CVE-2008-2371
2008-07-07 23:41:00

0.085 Low

EPSS

Percentile

93.8%

JSON
Related for OPENVAS:840283
nessus41ubuntu3openvas66fedora6oraclelinux2redhat5centos3gentoo2osv2debian2cve12prion12ubuntucve12securityvulns10veracode7seebug6freebsd2cert1redhatcve1slackware2attackerkb1debiancve1