Lucene search
Copyright (C) 2009 Greenbone Networks GmbHOPENVAS:861128HistoryFeb 27, 2009 - 12:00 a.m.
Fedora Update for php FEDORA-2007-2215
2009-02-2700:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
18
0.332 Low
EPSS
Percentile
96.6%
Check for the Version of php
###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for php FEDORA-2007-2215
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.
The php package contains the module which adds support for the PHP
language to Apache HTTP Server.";
tag_affected = "php on Fedora 7";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html");
script_id(861128);
script_cve_id("CVE-2007-1887","CVE-2007-1900","CVE-2007-2756","CVE-2007-2872","CVE-2007-3007");
script_version("$Revision: 6623 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $");
script_tag(name:"creation_date", value:"2009-02-27 16:01:32 +0100 (Fri, 27 Feb 2009)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_xref(name: "FEDORA", value: "2007-2215");
script_name( "Fedora Update for php FEDORA-2007-2215");
script_summary("Check for the Version of php");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "FC7")
{
if ((res = isrpmvuln(pkg:"php", rpm:"php~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-xml", rpm:"php-xml~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-bcmath", rpm:"php-bcmath~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-pdo", rpm:"php-pdo~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-ncurses", rpm:"php-ncurses~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mcrypt", rpm:"php-mcrypt~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-debuginfo", rpm:"php-debuginfo~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-imap", rpm:"php-imap~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-tidy", rpm:"php-tidy~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php", rpm:"php~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mssql", rpm:"php-mssql~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-soap", rpm:"php-soap~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-dba", rpm:"php-dba~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mhash", rpm:"php-mhash~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-gd", rpm:"php-gd~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-common", rpm:"php-common~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mssql", rpm:"php-mssql~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mcrypt", rpm:"php-mcrypt~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-xml", rpm:"php-xml~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mhash", rpm:"php-mhash~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-common", rpm:"php-common~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-pdo", rpm:"php-pdo~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-bcmath", rpm:"php-bcmath~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-imap", rpm:"php-imap~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-debuginfo", rpm:"php-debuginfo~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-dba", rpm:"php-dba~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-ncurses", rpm:"php-ncurses~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php", rpm:"php~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-tidy", rpm:"php-tidy~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-gd", rpm:"php-gd~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-soap", rpm:"php-soap~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~5.2.4~1.fc7", rls:"FC7")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Related
nessus
nessus
PHP < 5.2.3 Multiple Vulnerabilities
2007-06-02 00:00:00
Fedora 7 : php-5.2.4-1.fc7 (2007-2215)
2007-11-06 00:00:00
Slackware 10.2 / 11.0 / current : php5 (SSA:2007-152-01)
2007-06-04 00:00:00
securityvulns
securityvulns
PHP multiple security vulnerabilities
2007-06-01 00:00:00
[OpenPKG-SA-2007.020] OpenPKG Security Advisory (php)
2007-06-01 00:00:00
PHP ext/filter protection bypass
2007-04-08 00:00:00
openvas
openvas
PHP Version < 5.2.3 Multiple Vulnerabilities
2012-06-21 00:00:00
Slackware Advisory SSA:2007-152-01 php5
2012-09-11 00:00:00
Slackware Advisory SSA:2007-152-01 php5
2012-09-11 00:00:00
slackware
slackware
[slackware-security] php5
2007-06-01 21:19:18
[slackware-security] libwmf
2018-05-01 01:19:49
prion
prion
Design/Logic Flaw
2007-06-04 17:30:00
Buffer overflow
2007-04-06 01:19:00
Integer overflow
2007-06-04 17:30:00
ubuntucve
ubuntucve
cve
cve
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:20:27
Denial Of Service (DoS)
2020-04-10 00:20:27
debiancve
debiancve
CVE-2007-2756
2007-05-18 18:30:00
suse
suse
remote denial of service in php4,php5
2007-07-12 16:26:43
remote code execution in php4, php5
2008-01-29 14:18:48
remote code execution in php4,php5
2007-05-23 13:16:49
redhat
redhat
(RHSA-2007:0890) Moderate: php security update
2007-09-20 00:00:00
(RHSA-2007:0891) Moderate: php security update
2007-10-25 00:00:00
(RHSA-2007:0889) Moderate: php security update
2007-09-26 00:00:00
centos
centos
php security update
2007-09-20 14:31:37
php security update
2007-09-26 09:03:28
php security update
2007-10-24 03:08:58
fedora
fedora
[SECURITY] Fedora Core 6 Update: php-5.1.6-3.7.fc6
2007-09-24 20:33:40
oraclelinux
oraclelinux
Moderate: php security update
2007-09-26 00:00:00
Moderate: php security update
2007-09-20 00:00:00
Moderate: gd security update
2008-02-28 00:00:00
ubuntu
ubuntu
libgd2 vulnerabilities
2007-06-12 00:00:00
PHP vulnerabilities
2007-04-27 00:00:00
PHP regression
2007-12-03 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2007-10-07 00:00:00
GD: Multiple vulnerabilities
2007-08-09 00:00:00
PHP: Multiple vulnerabilities
2007-05-26 00:00:00
osv
osv
libgd2 - multiple vulnerabilities
2008-07-22 00:00:00
php5
2007-04-29 00:00:00
debian
debian
[SECURITY] [DSA 1283-1] New php5 packages fix several vulnerabilities
2007-04-29 20:16:06
amazon
amazon
Important: libwmf
2015-10-27 13:51:00
freebsd
freebsd
libwmf -- multiple vulnerabilities
2004-10-12 00:00:00
php -- multiple vulnerabilities
2007-08-30 00:00:00
archlinux
archlinux
[ASA-201701-1] libwmf: multiple issues
2017-01-01 00:00:00
kitploit
kitploit
arch-audit - An utility like pkg-audit for Arch Linux
2016-10-15 14:30:00