Check for the Version of php53
###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for php53 RHSA-2011:0196-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server.
A flaw was found in the way PHP converted certain floating point values
from string representation to a number. If a PHP script evaluated an
attacker's input in a numeric context, the PHP interpreter could cause high
CPU usage until the script execution time limit is reached. This issue only
affected i386 systems. (CVE-2010-4645)
A stack memory exhaustion flaw was found in the way the PHP filter_var()
function validated email addresses. An attacker could use this flaw to
crash the PHP interpreter by providing excessively long input to be
validated as an email address. (CVE-2010-3710)
A memory disclosure flaw was found in the PHP multi-byte string extension.
If the mb_strcut() function was called with a length argument exceeding the
input string size, the function could disclose a portion of the PHP
interpreter's memory. (CVE-2010-4156)
All php53 users should upgrade to these updated packages, which contain
backported patches to resolve these issues. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.";
tag_affected = "php53 on Red Hat Enterprise Linux (v. 5 server)";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "https://www.redhat.com/archives/rhsa-announce/2011-February/msg00001.html");
script_id(870388);
script_version("$Revision: 6685 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $");
script_tag(name:"creation_date", value:"2011-02-04 14:19:53 +0100 (Fri, 04 Feb 2011)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_xref(name: "RHSA", value: "2011:0196-01");
script_cve_id("CVE-2010-3710", "CVE-2010-4156", "CVE-2010-4645");
script_name("RedHat Update for php53 RHSA-2011:0196-01");
script_summary("Check for the Version of php53");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
script_family("Red Hat Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "RHENT_5")
{
if ((res = isrpmvuln(pkg:"php53", rpm:"php53~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-bcmath", rpm:"php53-bcmath~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-cli", rpm:"php53-cli~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-common", rpm:"php53-common~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-dba", rpm:"php53-dba~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-debuginfo", rpm:"php53-debuginfo~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-devel", rpm:"php53-devel~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-gd", rpm:"php53-gd~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-imap", rpm:"php53-imap~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-intl", rpm:"php53-intl~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-ldap", rpm:"php53-ldap~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-mbstring", rpm:"php53-mbstring~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-mysql", rpm:"php53-mysql~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-odbc", rpm:"php53-odbc~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-pdo", rpm:"php53-pdo~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-pgsql", rpm:"php53-pgsql~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-process", rpm:"php53-process~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-pspell", rpm:"php53-pspell~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-snmp", rpm:"php53-snmp~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-soap", rpm:"php53-soap~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-xml", rpm:"php53-xml~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php53-xmlrpc", rpm:"php53-xmlrpc~5.3.3~1.el5_6.1", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}