Lucene search
Copyright (c) 2012 Greenbone Networks GmbHOPENVAS:870542HistoryFeb 03, 2012 - 12:00 a.m.
RedHat Update for php RHSA-2012:0093-01
2012-02-0300:00:00
Copyright (c) 2012 Greenbone Networks GmbH
plugins.openvas.org
31
0.894 High
EPSS
Percentile
98.5%
Check for the Version of php
###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for php RHSA-2012:0093-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server.
It was discovered that the fix for CVE-2011-4885 (released via
RHSA-2012:0071, RHSA-2012:0033, and RHSA-2012:0019 for php packages in Red
Hat Enterprise Linux 4, 5, and 6 respectively) introduced an uninitialized
memory use flaw. A remote attacker could send a specially-crafted HTTP
request to cause the PHP interpreter to crash or, possibly, execute
arbitrary code. (CVE-2012-0830)
All php users should upgrade to these updated packages, which contain a
backported patch to resolve this issue. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.";
tag_affected = "php on Red Hat Enterprise Linux (v. 5 server),
Red Hat Enterprise Linux AS version 4,
Red Hat Enterprise Linux ES version 4,
Red Hat Enterprise Linux WS version 4";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "https://www.redhat.com/archives/rhsa-announce/2012-February/msg00016.html");
script_id(870542);
script_version("$Revision: 8273 $");
script_tag(name:"last_modification", value:"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $");
script_tag(name:"creation_date", value:"2012-02-03 11:24:43 +0530 (Fri, 03 Feb 2012)");
script_cve_id("CVE-2012-0830", "CVE-2011-4885");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_xref(name: "RHSA", value: "2012:0093-01");
script_name("RedHat Update for php RHSA-2012:0093-01");
script_tag(name: "summary" , value: "Check for the Version of php");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2012 Greenbone Networks GmbH");
script_family("Red Hat Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "RHENT_5")
{
if ((res = isrpmvuln(pkg:"php", rpm:"php~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-bcmath", rpm:"php-bcmath~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-cli", rpm:"php-cli~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-common", rpm:"php-common~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-dba", rpm:"php-dba~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-debuginfo", rpm:"php-debuginfo~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-devel", rpm:"php-devel~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-gd", rpm:"php-gd~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-imap", rpm:"php-imap~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-ncurses", rpm:"php-ncurses~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-pdo", rpm:"php-pdo~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-soap", rpm:"php-soap~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-xml", rpm:"php-xml~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~5.1.6~27.el5_7.5", rls:"RHENT_5")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "RHENT_4")
{
if ((res = isrpmvuln(pkg:"php", rpm:"php~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-debuginfo", rpm:"php-debuginfo~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-devel", rpm:"php-devel~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-domxml", rpm:"php-domxml~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-gd", rpm:"php-gd~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-imap", rpm:"php-imap~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-ldap", rpm:"php-ldap~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mbstring", rpm:"php-mbstring~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-mysql", rpm:"php-mysql~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-ncurses", rpm:"php-ncurses~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-odbc", rpm:"php-odbc~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-pear", rpm:"php-pear~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-pgsql", rpm:"php-pgsql~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-snmp", rpm:"php-snmp~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"php-xmlrpc", rpm:"php-xmlrpc~4.3.9~3.36", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Related
nessus
nessus
CentOS 5 : php53 (CESA-2012:0092)
2012-02-03 00:00:00
RHEL 4 / 5 / 6 : php (RHSA-2012:0093)
2012-02-03 00:00:00
PHP 5.3.9 'php_register_variable_ex()' Code Execution (banner check)
2012-02-03 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: php-eaccelerator-0.9.6.1-9.fc16.2
2012-02-08 22:56:30
[SECURITY] Fedora 15 Update: maniadrive-1.2-32.fc15.2
2012-02-14 09:05:18
[SECURITY] Fedora 16 Update: php-5.3.10-1.fc16
2012-02-08 22:56:30
openvas
openvas
CentOS Update for php CESA-2012:0093 centos6
2012-07-30 00:00:00
RedHat Update for php53 RHSA-2012:0092-01
2012-02-03 00:00:00
CentOS Update for php CESA-2012:0093 centos4
2012-07-30 00:00:00
amazon
amazon
Critical: php
2012-02-02 16:10:00
Medium: php
2012-01-19 20:10:00
cve
cve
CVE-2012-0830
2012-02-06 20:55:00
CVE-2011-4885
2011-12-30 01:55:00
ubuntucve
ubuntucve
CVE-2012-0830
2012-02-06 00:00:00
CVE-2011-4885
2011-12-29 00:00:00
redhat
redhat
(RHSA-2012:0093) Critical: php security update
2012-02-02 00:00:00
(RHSA-2012:0092) Critical: php53 security update
2012-02-02 00:00:00
(RHSA-2012:0019) Moderate: php53 and php security update
2012-01-11 00:00:00
prion
prion
Design/Logic Flaw
2012-02-06 20:55:00
Code injection
2011-12-30 01:55:00
seebug
seebug
PHP "php_register_variable_ex()"函数任意代码执行漏洞(CVE-2012-0830)
2012-02-03 00:00:00
PHP Hashtables Denial of Service
2014-07-01 00:00:00
PHP Web表单哈希冲突拒绝服务漏洞
2012-01-01 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2020-04-10 01:10:12
Denial Of Service (DoS)
2020-04-10 01:06:05
centos
centos
php security update
2012-02-03 01:41:17
php53 security update
2012-02-03 01:43:26
php, php53 security update
2012-01-11 19:19:36
securityvulns
securityvulns
PHP security vulnerabilities
2012-02-08 00:00:00
[ MDVSA-2012:065 ] php
2012-05-01 00:00:00
packetstorm
packetstorm
PHP 5.3.x Hash Collision Proof Of Concept Code
2012-01-02 00:00:00
PHP 5.3.x Hashtables Proof Of Concept
2012-01-01 00:00:00
checkpoint_advisories
checkpoint_advisories
PHP5 Hash Collision Denial Of Service - Ver2 (CVE-2011-4885)
2014-03-03 00:00:00
PHP php_register_variable_ex Function Code Execution (CVE-2012-0830)
2012-05-14 00:00:00
f5
f5
K13588 : PHP vulnerability CVE-2011-4885
2013-09-11 00:00:00
SOL13588 - PHP vulnerability CVE-2011-4885
2012-05-17 00:00:00
K13519 : Multiple PHP vulnerabilities
2013-09-20 00:00:00
exploitpack
exploitpack
PHP 5.3.8 - Hashtables Denial of Service
2012-01-01 00:00:00
PHP Hash Table Collision - Denial of Service (PoC)
2012-01-03 00:00:00
slackware
slackware
[slackware-security] php
2012-02-10 17:44:15
oraclelinux
oraclelinux
php security update
2012-02-02 00:00:00
php53 security update
2012-02-02 00:00:00
php53 and php security update
2012-01-11 00:00:00
debian
debian
[SECURITY] [DSA 2403-1] php5 security update
2012-02-02 21:29:48
[SECURITY] [DSA 2403-2] php5 security update
2012-02-06 19:21:50
[SECURITY] [DSA 2399-2] php5 regression fix
2012-01-31 15:26:47
freebsd
freebsd
php -- arbitrary remote code execution vulnerability
2012-02-02 00:00:00
php -- multiple vulnerabilities
2011-12-29 00:00:00
exploitdb
exploitdb
PHP 5.3.8 - Hashtables Denial of Service
2012-01-01 00:00:00
PHP Hash Table Collision - Denial of Service (PoC)
2012-01-03 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2012-02-10 00:00:00
PHP regression
2012-02-13 00:00:00
suse
suse
Security update for PHP5 (important)
2012-03-24 03:08:28
update for php5 (important)
2012-03-29 15:08:14
Security update for PHP5 (important)
2012-04-12 23:08:15
cert
cert
Hash table implementations vulnerable to algorithmic complexity attacks
2011-12-28 00:00:00
osv
osv
php5 - several
2012-01-31 00:00:00