DATABASE RESOURCES PRICING ABOUT US

{"id": "SECURITYVULNS:DOC:28070", "vendorId": null, "type": "securityvulns", "bulletinFamily": "software", "title": "[ MDVSA-2012:071 ] php", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2012:071\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : php\r\n Date : May 10, 2012\r\n Affected: Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n This is a bugfix and security advisory that upgrades php to the\r\n latest 5.3.13 version for Mandriva Linux Enterprise 5.2 which resolves\r\n numerous upstream bugs in php. Please refer to the following Mandriva\r\n advisories for further information:\r\n MDVA-2012:004, MDVSA-2011:165, MDVSA-2011:166, MDVSA-2011:180,\r\n MDVSA-2011:197, MDVSA-2012:065, MDVSA-2012:068, MDVSA-2012:068-1.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1657\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2202\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3182\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3267\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3268\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3379\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4566\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4885\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0788\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0807\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0831\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1172\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1823\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1823\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2335\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2336\r\n http://www.mandriva.com/security/advisories?name=MDVA-2012:004\r\n http://www.mandriva.com/security/advisories?name=MDVSA-2011:165\r\n http://www.mandriva.com/security/advisories?name=MDVSA-2011:166\r\n http://www.mandriva.com/security/advisories?name=MDVSA-2011:180\r\n http://www.mandriva.com/security/advisories?name=MDVSA-2011:197\r\n http://www.mandriva.com/security/advisories?name=MDVSA-2012:065\r\n http://www.mandriva.com/security/advisories?name=MDVSA-2012:068\r\n http://www.mandriva.com/security/advisories?name=MDVSA-2012:068-1\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n 7361d218b400b6601eef5465f0c132f1 mes5/i586/apache-mod_php-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 23194f266a0a18c9d49fa7760f6d75f7 mes5/i586/lemon-3.7.4-0.1mdvmes5.2.i586.rpm\r\n ee51be362aff5c90c587650c52e5d874 mes5/i586/libmbfl1-1.1.0-0.1mdvmes5.2.i586.rpm\r\n 0cd89098cc20b5ce8acb14d6f6ddc748 mes5/i586/libmbfl-devel-1.1.0-0.1mdvmes5.2.i586.rpm\r\n dedab7019ea9edfeb929fa521191fe09 mes5/i586/libming1-0.4.4-0.1mdvmes5.2.i586.rpm\r\n 881df3313a40b7113d0b2c4d39349c4a mes5/i586/libming-devel-0.4.4-0.1mdvmes5.2.i586.rpm\r\n a09e59b16f2c4fe4a583b65689f0f308 mes5/i586/libmonetra7-7.0.4-0.1mdvmes5.2.i586.rpm\r\n 1cdd454b9561c94253a4d885a1f34370 mes5/i586/libmonetra-devel-7.0.4-0.1mdvmes5.2.i586.rpm\r\n 90dcdd87fb687327fd687e490be5fc7b mes5/i586/libphp5_common5-5.3.13-0.1mdvmes5.2.i586.rpm\r\n cc8e259df098747e849797194711dff1 mes5/i586/libsphinxclient0-0.9.9-0.1mdvmes5.2.i586.rpm\r\n 716d1d5539c4a4eaac5996c70578107d mes5/i586/libsphinxclient-devel-0.9.9-0.1mdvmes5.2.i586.rpm\r\n b271fe2d863cb99d46f99a20c0cab5d3 mes5/i586/libstemmer0-0-5.1mdvmes5.2.i586.rpm\r\n f08df937c8cbc104c32a0b42f77a2b2d mes5/i586/libstemmer-devel-0-5.1mdvmes5.2.i586.rpm\r\n fc04b1140795dafb3a280100a34e1698 mes5/i586/libxmlrpc-epi0-0.54-0.1mdvmes5.2.i586.rpm\r\n ed22bcef35a1b90090a01d5bdf5c2861 mes5/i586/libxmlrpc-epi-devel-0.54-0.1mdvmes5.2.i586.rpm\r\n 3c70ce8653099b8bede16e1d4b1c854c mes5/i586/libyaz3-3.0.48-0.1mdvmes5.2.i586.rpm\r\n d73a3220c42f40c085c1caa3a1797b9a mes5/i586/libyaz-devel-3.0.48-0.1mdvmes5.2.i586.rpm\r\n 8cd9158f64b8d1345e47485ab28b8f87 mes5/i586/ming-utils-0.4.4-0.1mdvmes5.2.i586.rpm\r\n ec6c990e242c299eb3f250a273298534 mes5/i586/perl-SWF-0.4.4-0.1mdvmes5.2.i586.rpm\r\n c199e39972b4633c025cdb4497f866d5 mes5/i586/php-apc-3.1.10-0.1mdvmes5.2.i586.rpm\r\n 4d7b2a7efea30875044fa27ab621855f mes5/i586/php-apc-admin-3.1.10-0.1mdvmes5.2.i586.rpm\r\n b86186ed13e27f5dde58b58e799f9145 mes5/i586/php-bcmath-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 364fb5e17d6f35aeb212e374f8408236 mes5/i586/php-bz2-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 64367f635bddcdb8f799f30bd56db615 mes5/i586/php-calendar-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 040288301616bfb16436f2e5a341ff9f mes5/i586/php-cgi-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 3c265959950263674c5017eda963117e mes5/i586/php-cli-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 42876a7aead3c2ba20de3b237502d317 mes5/i586/php-ctype-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 9ae84a482bced4724fc5b2719a5f7e74 mes5/i586/php-curl-5.3.13-0.1mdvmes5.2.i586.rpm\r\n fb39ca8bc9b3e70dca9eabeb43f1b5a3 mes5/i586/php-dba-5.3.13-0.1mdvmes5.2.i586.rpm\r\n eb9cd33f04b6b8ce9631dbee6ffdfa1c mes5/i586/php-dbx-1.1.0-30.2mdvmes5.2.i586.rpm\r\n 4a289a7a64702fc7bf9167125f172274 mes5/i586/php-devel-5.3.13-0.1mdvmes5.2.i586.rpm\r\n fc09a56f707392c32ef3aeec9a1bb242 mes5/i586/php-dio-0.0.5-0.1mdvmes5.2.i586.rpm\r\n 521e2447d98a8d37aa7fb2fa35787ef2 mes5/i586/php-doc-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 6e0fed6e1c0b5ee5a11645e4956d345c mes5/i586/php-dom-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 5e9298f4d04acef2d164c52697e911eb mes5/i586/php-eaccelerator-0.9.6.1-0.6mdvmes5.2.i586.rpm\r\n 688d1e19c4955521d7a217bd64b1a3aa mes5/i586/php-eaccelerator-admin-0.9.6.1-0.6mdvmes5.2.i586.rpm\r\n c7ba6857a141dbac85afa4f05cdb65ca mes5/i586/php-enchant-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 0c179177f51deb368800f0c08cedc599 mes5/i586/php-exif-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 39f6318d1367c28e8c0365098e7750e4 mes5/i586/php-fam-5.0.1-3.6mdvmes5.2.i586.rpm\r\n 1ef9b6263948c34f46b5fd29321d911c mes5/i586/php-fileinfo-5.3.13-0.1mdvmes5.2.i586.rpm\r\n aad86d693bbe62bba0942b370f6ca246 mes5/i586/php-filepro-5.1.6-13.6mdvmes5.2.i586.rpm\r\n 3868021d3e61c00b8ae6809bb7c0900b mes5/i586/php-filter-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 48b88e31e42379400dc7766ad2c62e5a mes5/i586/php-fpm-5.3.13-0.1mdvmes5.2.i586.rpm\r\n f8cd704030d7d70ea8ebe8346f9f0e0f mes5/i586/php-ftp-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 7c32f002b04ac8072df7aa7fa8b7a8e6 mes5/i586/php-gd-5.3.13-0.1mdvmes5.2.i586.rpm\r\n df5a2a2b26101a778494b26af67766a2 mes5/i586/php-gettext-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 8327f44ffa0b41841ff9b71039017d52 mes5/i586/php-gmp-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 811259cfad20fd63253a7123b7fd27dc mes5/i586/php-gtk2-2.0.1-2.2mdvmes5.2.i586.rpm\r\n be58ace4d69b596b57afd068f7cf3c49 mes5/i586/php-hash-5.3.13-0.1mdvmes5.2.i586.rpm\r\n a17c44ceea8b3f5a0bc55a3af3474af3 mes5/i586/php-iconv-5.3.13-0.1mdvmes5.2.i586.rpm\r\n c89f28160eaf77c3655965bfbed6c3b1 mes5/i586/php-imagick-3.0.1-0.2mdvmes5.2.i586.rpm\r\n 73fa2e549e58fd68ad8a9109c77a7369 mes5/i586/php-imap-5.3.13-0.1mdvmes5.2.i586.rpm\r\n b3c413082301b0a8f4a25f176a87a45e mes5/i586/php-ini-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 6c775dd0ca5396b0ebb70e602db834b6 mes5/i586/php-intl-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 5902f72d9bc4f0c025618cd49e5f8e79 mes5/i586/php-json-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 877dc6caffd8bbe76c654ac4a9d18daa mes5/i586/php-ldap-5.3.13-0.1mdvmes5.2.i586.rpm\r\n abe1393ef623af8944406dadd8064c89 mes5/i586/php-mailparse-2.1.6-0.1mdvmes5.2.i586.rpm\r\n 0f498f237e44a451224929ecd24b315c mes5/i586/php-mbstring-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 35eceb3b8e39847fa00a91409afe9407 mes5/i586/php-mcal-0.6-23.6mdvmes5.2.i586.rpm\r\n 385e71ffb5612c05a701ed557e556c62 mes5/i586/php-mcrypt-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 18e3385588deda52c3516375d6d803d0 mes5/i586/php-mcve-7.0.3-0.2mdvmes5.2.i586.rpm\r\n daf72900f0a90864046a67a2d71e6caa mes5/i586/php-mdbtools-1.0.0-4.2mdvmes5.2.i586.rpm\r\n d0905f31f721643a572bf6b005262bf6 mes5/i586/php-memcache-3.0.6-0.2mdvmes5.2.i586.rpm\r\n 6b5378f95fb1022c83d34c9db1422d8e mes5/i586/php-ming-5.2.10-0.2mdvmes5.2.i586.rpm\r\n 8e6e4f7017a0febfef7cdf155ecc4962 mes5/i586/php-mssql-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 0411daf7561b179eb5a8e484d36f4ad3 mes5/i586/php-mysql-5.3.13-0.1mdvmes5.2.i586.rpm\r\n ff31716a2c412fba2e9d013c56965cf7 mes5/i586/php-mysqli-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 993a888b1c2713a00565e45282b23148 mes5/i586/php-mysqlnd-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 08fbe9fae6d67c0637041c80f07eba12 mes5/i586/php-odbc-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 7a29e566a7751e1821a623a4f0018a6f mes5/i586/php-openssl-5.3.13-0.1mdvmes5.2.i586.rpm\r\n f441f06ada4ee980d501e2b6576f2806 mes5/i586/php-optimizer-0.1-0.alpha2.0.2mdvmes5.2.i586.rpm\r\n b8da69bd634b1daa981efbc2ed95a648 mes5/i586/php-pcntl-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 95089b116c79922e497d4fd7854df544 mes5/i586/php-pdo-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 2f2196f900c6b802cf7fea375c9eeb91 mes5/i586/php-pdo_dblib-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 25c438a18c01c09b60e7c7b2fe13671f mes5/i586/php-pdo_mysql-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 91f1fee5243ed4ae8398a75e9114adac mes5/i586/php-pdo_odbc-5.3.13-0.1mdvmes5.2.i586.rpm\r\n bfff4547a91207f42302cd9fc184f86f mes5/i586/php-pdo_pgsql-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 8d460754542459d816d1b3dff39c872b mes5/i586/php-pdo_sqlite-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 9ff947c66182403b9888b265832c9161 mes5/i586/php-perl-1.0.0-32.2mdvmes5.2.i586.rpm\r\n cb1bca793338e4e792ab6c8792293617 mes5/i586/php-pgsql-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 1ef789ec5d683fef4934fc57101456b1 mes5/i586/php-phar-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 52145842d6faa93fa073fa17cb3b0763 mes5/i586/php-posix-5.3.13-0.1mdvmes5.2.i586.rpm\r\n aed79d1522b7507df309ddd682a99b4d mes5/i586/php-pspell-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 7cf0cf423041e29370ec6df0da70d21e mes5/i586/php-radius-1.2.5-7.2mdvmes5.2.i586.rpm\r\n f53c0be9c38ddf42a8c6820a312eaa06 mes5/i586/php-readline-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 29ee9c49f78cb11e83f9a251bd02b7e9 mes5/i586/php-recode-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 2c8c33fd81fc8468d0ddb774c2814264 mes5/i586/php-sasl-0.1.0-21.6mdvmes5.2.i586.rpm\r\n 8c2471fa96a43e94edabd4b9668724ef mes5/i586/php-session-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 3ca8b754f64883be1924fa8e95e799d3 mes5/i586/php-shmop-5.3.13-0.1mdvmes5.2.i586.rpm\r\n faa1b493b705f393754abcc2174857b5 mes5/i586/php-snmp-5.3.13-0.1mdvmes5.2.i586.rpm\r\n c393eb8db265798b1beff2541d13ee25 mes5/i586/php-soap-5.3.13-0.1mdvmes5.2.i586.rpm\r\n c23958451e7f49cb90e18f0d58fde045 mes5/i586/php-sockets-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 419a7ecf0f1d44a08795cc21c88f3b17 mes5/i586/php-sphinx-1.2.0-0.1mdvmes5.2.i586.rpm\r\n b42c41d30364c4bb308146ab5087fabf mes5/i586/php-sqlite3-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 6e9609d6fd4724426a63e3e520341051 mes5/i586/php-sqlite-5.3.13-0.1mdvmes5.2.i586.rpm\r\n e0b0e03c3ba4746805a70f3749784af7 mes5/i586/php-ssh2-0.11.3-0.1mdvmes5.2.i586.rpm\r\n f3be55d6857f3c36f063a418ff780c01 mes5/i586/php-suhosin-0.9.33-0.1mdvmes5.2.i586.rpm\r\n 49ab75a66171482bc0c92da727b42790 mes5/i586/php-sybase_ct-5.3.13-0.1mdvmes5.2.i586.rpm\r\n a49fe633e4d2eb4acb1fcd9ded4afff6 mes5/i586/php-sysvmsg-5.3.13-0.1mdvmes5.2.i586.rpm\r\n e548f18c2ccd5522376387fb9895e605 mes5/i586/php-sysvsem-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 079ffcc8e9bbcf02d70b39aed0e37510 mes5/i586/php-sysvshm-5.3.13-0.1mdvmes5.2.i586.rpm\r\n a0bfac8555bfaefec8cdab4a8fe8f759 mes5/i586/php-tclink-3.4.5-0.2mdvmes5.2.i586.rpm\r\n c3bb9c496c70fa477b65a326f10f1f13 mes5/i586/php-tidy-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 92fa5b22a77b38c94e1e81cee27e94e5 mes5/i586/php-timezonedb-2012.3-0.1mdvmes5.2.i586.rpm\r\n c69e34969e6be01c229701cb3bd381f3 mes5/i586/php-tokenizer-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 86d0fa4af4c00f2a996ee86c7480eaec mes5/i586/php-translit-0.6.1-0.1mdvmes5.2.i586.rpm\r\n 11aa119fde6b2c43e93259784d78b72a mes5/i586/php-vld-0.11.1-0.1mdvmes5.2.i586.rpm\r\n f48532222388b41b6f5abbeffa704cf9 mes5/i586/php-wddx-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 1770351942d2fb1c5685afe0609d22ea mes5/i586/php-xattr-1.1.0-2.6mdvmes5.2.i586.rpm\r\n 09300dd1170f00c70d05a21017d05448 mes5/i586/php-xcache-1.3.2-0.1mdvmes5.2.i586.rpm\r\n 508c5edb557c8bc20d7084b314278944 mes5/i586/php-xcache-admin-1.3.2-0.1mdvmes5.2.i586.rpm\r\n 41e91f88a9fdaf1fa0420ae01dc46ade mes5/i586/php-xdebug-2.1.4-0.1mdvmes5.2.i586.rpm\r\n c8d6da8bdb753cf7a2a6db3d3e2e46bf mes5/i586/php-xml-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 50aed2d093b83fdaa77dc407da9b861a mes5/i586/php-xmlreader-5.3.13-0.1mdvmes5.2.i586.rpm\r\n fe32252d37699afb0c51f60f9722adcb mes5/i586/php-xmlrpc-5.3.13-0.1mdvmes5.2.i586.rpm\r\n a1a2181cb93d31acf2c6b6e246b9db0d mes5/i586/php-xmlwriter-5.3.13-0.1mdvmes5.2.i586.rpm\r\n f87097cce5a501146df0e7120211c4bd mes5/i586/php-xsl-5.3.13-0.1mdvmes5.2.i586.rpm\r\n 9d5c99b04a85caea9bce01f4c662372c mes5/i586/php-yaz-1.1.1-0.1mdvmes5.2.i586.rpm\r\n d38eb4445d09878793e8506f1b649236 mes5/i586/php-zip-5.3.13-0.1mdvmes5.2.i586.rpm\r\n ec0cbe2b90c8fb0db9939d10e62fef02 mes5/i586/php-zlib-5.3.13-0.1mdvmes5.2.i586.rpm\r\n e2fe6c46edade8b149063316fb6e9268 mes5/i586/python-SWF-0.4.4-0.1mdvmes5.2.i586.rpm\r\n aef4719c148c3f6edf549f236a08868e mes5/i586/sphinx-0.9.9-0.1mdvmes5.2.i586.rpm\r\n 48b1928235704dd977b9fdc25f1e2933 mes5/i586/stemwords-0-5.1mdvmes5.2.i586.rpm\r\n 1b7636ca4c1ec6eac492041c6e9c95e2 mes5/i586/yaz-3.0.48-0.1mdvmes5.2.i586.rpm \r\n 2bac0388ad669fc836a910cb6919733e mes5/SRPMS/apache-mod_php-5.3.13-0.1mdvmes5.2.src.rpm\r\n 0dd8c597a6a39e17b504408fa4f894d1 mes5/SRPMS/lemon-3.7.4-0.1mdvmes5.2.src.rpm\r\n 04a50458044ddef8dca4acbecd0555d1 mes5/SRPMS/libmbfl-1.1.0-0.1mdvmes5.2.src.rpm\r\n d9e473396af964f01dd6310844925396 mes5/SRPMS/libmonetra-7.0.4-0.1mdvmes5.2.src.rpm\r\n 0fafe53fccc11afa4b75c66dc49261cd mes5/SRPMS/libstemmer-0-5.1mdvmes5.2.src.rpm\r\n 6de1878b7ff4fbc0b63e381618e966ba mes5/SRPMS/ming-0.4.4-0.1mdvmes5.2.src.rpm\r\n c4041cade9aaf6c4c67f046e4bfbaa74 mes5/SRPMS/php-5.3.13-0.1mdvmes5.2.src.rpm\r\n c0a1c69bca172f69a034505cfd6b37fc mes5/SRPMS/php-apc-3.1.10-0.1mdvmes5.2.src.rpm\r\n df8c3520a450cb4209179f60cf8828cd mes5/SRPMS/php-dbx-1.1.0-30.2mdvmes5.2.src.rpm\r\n 7705d28806c6a73a9e588d174203ec11 mes5/SRPMS/php-dio-0.0.5-0.1mdvmes5.2.src.rpm\r\n cb9fd58d04a1db3ceec2f9b15c5ddac0 mes5/SRPMS/php-eaccelerator-0.9.6.1-0.6mdvmes5.2.src.rpm\r\n d1e7c7da449372f62c27a0cd3eeb8a8d mes5/SRPMS/php-fam-5.0.1-3.6mdvmes5.2.src.rpm\r\n 4c10d297abc9ea2a4dfe2cc441be619c mes5/SRPMS/php-filepro-5.1.6-13.6mdvmes5.2.src.rpm\r\n 7c30fe50ac1dc23870c64660300e78f8 mes5/SRPMS/php-gtk2-2.0.1-2.2mdvmes5.2.src.rpm\r\n ecdbedc8c745921ab7e8c97850c7e976 mes5/SRPMS/php-imagick-3.0.1-0.2mdvmes5.2.src.rpm\r\n c31069ae710a67783a81adf905f72842 mes5/SRPMS/php-ini-5.3.13-0.1mdvmes5.2.src.rpm\r\n 7bba5d67278539bbfe8980f4619fc443 mes5/SRPMS/php-mailparse-2.1.6-0.1mdvmes5.2.src.rpm\r\n c064fa5008b99634cf43dd8cfcfc38a8 mes5/SRPMS/php-mcal-0.6-23.6mdvmes5.2.src.rpm\r\n 4dc1c969e13503b5b84e4cc2a62fcafa mes5/SRPMS/php-mcve-7.0.3-0.2mdvmes5.2.src.rpm\r\n 8a0b00a7eb45735c7f1b84db2124a02a mes5/SRPMS/php-mdbtools-1.0.0-4.2mdvmes5.2.src.rpm\r\n 50514e567296ef853fc9c040b27fde14 mes5/SRPMS/php-memcache-3.0.6-0.2mdvmes5.2.src.rpm\r\n 3d68803bc8d4d5db837d034e31b559ab mes5/SRPMS/php-ming-5.2.10-0.2mdvmes5.2.src.rpm\r\n 3788a033464659c7697271fe3e11cb6b mes5/SRPMS/php-optimizer-0.1-0.alpha2.0.2mdvmes5.2.src.rpm\r\n 4e41590da9fd097f6ecb0cf362bf99f9 mes5/SRPMS/php-perl-1.0.0-32.2mdvmes5.2.src.rpm\r\n 8227db814a6322c4a1c72717965be834 mes5/SRPMS/php-radius-1.2.5-7.2mdvmes5.2.src.rpm\r\n b6eea216f82a274151c12bb38e50793c mes5/SRPMS/php-sasl-0.1.0-21.6mdvmes5.2.src.rpm\r\n aefb4d8a934bd9ecf18f10cf94508b21 mes5/SRPMS/php-sphinx-1.2.0-0.1mdvmes5.2.src.rpm\r\n 27acc20ae9792b5ee79127428c76d019 mes5/SRPMS/php-ssh2-0.11.3-0.1mdvmes5.2.src.rpm\r\n 8561139b4f53146b52d0d881c93bd884 mes5/SRPMS/php-suhosin-0.9.33-0.1mdvmes5.2.src.rpm\r\n 9decd2138202b8f51428b69f8d089679 mes5/SRPMS/php-tclink-3.4.5-0.2mdvmes5.2.src.rpm\r\n a331ac0e06665fb2b1696eeb35ddd67b mes5/SRPMS/php-timezonedb-2012.3-0.1mdvmes5.2.src.rpm\r\n 79c414525991c894f01d9e597cda78f6 mes5/SRPMS/php-translit-0.6.1-0.1mdvmes5.2.src.rpm\r\n 93897f5b7d60138c9e12474dc8388954 mes5/SRPMS/php-vld-0.11.1-0.1mdvmes5.2.src.rpm\r\n 9f2b8c72495c63762e02a4792b321463 mes5/SRPMS/php-xattr-1.1.0-2.6mdvmes5.2.src.rpm\r\n bec964b1764e87c0ba2d78ec3c33f662 mes5/SRPMS/php-xcache-1.3.2-0.1mdvmes5.2.src.rpm\r\n 6e3b637199e13bd895401f2cadbf25c5 mes5/SRPMS/php-xdebug-2.1.4-0.1mdvmes5.2.src.rpm\r\n 7b1f065bc086533fa01adba07235c4fe mes5/SRPMS/php-yaz-1.1.1-0.1mdvmes5.2.src.rpm\r\n 51586ceaba69e3a61e4171c1b33821ad mes5/SRPMS/sphinx-0.9.9-0.1mdvmes5.2.src.rpm\r\n fb8632c3872b5f62b8fdc070565d21b6 mes5/SRPMS/xmlrpc-epi-0.54-0.1mdvmes5.2.src.rpm\r\n 7737d7193bce052e26930d49ee7e841f mes5/SRPMS/yaz-3.0.48-0.1mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 96b2d5df095de56795b5e402b5615e5a mes5/x86_64/apache-mod_php-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 03641ff5a502b304b0cbdeff4161f07a mes5/x86_64/lemon-3.7.4-0.1mdvmes5.2.x86_64.rpm\r\n 16d5aee91aab749c674b146725679edf mes5/x86_64/lib64mbfl1-1.1.0-0.1mdvmes5.2.x86_64.rpm\r\n 211cf3c8c54d7135c1c59d37df63dbd9 mes5/x86_64/lib64mbfl-devel-1.1.0-0.1mdvmes5.2.x86_64.rpm\r\n ff17fd8f9ad24289e558636ce26d6e17 mes5/x86_64/lib64ming1-0.4.4-0.1mdvmes5.2.x86_64.rpm\r\n 84acf50087747dcb4f34a5aa2ea1ce0a mes5/x86_64/lib64ming-devel-0.4.4-0.1mdvmes5.2.x86_64.rpm\r\n db2510f25a007023647f235013ec6e74 mes5/x86_64/lib64monetra7-7.0.4-0.1mdvmes5.2.x86_64.rpm\r\n e449abc214208571c14827a9319c0ec3 mes5/x86_64/lib64monetra-devel-7.0.4-0.1mdvmes5.2.x86_64.rpm\r\n 7a418a728839573bca2187e8c5468fe2 mes5/x86_64/lib64php5_common5-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 4060a9ea3f85ea3df9260575783e7a17 mes5/x86_64/lib64sphinxclient0-0.9.9-0.1mdvmes5.2.x86_64.rpm\r\n f6ca93737988ebae403ef0ed8ab41359 mes5/x86_64/lib64sphinxclient-devel-0.9.9-0.1mdvmes5.2.x86_64.rpm\r\n 4a7ef9bd46d3c4e8e36f08868319244d mes5/x86_64/lib64stemmer0-0-5.1mdvmes5.2.x86_64.rpm\r\n b15fe53cc1c6ea59fdd82c04eae8e7fd mes5/x86_64/lib64stemmer-devel-0-5.1mdvmes5.2.x86_64.rpm\r\n c673964b2561e44781a98cb86a9e3187 mes5/x86_64/lib64xmlrpc-epi0-0.54-0.1mdvmes5.2.x86_64.rpm\r\n e66b903dc4310d0d3849689529146ec3 mes5/x86_64/lib64xmlrpc-epi-devel-0.54-0.1mdvmes5.2.x86_64.rpm\r\n 49cbe05c0d48ad378bd129ebd036ba26 mes5/x86_64/lib64yaz3-3.0.48-0.1mdvmes5.2.x86_64.rpm\r\n 2afb044886e1c96c3db29bdf0bb7dc9b mes5/x86_64/lib64yaz-devel-3.0.48-0.1mdvmes5.2.x86_64.rpm\r\n 2f4b0caff3c9e97839df3aa1ad6ca732 mes5/x86_64/ming-utils-0.4.4-0.1mdvmes5.2.x86_64.rpm\r\n f288571bd192a5e5802a40cd7d4e3118 mes5/x86_64/perl-SWF-0.4.4-0.1mdvmes5.2.x86_64.rpm\r\n b059dbc18e76476659494969ef5e4947 mes5/x86_64/php-apc-3.1.10-0.1mdvmes5.2.x86_64.rpm\r\n 68149e7e29a2e2ea3f7d7e3573bd193b mes5/x86_64/php-apc-admin-3.1.10-0.1mdvmes5.2.x86_64.rpm\r\n e38d895cf490704f5e6f8b1ecdca7e61 mes5/x86_64/php-bcmath-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 711815bad3794350d9177d52bac8d95b mes5/x86_64/php-bz2-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 3e8c4f72f0211a797a172c7092966a46 mes5/x86_64/php-calendar-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 51026f5c6c789d4fe07bb64f5c2a4559 mes5/x86_64/php-cgi-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n a5c4c236c80e4219e0a8e29eac78b440 mes5/x86_64/php-cli-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n f7d68cdc91a5d1aca630bf5d2cc027a8 mes5/x86_64/php-ctype-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 1e82cf4c1d05409239f773c27f25e148 mes5/x86_64/php-curl-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 4414697431b4f9d8347d368406a74792 mes5/x86_64/php-dba-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 78a159ea14c942e6b1484d7f7a02430f mes5/x86_64/php-dbx-1.1.0-30.2mdvmes5.2.x86_64.rpm\r\n afce38f700de1511605177aaac2a4b0c mes5/x86_64/php-devel-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 24c2440bccc5cdceb6d9c6eb6fbd8fb6 mes5/x86_64/php-dio-0.0.5-0.1mdvmes5.2.x86_64.rpm\r\n e304390a900576e6344b831935fca984 mes5/x86_64/php-doc-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 41d2f61596375aa03dcd64462432b8ad mes5/x86_64/php-dom-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 84eead8c2a272ed05ef0a8f3b6672f56 mes5/x86_64/php-eaccelerator-0.9.6.1-0.6mdvmes5.2.x86_64.rpm\r\n d72cfcdee8d186ad859b3b99fd70bdd0 mes5/x86_64/php-eaccelerator-admin-0.9.6.1-0.6mdvmes5.2.x86_64.rpm\r\n e3b9b291bbc15d61895e27372b8b1925 mes5/x86_64/php-enchant-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 558cd9c98631858a661a6aa4ccdf882b mes5/x86_64/php-exif-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 3553939609e3fef1652ee999d37fd530 mes5/x86_64/php-fam-5.0.1-3.6mdvmes5.2.x86_64.rpm\r\n 5a19e0b3fc58299ccdb1b12f5ca69200 mes5/x86_64/php-fileinfo-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 8a23bbc3e8c9ef45a339563075668d59 mes5/x86_64/php-filepro-5.1.6-13.6mdvmes5.2.x86_64.rpm\r\n 78be28f1fee69306797aa83a91bee75b mes5/x86_64/php-filter-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n f8339f10b4664c2130f1159f89c0b244 mes5/x86_64/php-fpm-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n d3b287afef7b1f6207082e97ae77b349 mes5/x86_64/php-ftp-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 98f68dcc439e4252d72be221fe1e9b98 mes5/x86_64/php-gd-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 0d04cfba60b215c27a87d77a363a51e9 mes5/x86_64/php-gettext-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n f95a838116143b396aedeeb01c534584 mes5/x86_64/php-gmp-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n e84018d144e7f94e436132420d51440d mes5/x86_64/php-gtk2-2.0.1-2.2mdvmes5.2.x86_64.rpm\r\n 7e02ce03f990c677fd39095d094bf5fc mes5/x86_64/php-hash-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 9e3ae7e6d67397fc15a81d3b3e7d30c8 mes5/x86_64/php-iconv-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 76155d4adcfb84852c193a6a9183a701 mes5/x86_64/php-imagick-3.0.1-0.2mdvmes5.2.x86_64.rpm\r\n 6c1aa64a78fef0ba6b12de5c7fdf227e mes5/x86_64/php-imap-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n e9dbcfb8b6330f52ea6f83630e0b96db mes5/x86_64/php-ini-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n a99ae1adc279e1446501374b396e9194 mes5/x86_64/php-intl-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n c4856a889eb1fabe4cfb4e7e0541a208 mes5/x86_64/php-json-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 1e6ed1c6f514d3bed9271e192d6b8c79 mes5/x86_64/php-ldap-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 23d141eeb5ec49b7bd14931e313efe61 mes5/x86_64/php-mailparse-2.1.6-0.1mdvmes5.2.x86_64.rpm\r\n 67df3a26f6e25258bb28b9d70ebdc7b9 mes5/x86_64/php-mbstring-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n ce6ec0bd9bf2c6bbea51b670566cf125 mes5/x86_64/php-mcal-0.6-23.6mdvmes5.2.x86_64.rpm\r\n 3af3a06df5a30d2324b42ce38b0170c7 mes5/x86_64/php-mcrypt-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 898c0ff97086e4003f34c5af21a1209b mes5/x86_64/php-mcve-7.0.3-0.2mdvmes5.2.x86_64.rpm\r\n ea3c678599dd676b1596cf9b38bac5fa mes5/x86_64/php-mdbtools-1.0.0-4.2mdvmes5.2.x86_64.rpm\r\n f42a0499caae118ccb02a404fe853e8d mes5/x86_64/php-memcache-3.0.6-0.2mdvmes5.2.x86_64.rpm\r\n d656bf501e02bf270c74e621655e0f79 mes5/x86_64/php-ming-5.2.10-0.2mdvmes5.2.x86_64.rpm\r\n 67182e137d6799e21d1eb95f8e8a09a6 mes5/x86_64/php-mssql-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 13b16b807e73dc799f820ec360b4c4c4 mes5/x86_64/php-mysql-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 401bf41f8ae42e1c5cbae844b5859310 mes5/x86_64/php-mysqli-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n a3d71aca0b59a479be67aa5f7e2dadac mes5/x86_64/php-mysqlnd-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 299a5af759216cc02b72c73e1aedb898 mes5/x86_64/php-odbc-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 1b9afd33db663c3c0376e9e366a1d7e9 mes5/x86_64/php-openssl-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 1bfa8188adf02eefd1fee6980bf8a637 mes5/x86_64/php-optimizer-0.1-0.alpha2.0.2mdvmes5.2.x86_64.rpm\r\n 4ea6deefc1d6c98165a39bf0cbbb1e68 mes5/x86_64/php-pcntl-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n e8edc47c4535c7185c648fe2cdd62fd3 mes5/x86_64/php-pdo-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 7de9187f26e2b1dcbde7bfa6b5e72cc3 mes5/x86_64/php-pdo_dblib-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 43c1dabc4e916f1676a64affa4e71923 mes5/x86_64/php-pdo_mysql-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 90e7bb6c5edceae816e1efc1d772c1cd mes5/x86_64/php-pdo_odbc-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 41c159cea72f2c8608422dd60b24a2aa mes5/x86_64/php-pdo_pgsql-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 3b806d521833732f44d199760894e6cc mes5/x86_64/php-pdo_sqlite-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n e3047e894435230a2234b6c106e7f85b mes5/x86_64/php-perl-1.0.0-32.2mdvmes5.2.x86_64.rpm\r\n 13e2506c835e395eb7f81edac6b61a8f mes5/x86_64/php-pgsql-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n dab84434950d74f298b66066fc5d22b2 mes5/x86_64/php-phar-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n c087bf52f652c59da6bdd4fb06286464 mes5/x86_64/php-posix-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 29d9820c941b281ec4bf2e1ae154b590 mes5/x86_64/php-pspell-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 2a5472038518e78b1e77c085486a7f41 mes5/x86_64/php-radius-1.2.5-7.2mdvmes5.2.x86_64.rpm\r\n ef96d7846f36e03abbe0389a9c7025a6 mes5/x86_64/php-readline-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 3d6dc5bbe9f83a3b7379b09842418d6d mes5/x86_64/php-recode-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n fe9478b8ef31ffd03c4fd7e3b13a6fcd mes5/x86_64/php-sasl-0.1.0-21.6mdvmes5.2.x86_64.rpm\r\n 66ea22c633fb484f787795c541c31458 mes5/x86_64/php-session-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 73cf8b14818d6c4aa6ff7b4f876a305f mes5/x86_64/php-shmop-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 2f1c10a3e69bc4962c68da8494d7a2d1 mes5/x86_64/php-snmp-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 66bf34f4665ce04daf5962c4c5178966 mes5/x86_64/php-soap-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n d9f0deeb70efb200c65be5ba2cbfe197 mes5/x86_64/php-sockets-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n cb5ace43e37f4488ca65e4740495842a mes5/x86_64/php-sphinx-1.2.0-0.1mdvmes5.2.x86_64.rpm\r\n d2347f18673adf71d3fdc94600e6ec77 mes5/x86_64/php-sqlite3-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 5317fd6819706540ee1d1e209b0ee65d mes5/x86_64/php-sqlite-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n e308fc3349779514b7aa1e336452f539 mes5/x86_64/php-ssh2-0.11.3-0.1mdvmes5.2.x86_64.rpm\r\n c60c35039cdf4a3446e29d0dfa96bc40 mes5/x86_64/php-suhosin-0.9.33-0.1mdvmes5.2.x86_64.rpm\r\n 3076e178dff5d37d8c44f21e00d63c9e mes5/x86_64/php-sybase_ct-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n e268581c1bbbd9269faa591577fce62a mes5/x86_64/php-sysvmsg-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 7dbc04b5fc2ffee323f2c4123feb05bd mes5/x86_64/php-sysvsem-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 1bdffd99b577b97adc67e5b20df0b301 mes5/x86_64/php-sysvshm-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 71043e5371ce75f9f0cb63df38021fdb mes5/x86_64/php-tclink-3.4.5-0.2mdvmes5.2.x86_64.rpm\r\n 215a92aa7004ea738f44aed3e1168b9c mes5/x86_64/php-tidy-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n efc0a9750197c1b1f5158c8c1e55c27b mes5/x86_64/php-timezonedb-2012.3-0.1mdvmes5.2.x86_64.rpm\r\n c7debf59191371056785b18a4a99c276 mes5/x86_64/php-tokenizer-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 26be1bde74ac0ce9f0b442cb4c81a9be mes5/x86_64/php-translit-0.6.1-0.1mdvmes5.2.x86_64.rpm\r\n c99427fc99b451727ac42a9b96a5537c mes5/x86_64/php-vld-0.11.1-0.1mdvmes5.2.x86_64.rpm\r\n 2743db76a4ec5fd0a67dbd68bf1229a4 mes5/x86_64/php-wddx-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 6af7e7503ffe3d4141f222fb0701e817 mes5/x86_64/php-xattr-1.1.0-2.6mdvmes5.2.x86_64.rpm\r\n 85f807ce183c7b843701fd8899ef0991 mes5/x86_64/php-xcache-1.3.2-0.1mdvmes5.2.x86_64.rpm\r\n a62dad29f5eade1f3d3864b25dff3f2d mes5/x86_64/php-xcache-admin-1.3.2-0.1mdvmes5.2.x86_64.rpm\r\n bbf6d7585d06df26bcfa3b73dab0007c mes5/x86_64/php-xdebug-2.1.4-0.1mdvmes5.2.x86_64.rpm\r\n a5f092be6c7ca43ad60913afb67885e6 mes5/x86_64/php-xml-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 65ef3be867bd8427c1f5d41131de8249 mes5/x86_64/php-xmlreader-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n d0c2192b6b08ef59e912fcbd272c98be mes5/x86_64/php-xmlrpc-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 1c529b0215628a4d699542742dddb80e mes5/x86_64/php-xmlwriter-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 78df5fc0a2128aa9658b426cd8378b35 mes5/x86_64/php-xsl-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n dadfa8975b5a1a141b2f454d370c59f6 mes5/x86_64/php-yaz-1.1.1-0.1mdvmes5.2.x86_64.rpm\r\n 9caa5cd5185ae316a091de219fd984d9 mes5/x86_64/php-zip-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n 92ac01caa79c1d542fe06e4aae21ff0b mes5/x86_64/php-zlib-5.3.13-0.1mdvmes5.2.x86_64.rpm\r\n fb2eadb2172166381d594394916add79 mes5/x86_64/python-SWF-0.4.4-0.1mdvmes5.2.x86_64.rpm\r\n 5fdd248cb611e7997ddc828e8a90c043 mes5/x86_64/sphinx-0.9.9-0.1mdvmes5.2.x86_64.rpm\r\n b3d72ab63f47dd5a0f3b1f147321bcab mes5/x86_64/stemwords-0-5.1mdvmes5.2.x86_64.rpm\r\n cfada59c5348ee46e44202376cf042c5 mes5/x86_64/yaz-3.0.48-0.1mdvmes5.2.x86_64.rpm \r\n 2bac0388ad669fc836a910cb6919733e mes5/SRPMS/apache-mod_php-5.3.13-0.1mdvmes5.2.src.rpm\r\n 0dd8c597a6a39e17b504408fa4f894d1 mes5/SRPMS/lemon-3.7.4-0.1mdvmes5.2.src.rpm\r\n 04a50458044ddef8dca4acbecd0555d1 mes5/SRPMS/libmbfl-1.1.0-0.1mdvmes5.2.src.rpm\r\n d9e473396af964f01dd6310844925396 mes5/SRPMS/libmonetra-7.0.4-0.1mdvmes5.2.src.rpm\r\n 0fafe53fccc11afa4b75c66dc49261cd mes5/SRPMS/libstemmer-0-5.1mdvmes5.2.src.rpm\r\n 6de1878b7ff4fbc0b63e381618e966ba mes5/SRPMS/ming-0.4.4-0.1mdvmes5.2.src.rpm\r\n c4041cade9aaf6c4c67f046e4bfbaa74 mes5/SRPMS/php-5.3.13-0.1mdvmes5.2.src.rpm\r\n c0a1c69bca172f69a034505cfd6b37fc mes5/SRPMS/php-apc-3.1.10-0.1mdvmes5.2.src.rpm\r\n df8c3520a450cb4209179f60cf8828cd mes5/SRPMS/php-dbx-1.1.0-30.2mdvmes5.2.src.rpm\r\n 7705d28806c6a73a9e588d174203ec11 mes5/SRPMS/php-dio-0.0.5-0.1mdvmes5.2.src.rpm\r\n cb9fd58d04a1db3ceec2f9b15c5ddac0 mes5/SRPMS/php-eaccelerator-0.9.6.1-0.6mdvmes5.2.src.rpm\r\n d1e7c7da449372f62c27a0cd3eeb8a8d mes5/SRPMS/php-fam-5.0.1-3.6mdvmes5.2.src.rpm\r\n 4c10d297abc9ea2a4dfe2cc441be619c mes5/SRPMS/php-filepro-5.1.6-13.6mdvmes5.2.src.rpm\r\n 7c30fe50ac1dc23870c64660300e78f8 mes5/SRPMS/php-gtk2-2.0.1-2.2mdvmes5.2.src.rpm\r\n ecdbedc8c745921ab7e8c97850c7e976 mes5/SRPMS/php-imagick-3.0.1-0.2mdvmes5.2.src.rpm\r\n c31069ae710a67783a81adf905f72842 mes5/SRPMS/php-ini-5.3.13-0.1mdvmes5.2.src.rpm\r\n 7bba5d67278539bbfe8980f4619fc443 mes5/SRPMS/php-mailparse-2.1.6-0.1mdvmes5.2.src.rpm\r\n c064fa5008b99634cf43dd8cfcfc38a8 mes5/SRPMS/php-mcal-0.6-23.6mdvmes5.2.src.rpm\r\n 4dc1c969e13503b5b84e4cc2a62fcafa mes5/SRPMS/php-mcve-7.0.3-0.2mdvmes5.2.src.rpm\r\n 8a0b00a7eb45735c7f1b84db2124a02a mes5/SRPMS/php-mdbtools-1.0.0-4.2mdvmes5.2.src.rpm\r\n 50514e567296ef853fc9c040b27fde14 mes5/SRPMS/php-memcache-3.0.6-0.2mdvmes5.2.src.rpm\r\n 3d68803bc8d4d5db837d034e31b559ab mes5/SRPMS/php-ming-5.2.10-0.2mdvmes5.2.src.rpm\r\n 3788a033464659c7697271fe3e11cb6b mes5/SRPMS/php-optimizer-0.1-0.alpha2.0.2mdvmes5.2.src.rpm\r\n 4e41590da9fd097f6ecb0cf362bf99f9 mes5/SRPMS/php-perl-1.0.0-32.2mdvmes5.2.src.rpm\r\n 8227db814a6322c4a1c72717965be834 mes5/SRPMS/php-radius-1.2.5-7.2mdvmes5.2.src.rpm\r\n b6eea216f82a274151c12bb38e50793c mes5/SRPMS/php-sasl-0.1.0-21.6mdvmes5.2.src.rpm\r\n aefb4d8a934bd9ecf18f10cf94508b21 mes5/SRPMS/php-sphinx-1.2.0-0.1mdvmes5.2.src.rpm\r\n 27acc20ae9792b5ee79127428c76d019 mes5/SRPMS/php-ssh2-0.11.3-0.1mdvmes5.2.src.rpm\r\n 8561139b4f53146b52d0d881c93bd884 mes5/SRPMS/php-suhosin-0.9.33-0.1mdvmes5.2.src.rpm\r\n 9decd2138202b8f51428b69f8d089679 mes5/SRPMS/php-tclink-3.4.5-0.2mdvmes5.2.src.rpm\r\n a331ac0e06665fb2b1696eeb35ddd67b mes5/SRPMS/php-timezonedb-2012.3-0.1mdvmes5.2.src.rpm\r\n 79c414525991c894f01d9e597cda78f6 mes5/SRPMS/php-translit-0.6.1-0.1mdvmes5.2.src.rpm\r\n 93897f5b7d60138c9e12474dc8388954 mes5/SRPMS/php-vld-0.11.1-0.1mdvmes5.2.src.rpm\r\n 9f2b8c72495c63762e02a4792b321463 mes5/SRPMS/php-xattr-1.1.0-2.6mdvmes5.2.src.rpm\r\n bec964b1764e87c0ba2d78ec3c33f662 mes5/SRPMS/php-xcache-1.3.2-0.1mdvmes5.2.src.rpm\r\n 6e3b637199e13bd895401f2cadbf25c5 mes5/SRPMS/php-xdebug-2.1.4-0.1mdvmes5.2.src.rpm\r\n 7b1f065bc086533fa01adba07235c4fe mes5/SRPMS/php-yaz-1.1.1-0.1mdvmes5.2.src.rpm\r\n 51586ceaba69e3a61e4171c1b33821ad mes5/SRPMS/sphinx-0.9.9-0.1mdvmes5.2.src.rpm\r\n fb8632c3872b5f62b8fdc070565d21b6 mes5/SRPMS/xmlrpc-epi-0.54-0.1mdvmes5.2.src.rpm\r\n 7737d7193bce052e26930d49ee7e841f mes5/SRPMS/yaz-3.0.48-0.1mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 (GNU/Linux)\r\n\r\niD8DBQFPq6gTmqjQ0CJFipgRAqvVAJ9zEwWjj1SD2W0x+6Nb/vNvjYO4oQCg6O6L\r\nwF916W6TuFcSv/gD10fMyoE=\r\n=Va72\r\n-----END PGP SIGNATURE-----\r\n", "published": "2012-05-14T00:00:00", "modified": "2012-05-14T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvss2": {}, "cvss3": {}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28070", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2012-2336", "CVE-2011-1148", "CVE-2012-2335", "CVE-2012-1823", "CVE-2011-1938", "CVE-2011-4885", "CVE-2011-2483", "CVE-2012-0788", "CVE-2012-0830", "CVE-2011-1657", "CVE-2011-3268", "CVE-2011-3182", "CVE-2012-1172", "CVE-2011-4566", "CVE-2011-3267", "CVE-2011-3379", "CVE-2011-2202", "CVE-2012-0831", "CVE-2012-0807"], "immutableFields": [], "lastseen": "2018-08-31T11:10:44", "viewCount": 67, "enchantments": {"score": {"value": 0.0, "vector": "NONE"}, "dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2011-007", "ALAS-2011-012", "ALAS-2012-037", "ALAS-2012-041", "ALAS-2012-077"]}, {"type": "attackerkb", "idList": ["AKB:7BB1902E-DB18-4E99-B324-054F3B091720", "AKB:ABC58E28-19A4-4DC5-A6F9-1CB801B0C53F"]}, {"type": "canvas", "idList": ["PHP_CGI_REMOTE"]}, {"type": "centos", "idList": ["CESA-2011:1377", "CESA-2011:1378", "CESA-2011:1423", "CESA-2012:0019", "CESA-2012:0033", "CESA-2012:0071", "CESA-2012:0092", "CESA-2012:0093", "CESA-2012:0546", "CESA-2012:0547", "CESA-2012:1045", "CESA-2012:1046", "CESA-2012:1047", "CESA-2013:0514", "CESA-2013:1307"]}, {"type": "cert", "idList": ["VU:520827", "VU:673343", "VU:903934"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-209", "CPAI-2012-233", "CPAI-2012-335", "CPAI-2013-1630", "CPAI-2014-1022", "CPAI-2015-0345"]}, {"type": "checkpoint_security", "idList": ["CPS:SK66350"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2012-1823"]}, {"type": "cve", "idList": ["CVE-2011-1148", "CVE-2011-1657", "CVE-2011-1938", "CVE-2011-2202", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-3189", "CVE-2011-3267", "CVE-2011-3268", "CVE-2011-3379", "CVE-2011-4078", "CVE-2011-4566", "CVE-2011-4885", "CVE-2012-0788", "CVE-2012-0807", "CVE-2012-0830", "CVE-2012-0831", "CVE-2012-1172", "CVE-2012-1823", "CVE-2012-2311", "CVE-2012-2335", "CVE-2012-2336", "CVE-2013-4878"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2262-2:2E683", "DEBIAN:DSA-2266-1:4FAC3", "DEBIAN:DSA-2340-1:1241F", "DEBIAN:DSA-2399-1:367BF", "DEBIAN:DSA-2399-2:BC1FA", "DEBIAN:DSA-2403-1:D6AFA", "DEBIAN:DSA-2403-2:76AA7", "DEBIAN:DSA-2408-1:B808D", "DEBIAN:DSA-2465-1:8EF31"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-2483", "DEBIANCVE:CVE-2011-4078"]}, {"type": "exploitdb", "idList": ["EDB-ID:17318", "EDB-ID:17486", "EDB-ID:18296", "EDB-ID:18305", "EDB-ID:18834", "EDB-ID:18836", "EDB-ID:25986", "EDB-ID:40233"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:53B8CD6979883842096DB696D31C6946", "EXPLOITPACK:61773FF3320048BFB5A024DEC0D04A85", "EXPLOITPACK:85B20F0533D328BC2DFA7020D0F11896", "EXPLOITPACK:8932A99CC3BD9DB558A917429D610473", "EXPLOITPACK:B8DA2EAADC9FCF2EF821731BB51E75E7", "EXPLOITPACK:DCB6D1527114BF4939903A3FD787537D", "EXPLOITPACK:E01EEEA67E34582F2A422D4CD1795D05"]}, {"type": "f5", "idList": ["F5:K13518", "F5:K13519", "F5:K13588", "SOL13518", "SOL13519", "SOL13588", "SOL14574", "SOL15441", "SOL15903"]}, {"type": "fedora", "idList": ["FEDORA:0838320B29", "FEDORA:089FC20F0D", "FEDORA:0D2EE20910", "FEDORA:11BE720F24", "FEDORA:2174220F39", "FEDORA:25045C0AD1", "FEDORA:2AA70C0AD2", "FEDORA:2FE26212BB", "FEDORA:33CD220F88", "FEDORA:3515C213E6", "FEDORA:3EA60213F3", "FEDORA:4059D217E2", "FEDORA:420B0E7205", "FEDORA:42AD9212FB", "FEDORA:4930D21410", "FEDORA:4D5372165A", "FEDORA:510BA87E81", "FEDORA:6097820D6A", "FEDORA:6126137D07", "FEDORA:695182240A", "FEDORA:6D55C20D95", "FEDORA:6EE0A21254", "FEDORA:74DD920884", "FEDORA:76D5120DE0", "FEDORA:7706F20CE7", "FEDORA:7869DC0ACF", "FEDORA:7E4C7208A1", "FEDORA:7F79620D03", "FEDORA:7F9E2C0AD1", "FEDORA:7FE32208A7", "FEDORA:805B3C0ACF", "FEDORA:836B9C0AD2", "FEDORA:877BA208A7", "FEDORA:8819720FCC", "FEDORA:8893F20D13", "FEDORA:8CC7E20B55", "FEDORA:8F32E208C8", "FEDORA:9729C2155E", "FEDORA:97B7C208D3", "FEDORA:994FA20B8F", "FEDORA:A07AD21BF1", "FEDORA:A24AB20F77", "FEDORA:A38F421375", "FEDORA:ACED120F82", "FEDORA:B599720F97", "FEDORA:E6D2E210DB", "FEDORA:EEFCB208EF"]}, {"type": "freebsd", "idList": ["057BF770-CAC4-11E0-AEA3-00215C6A37BB", "2CDE1892-913E-11E1-B44C-001FD0AF1A4C", "3FD040BE-4F0B-11E1-9E32-0025900931F8", "59B68B1E-9C78-11E1-B5E0-000C299B62E1", "60DE13D5-95F0-11E1-806A-001143CD36D8", "D3921810-3C80-11E1-97E8-00215C6A37BB"]}, {"type": "gentoo", "idList": ["GLSA-201110-06", "GLSA-201110-22", "GLSA-201209-03", "GLSA-201412-10"]}, {"type": "hackerone", "idList": ["H1:5221"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-MULTI-HTTP-PHP_CGI_ARG_INJECTION-"]}, {"type": "nessus", "idList": ["6015.PRM", "6263.PRM", "6303.PRM", "6304.PRM", "6482.PRM", "6494.PRM", "6495.PRM", "6583.PRM", "6584.PRM", "6993.PRM", "6994.PRM", "6995.PRM", "801071.PRM", "801084.PRM", "801087.PRM", "801100.PRM", "801116.PRM", "ALA_ALAS-2011-07.NASL", "ALA_ALAS-2011-12.NASL", "ALA_ALAS-2011-7.NASL", "ALA_ALAS-2012-37.NASL", "ALA_ALAS-2012-41.NASL", "ALA_ALAS-2012-77.NASL", "CENTOS_RHSA-2011-1377.NASL", "CENTOS_RHSA-2011-1378.NASL", "CENTOS_RHSA-2011-1423.NASL", "CENTOS_RHSA-2012-0019.NASL", "CENTOS_RHSA-2012-0033.NASL", "CENTOS_RHSA-2012-0071.NASL", "CENTOS_RHSA-2012-0092.NASL", "CENTOS_RHSA-2012-0093.NASL", "CENTOS_RHSA-2012-0546.NASL", "CENTOS_RHSA-2012-0547.NASL", "CENTOS_RHSA-2012-1045.NASL", "CENTOS_RHSA-2012-1046.NASL", "CENTOS_RHSA-2012-1047.NASL", "CENTOS_RHSA-2013-0514.NASL", "CENTOS_RHSA-2013-1307.NASL", "DEBIAN_DSA-2266.NASL", "DEBIAN_DSA-2340.NASL", "DEBIAN_DSA-2399.NASL", "DEBIAN_DSA-2403.NASL", "DEBIAN_DSA-2408.NASL", "DEBIAN_DSA-2465.NASL", "F5_BIGIP_SOL13519.NASL", "F5_BIGIP_SOL13588.NASL", "F5_BIGIP_SOL14574.NASL", "FEDORA_2011-11464.NASL", "FEDORA_2011-11528.NASL", "FEDORA_2011-11537.NASL", "FEDORA_2011-13446.NASL", "FEDORA_2011-13458.NASL", "FEDORA_2011-13472.NASL", "FEDORA_2012-0420.NASL", "FEDORA_2012-0504.NASL", "FEDORA_2012-1262.NASL", "FEDORA_2012-1301.NASL", "FEDORA_2012-6869.NASL", "FEDORA_2012-6907.NASL", "FEDORA_2012-6911.NASL", "FEDORA_2012-7567.NASL", "FEDORA_2012-7586.NASL", "FEDORA_2012-7628.NASL", "FREEBSD_PKG_057BF770CAC411E0AEA300215C6A37BB.NASL", "FREEBSD_PKG_2CDE1892913E11E1B44C001FD0AF1A4C.NASL", "FREEBSD_PKG_3FD040BE4F0B11E19E320025900931F8.NASL", "FREEBSD_PKG_59B68B1E9C7811E1B5E0000C299B62E1.NASL", "FREEBSD_PKG_60DE13D595F011E1806A001143CD36D8.NASL", "FREEBSD_PKG_D39218103C8011E197E800215C6A37BB.NASL", "GENTOO_GLSA-201110-06.NASL", "GENTOO_GLSA-201110-22.NASL", "GENTOO_GLSA-201209-03.NASL", "GENTOO_GLSA-201412-10.NASL", "HPSMH_7_0_0_24.NASL", "HPSMH_7_1_1_1.NASL", "HPSMH_7_2_1_0.NASL", "MACOSX_10_7_3.NASL", "MACOSX_10_7_4.NASL", "MACOSX_10_7_5.NASL", "MACOSX_10_8_2.NASL", "MACOSX_SECUPD2012-001.NASL", "MACOSX_SECUPD2012-004.NASL", "MANDRIVA_MDVSA-2011-161.NASL", "MANDRIVA_MDVSA-2011-165.NASL", "MANDRIVA_MDVSA-2011-166.NASL", "MANDRIVA_MDVSA-2011-178.NASL", "MANDRIVA_MDVSA-2011-179.NASL", "MANDRIVA_MDVSA-2011-180.NASL", "MANDRIVA_MDVSA-2011-197.NASL", "MANDRIVA_MDVSA-2012-065.NASL", "MANDRIVA_MDVSA-2012-068.NASL", "OPENSUSE-2012-182.NASL", "OPENSUSE-2012-214.NASL", "OPENSUSE-2012-244.NASL", "OPENSUSE-2012-261.NASL", "OPENSUSE-2012-288.NASL", "OPENSUSE-2013-849.NASL", "ORACLELINUX_ELSA-2011-1377.NASL", "ORACLELINUX_ELSA-2011-1378.NASL", "ORACLELINUX_ELSA-2011-1423.NASL", "ORACLELINUX_ELSA-2012-0019.NASL", "ORACLELINUX_ELSA-2012-0033.NASL", "ORACLELINUX_ELSA-2012-0071.NASL", "ORACLELINUX_ELSA-2012-0092.NASL", "ORACLELINUX_ELSA-2012-0093.NASL", "ORACLELINUX_ELSA-2012-0546.NASL", "ORACLELINUX_ELSA-2012-0547.NASL", "ORACLELINUX_ELSA-2012-1045.NASL", "ORACLELINUX_ELSA-2012-1046.NASL", "ORACLELINUX_ELSA-2012-1047.NASL", "ORACLELINUX_ELSA-2013-0514.NASL", "ORACLELINUX_ELSA-2013-1307.NASL", "PHP_5_3_10.NASL", "PHP_5_3_11.NASL", "PHP_5_3_13.NASL", "PHP_5_3_7.NASL", "PHP_5_3_9.NASL", "PHP_5_3_9_ACE.NASL", "PHP_5_4_0.NASL", "PHP_5_4_1.NASL", "PHP_5_4_2.NASL", "PHP_5_4_3.NASL", "PHP_5_HASH_COLLISION_DOS.NBIN", "PHP_CGI_QUERY_STRING_CODE_EXECUTION.NASL", "PHP_CGI_REMOTE_CODE_EXECUTION.NASL", "PLESK_APACHE_CODE_EXECUTION.NASL", "REDHAT-RHSA-2011-1377.NASL", "REDHAT-RHSA-2011-1378.NASL", "REDHAT-RHSA-2011-1423.NASL", "REDHAT-RHSA-2012-0019.NASL", "REDHAT-RHSA-2012-0033.NASL", "REDHAT-RHSA-2012-0071.NASL", "REDHAT-RHSA-2012-0092.NASL", "REDHAT-RHSA-2012-0093.NASL", "REDHAT-RHSA-2012-0546.NASL", "REDHAT-RHSA-2012-0547.NASL", "REDHAT-RHSA-2012-0568.NASL", "REDHAT-RHSA-2012-0569.NASL", "REDHAT-RHSA-2012-1045.NASL", "REDHAT-RHSA-2012-1046.NASL", "REDHAT-RHSA-2012-1047.NASL", "REDHAT-RHSA-2013-0514.NASL", "REDHAT-RHSA-2013-1307.NASL", "SLACKWARE_SSA_2011-237-01.NASL", "SLACKWARE_SSA_2012-041-02.NASL", "SL_20111017_POSTGRESQL84_ON_SL5_X.NASL", "SL_20111017_POSTGRESQL_ON_SL4_X.NASL", "SL_20111102_PHP53_AND_PHP_ON_SL5_X.NASL", "SL_20120111_PHP53_AND_PHP_ON_SL5_X.NASL", "SL_20120118_PHP_ON_SL5_X.NASL", "SL_20120130_PHP_ON_SL4_X.NASL", "SL_20120202_PHP53_ON_SL5_X.NASL", "SL_20120202_PHP_ON_SL4_X.NASL", "SL_20120507_PHP53_ON_SL5_X.NASL", "SL_20120507_PHP_ON_SL5_X.NASL", "SL_20120627_PHP53_ON_SL5_X.NASL", "SL_20120627_PHP_ON_SL5_X.NASL", "SL_20120627_PHP_ON_SL6_X.NASL", "SL_20130221_PHP_ON_SL6_X.NASL", "SL_20130930_PHP53_ON_SL5_X.NASL", "SUSE9_12813.NASL", "SUSE_11_3_APACHE2-MOD_PHP5-110601.NASL", "SUSE_11_3_APACHE2-MOD_PHP5-110907.NASL", "SUSE_11_3_GLIBC-110729.NASL", "SUSE_11_3_LIBXCRYPT-110824.NASL", "SUSE_11_3_MAN-PAGES-110823.NASL", "SUSE_11_3_YAST2-CORE-110822.NASL", "SUSE_11_4_APACHE2-MOD_PHP5-110601.NASL", "SUSE_11_4_APACHE2-MOD_PHP5-110907.NASL", "SUSE_11_4_GLIBC-110729.NASL", "SUSE_11_4_LIBXCRYPT-110824.NASL", "SUSE_11_4_MAN-PAGES-110823.NASL", "SUSE_11_4_YAST2-CORE-110822.NASL", "SUSE_11_APACHE2-MOD_PHP5-110601.NASL", "SUSE_11_APACHE2-MOD_PHP5-120309.NASL", "SUSE_11_APACHE2-MOD_PHP5-120504.NASL", "SUSE_11_APACHE2-MOD_PHP5-120518.NASL", "SUSE_11_APACHE2-MOD_PHP53-120309.NASL", "SUSE_11_APACHE2-MOD_PHP53-120504.NASL", "SUSE_11_APACHE2-MOD_PHP53-120618.NASL", "SUSE_11_GLIBC-110729.NASL", "SUSE_11_GLIBC-BLOWFISH-110729.NASL", "SUSE_11_LIBXCRYPT-110824.NASL", "SUSE_11_MAN-PAGES-110825.NASL", "SUSE_11_YAST2-CORE-110830.NASL", "SUSE_APACHE2-MOD_PHP5-7553.NASL", "SUSE_APACHE2-MOD_PHP5-7554.NASL", "SUSE_APACHE2-MOD_PHP5-8009.NASL", "SUSE_APACHE2-MOD_PHP5-8114.NASL", "SUSE_APACHE2-MOD_PHP5-8133.NASL", "SUSE_GLIBC-7659.NASL", "SUSE_GLIBC-7663.NASL", "SUSE_GLIBC-BLOWFISH-7663.NASL", "SUSE_POSTGRESQL-8311.NASL", "SUSE_SU-2012-1336-1.NASL", "SUSE_YAST2-CORE-7725.NASL", "SUSE_YAST2-CORE-7726.NASL", "UBUNTU_USN-1126-1.NASL", "UBUNTU_USN-1126-2.NASL", "UBUNTU_USN-1229-1.NASL", "UBUNTU_USN-1231-1.NASL", "UBUNTU_USN-1307-1.NASL", "UBUNTU_USN-1358-1.NASL", "UBUNTU_USN-1358-2.NASL", "UBUNTU_USN-1437-1.NASL", "UBUNTU_USN-1481-1.NASL"]}, {"type": "nmap", "idList": ["NMAP:HTTP-VULN-CVE2012-1823.NSE"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103229", "OPENVAS:1361412562310103296", "OPENVAS:1361412562310103482", "OPENVAS:1361412562310103486", "OPENVAS:1361412562310110012", "OPENVAS:1361412562310120147", "OPENVAS:1361412562310120220", "OPENVAS:1361412562310120256", "OPENVAS:1361412562310120517", "OPENVAS:1361412562310120570", "OPENVAS:1361412562310121296", "OPENVAS:1361412562310122011", "OPENVAS:1361412562310122012", "OPENVAS:1361412562310122061", "OPENVAS:1361412562310122072", "OPENVAS:1361412562310122073", "OPENVAS:1361412562310123562", "OPENVAS:1361412562310123689", "OPENVAS:1361412562310123874", "OPENVAS:1361412562310123883", "OPENVAS:1361412562310123893", "OPENVAS:1361412562310123924", "OPENVAS:1361412562310123926", "OPENVAS:1361412562310123996", "OPENVAS:1361412562310123997", "OPENVAS:136141256231069973", "OPENVAS:136141256231069976", "OPENVAS:136141256231070257", "OPENVAS:136141256231070716", "OPENVAS:136141256231070717", "OPENVAS:136141256231070721", "OPENVAS:136141256231070725", "OPENVAS:136141256231070735", "OPENVAS:136141256231070759", "OPENVAS:136141256231070769", "OPENVAS:136141256231070785", "OPENVAS:136141256231071135", "OPENVAS:136141256231071265", "OPENVAS:136141256231071344", "OPENVAS:136141256231071377", "OPENVAS:136141256231071384", "OPENVAS:136141256231071962", "OPENVAS:136141256231071968", "OPENVAS:136141256231072420", "OPENVAS:1361412562310802330", "OPENVAS:1361412562310802349", "OPENVAS:1361412562310802392", "OPENVAS:1361412562310802408", "OPENVAS:1361412562310802504", "OPENVAS:1361412562310802590", "OPENVAS:1361412562310802591", "OPENVAS:1361412562310802794", "OPENVAS:1361412562310802968", "OPENVAS:1361412562310803341", "OPENVAS:1361412562310831478", "OPENVAS:1361412562310831484", "OPENVAS:1361412562310831485", "OPENVAS:1361412562310831500", "OPENVAS:1361412562310831514", "OPENVAS:1361412562310831518", "OPENVAS:1361412562310831621", "OPENVAS:1361412562310831624", "OPENVAS:1361412562310831627", "OPENVAS:1361412562310840636", "OPENVAS:1361412562310840646", "OPENVAS:1361412562310840772", "OPENVAS:1361412562310840782", "OPENVAS:1361412562310840842", "OPENVAS:1361412562310840891", "OPENVAS:1361412562310840895", "OPENVAS:1361412562310841002", "OPENVAS:1361412562310841052", "OPENVAS:1361412562310850170", "OPENVAS:1361412562310850217", "OPENVAS:1361412562310850218", "OPENVAS:1361412562310863518", "OPENVAS:1361412562310863520", "OPENVAS:1361412562310863523", "OPENVAS:1361412562310863524", "OPENVAS:1361412562310863527", "OPENVAS:1361412562310863531", "OPENVAS:1361412562310863576", "OPENVAS:1361412562310863577", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310863712", "OPENVAS:1361412562310863713", "OPENVAS:1361412562310863735", "OPENVAS:1361412562310863740", "OPENVAS:1361412562310863742", "OPENVAS:1361412562310863788", "OPENVAS:1361412562310863794", "OPENVAS:1361412562310863815", "OPENVAS:1361412562310863824", "OPENVAS:1361412562310863875", "OPENVAS:1361412562310863954", "OPENVAS:1361412562310863963", "OPENVAS:1361412562310863969", "OPENVAS:1361412562310864015", "OPENVAS:1361412562310864028", "OPENVAS:1361412562310864217", "OPENVAS:1361412562310864219", "OPENVAS:1361412562310864221", "OPENVAS:1361412562310864225", "OPENVAS:1361412562310864226", "OPENVAS:1361412562310864227", "OPENVAS:1361412562310864253", "OPENVAS:1361412562310864256", "OPENVAS:1361412562310864257", "OPENVAS:1361412562310864259", "OPENVAS:1361412562310864261", "OPENVAS:1361412562310864262", "OPENVAS:1361412562310864322", "OPENVAS:1361412562310864326", "OPENVAS:1361412562310864338", "OPENVAS:1361412562310864366", "OPENVAS:1361412562310864517", "OPENVAS:1361412562310864523", "OPENVAS:1361412562310864590", "OPENVAS:1361412562310864593", "OPENVAS:1361412562310865520", "OPENVAS:1361412562310866019", "OPENVAS:1361412562310866144", "OPENVAS:1361412562310870503", "OPENVAS:1361412562310870506", "OPENVAS:1361412562310870510", "OPENVAS:1361412562310870529", "OPENVAS:1361412562310870531", "OPENVAS:1361412562310870533", "OPENVAS:1361412562310870539", "OPENVAS:1361412562310870542", "OPENVAS:1361412562310870591", "OPENVAS:1361412562310870593", "OPENVAS:1361412562310870780", "OPENVAS:1361412562310870781", "OPENVAS:1361412562310870782", "OPENVAS:1361412562310870940", "OPENVAS:1361412562310871047", "OPENVAS:1361412562310881024", "OPENVAS:1361412562310881025", "OPENVAS:1361412562310881028", "OPENVAS:1361412562310881042", "OPENVAS:1361412562310881075", "OPENVAS:1361412562310881094", "OPENVAS:1361412562310881095", "OPENVAS:1361412562310881119", "OPENVAS:1361412562310881142", "OPENVAS:1361412562310881144", "OPENVAS:1361412562310881147", "OPENVAS:1361412562310881149", "OPENVAS:1361412562310881154", "OPENVAS:1361412562310881165", "OPENVAS:1361412562310881174", "OPENVAS:1361412562310881180", "OPENVAS:1361412562310881206", "OPENVAS:1361412562310881226", "OPENVAS:1361412562310881310", "OPENVAS:1361412562310881333", "OPENVAS:1361412562310881408", "OPENVAS:1361412562310881449", "OPENVAS:1361412562310881656", "OPENVAS:1361412562310902356", "OPENVAS:1361412562310902436", "OPENVAS:1361412562310902606", "OPENVAS:69973", "OPENVAS:69976", "OPENVAS:70257", "OPENVAS:70716", "OPENVAS:70717", "OPENVAS:70721", "OPENVAS:70725", "OPENVAS:70735", "OPENVAS:70759", "OPENVAS:70769", "OPENVAS:70785", "OPENVAS:71135", "OPENVAS:71265", "OPENVAS:71344", "OPENVAS:71377", "OPENVAS:71384", "OPENVAS:71962", "OPENVAS:71968", "OPENVAS:72420", "OPENVAS:802392", "OPENVAS:802794", "OPENVAS:802968", "OPENVAS:831478", "OPENVAS:831484", "OPENVAS:831485", "OPENVAS:831500", "OPENVAS:831514", "OPENVAS:831518", "OPENVAS:831621", "OPENVAS:831624", "OPENVAS:831627", "OPENVAS:840636", "OPENVAS:840646", "OPENVAS:840772", "OPENVAS:840782", "OPENVAS:840842", "OPENVAS:840891", "OPENVAS:840895", "OPENVAS:841002", "OPENVAS:841052", "OPENVAS:850170", "OPENVAS:850217", "OPENVAS:850218", "OPENVAS:863518", "OPENVAS:863520", "OPENVAS:863523", "OPENVAS:863524", "OPENVAS:863527", "OPENVAS:863531", "OPENVAS:863576", "OPENVAS:863577", "OPENVAS:863706", "OPENVAS:863712", "OPENVAS:863713", "OPENVAS:863735", "OPENVAS:863740", "OPENVAS:863742", "OPENVAS:863788", "OPENVAS:863794", "OPENVAS:863815", "OPENVAS:863824", "OPENVAS:863875", "OPENVAS:863954", "OPENVAS:863963", "OPENVAS:863969", "OPENVAS:864015", "OPENVAS:864028", "OPENVAS:864217", "OPENVAS:864219", "OPENVAS:864221", "OPENVAS:864225", "OPENVAS:864226", "OPENVAS:864227", "OPENVAS:864253", "OPENVAS:864256", "OPENVAS:864257", "OPENVAS:864259", "OPENVAS:864261", "OPENVAS:864262", "OPENVAS:864322", "OPENVAS:864326", "OPENVAS:864338", "OPENVAS:864366", "OPENVAS:864517", "OPENVAS:864523", "OPENVAS:864590", "OPENVAS:864593", "OPENVAS:865520", "OPENVAS:866019", "OPENVAS:866144", "OPENVAS:870503", "OPENVAS:870506", "OPENVAS:870510", "OPENVAS:870529", "OPENVAS:870531", "OPENVAS:870533", "OPENVAS:870539", "OPENVAS:870542", "OPENVAS:870591", "OPENVAS:870593", "OPENVAS:870780", "OPENVAS:870781", "OPENVAS:870782", "OPENVAS:870940", "OPENVAS:871047", "OPENVAS:881024", "OPENVAS:881025", "OPENVAS:881028", "OPENVAS:881042", "OPENVAS:881075", "OPENVAS:881094", "OPENVAS:881095", "OPENVAS:881119", "OPENVAS:881142", "OPENVAS:881144", "OPENVAS:881147", "OPENVAS:881149", "OPENVAS:881154", "OPENVAS:881165", "OPENVAS:881174", "OPENVAS:881180", "OPENVAS:881206", "OPENVAS:881226", "OPENVAS:881310", "OPENVAS:881333", "OPENVAS:881408", "OPENVAS:881449", "OPENVAS:881656"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2012-392727"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1377", "ELSA-2011-1378", "ELSA-2011-1423", "ELSA-2012-0019", "ELSA-2012-0033", "ELSA-2012-0071", "ELSA-2012-0092", "ELSA-2012-0093", "ELSA-2012-0546", "ELSA-2012-0547", "ELSA-2012-0677", "ELSA-2012-1045", "ELSA-2012-1046", "ELSA-2012-1047", "ELSA-2013-0514", "ELSA-2013-1307"]}, {"type": "osv", "idList": ["OSV:DSA-2266-1", "OSV:DSA-2340-1", "OSV:DSA-2399-1", "OSV:DSA-2403-1", "OSV:DSA-2408-1", "OSV:DSA-2465-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:101665", "PACKETSTORM:102751", "PACKETSTORM:108287", "PACKETSTORM:108294", "PACKETSTORM:112477", "PACKETSTORM:112486", "PACKETSTORM:112971", "PACKETSTORM:119075", "PACKETSTORM:123833", "PACKETSTORM:123859"]}, {"type": "redhat", "idList": ["RHSA-2011:1377", "RHSA-2011:1378", "RHSA-2011:1423", "RHSA-2012:0019", "RHSA-2012:0033", "RHSA-2012:0071", "RHSA-2012:0092", "RHSA-2012:0093", "RHSA-2012:0546", "RHSA-2012:0547", "RHSA-2012:0568", "RHSA-2012:0569", "RHSA-2012:0570", "RHSA-2012:1045", "RHSA-2012:1046", "RHSA-2012:1047", "RHSA-2013:0514", "RHSA-2013:1307"]}, {"type": "saint", "idList": ["SAINT:383F4FB67DCF7CAE7E06F44A5B5DC13F", "SAINT:4757B9E50DEDA6FBFE3C977620C279FB", "SAINT:A44F3BA5218E70289A3DA48E0A2F5B88", "SAINT:B141859676E43352F0D3EF0305999AAC"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26262", "SECURITYVULNS:DOC:26931", "SECURITYVULNS:DOC:27147", "SECURITYVULNS:DOC:27395", "SECURITYVULNS:DOC:27500", "SECURITYVULNS:DOC:27600", "SECURITYVULNS:DOC:28033", "SECURITYVULNS:DOC:28089", "SECURITYVULNS:DOC:28577", "SECURITYVULNS:DOC:29623", "SECURITYVULNS:DOC:29856", "SECURITYVULNS:VULN:11634", "SECURITYVULNS:VULN:11763", "SECURITYVULNS:VULN:11879", "SECURITYVULNS:VULN:11919", "SECURITYVULNS:VULN:11967", "SECURITYVULNS:VULN:12065", "SECURITYVULNS:VULN:12097", "SECURITYVULNS:VULN:12164", "SECURITYVULNS:VULN:12353", "SECURITYVULNS:VULN:12518", "SECURITYVULNS:VULN:12672", "SECURITYVULNS:VULN:13198", "SECURITYVULNS:VULN:13310"]}, {"type": "seebug", "idList": ["SSV:20381", "SSV:20582", "SSV:20694", "SSV:26018", "SSV:26121", "SSV:30001", "SSV:30071", "SSV:30102", "SSV:60093", "SSV:60103", "SSV:60536", "SSV:61070", "SSV:71717", "SSV:71847", "SSV:72454", "SSV:72458", "SSV:72859", "SSV:72860", "SSV:79637", "SSV:82805"]}, {"type": "slackware", "idList": ["SSA-2011-237-01", "SSA-2012-041-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2012:0426-1", "OPENSUSE-SU-2012:0590-1", "SUSE-SA:2011:035", "SUSE-SU-2012:0411-1", "SUSE-SU-2012:0472-1", "SUSE-SU-2012:0496-1", "SUSE-SU-2012:0598-1", "SUSE-SU-2012:0598-2", "SUSE-SU-2012:0604-1", "SUSE-SU-2012:0721-1", "SUSE-SU-2012:0840-1", "SUSE-SU-2013:1351-1"]}, {"type": "symantec", "idList": ["SMNTC-53388"]}, {"type": "thn", "idList": ["THN:26139DCDB80F29AA56F9DB9ADFBD986B", "THN:F0587F0EFE1B937682CDBA5338BDE708"]}, {"type": "threatpost", "idList": ["THREATPOST:219EFB4DE8A56286E444E303B599B79C", "THREATPOST:2ED66EF5DD7C982DF96F2B1625E26ABB", "THREATPOST:2FB93CCBD166A84F825AED5B7F560EAD", "THREATPOST:3EEA9D9B7CBDC9687FD961AD1AF59EF5", "THREATPOST:4E1049C3C10581837DF71F684CB00683", "THREATPOST:51FB010AA47AEB7BA9A071B3DC8D9989", "THREATPOST:7F4C76F7EC1CB91B3A37DE64274F1EC3", "THREATPOST:8373133ADE8051980B6223ED1B2EBEF3", "THREATPOST:9FD19F2ACF1E3C44BAE775A250F1E132", "THREATPOST:A5E5D5921DAB8BB3CACFA91664901B61", "THREATPOST:D5EC8CB37BD901EEB297B27AA18015A9"]}, {"type": "ubuntu", "idList": ["USN-1126-1", "USN-1126-2", "USN-1229-1", "USN-1231-1", "USN-1307-1", "USN-1358-1", "USN-1358-2", "USN-1437-1", "USN-1481-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-1148", "UB:CVE-2011-1657", "UB:CVE-2011-1938", "UB:CVE-2011-2202", "UB:CVE-2011-2483", "UB:CVE-2011-3182", "UB:CVE-2011-3189", "UB:CVE-2011-3267", "UB:CVE-2011-3268", "UB:CVE-2011-3379", "UB:CVE-2011-4078", "UB:CVE-2011-4566", "UB:CVE-2011-4885", "UB:CVE-2012-0788", "UB:CVE-2012-0807", "UB:CVE-2012-0830", "UB:CVE-2012-0831", "UB:CVE-2012-1172", "UB:CVE-2012-1823", "UB:CVE-2012-2311", "UB:CVE-2012-2335", "UB:CVE-2012-2336"]}, {"type": "veracode", "idList": ["VERACODE:24727", "VERACODE:24744", "VERACODE:24749", "VERACODE:24750", "VERACODE:24806", "VERACODE:24807", "VERACODE:24961"]}, {"type": "zdt", "idList": ["1337DAY-ID-21429"]}]}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2012-077"]}, {"type": "canvas", "idList": ["PHP_CGI_REMOTE"]}, {"type": "centos", "idList": ["CESA-2011:1377", "CESA-2011:1378", "CESA-2011:1423", "CESA-2012:0019", "CESA-2012:0033", "CESA-2012:0071", "CESA-2012:0092", "CESA-2012:0093", "CESA-2012:0546", "CESA-2012:0547", "CESA-2012:1045", "CESA-2012:1046", "CESA-2012:1047", "CESA-2013:0514"]}, {"type": "cert", "idList": ["VU:903934"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2012-335", "CPAI-2013-1630", "CPAI-2014-1022"]}, {"type": "checkpoint_security", "idList": ["CPS:SK66350"]}, {"type": "cve", "idList": ["CVE-2011-1148", "CVE-2011-1657"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2403-2:76AA7"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-2483"]}, {"type": "exploitdb", "idList": ["EDB-ID:18296"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:E01EEEA67E34582F2A422D4CD1795D05"]}, {"type": "f5", "idList": ["SOL13518", "SOL13519", "SOL13588", "SOL14574", "SOL15441", "SOL15903"]}, {"type": "fedora", "idList": ["FEDORA:11BE720F24", "FEDORA:4059D217E2", "FEDORA:4930D21410", "FEDORA:7E4C7208A1", "FEDORA:A07AD21BF1"]}, {"type": "freebsd", "idList": ["057BF770-CAC4-11E0-AEA3-00215C6A37BB", "2CDE1892-913E-11E1-B44C-001FD0AF1A4C", "3FD040BE-4F0B-11E1-9E32-0025900931F8", "59B68B1E-9C78-11E1-B5E0-000C299B62E1", "60DE13D5-95F0-11E1-806A-001143CD36D8", "D3921810-3C80-11E1-97E8-00215C6A37BB"]}, {"type": "gentoo", "idList": ["GLSA-201209-03"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/GENTOO-LINUX-CVE-2012-0807/"]}, {"type": "nessus", "idList": ["6263.PRM", "6303.PRM", "F5_BIGIP_SOL14574.NASL", "FEDORA_2011-11464.NASL", "FEDORA_2011-11528.NASL", "FREEBSD_PKG_2CDE1892913E11E1B44C001FD0AF1A4C.NASL", "FREEBSD_PKG_59B68B1E9C7811E1B5E0000C299B62E1.NASL", "GENTOO_GLSA-201209-03.NASL", "MANDRIVA_MDVSA-2011-166.NASL", "MANDRIVA_MDVSA-2012-068.NASL", "OPENSUSE-2012-182.NASL", "OPENSUSE-2012-244.NASL", "OPENSUSE-2012-288.NASL", "ORACLELINUX_ELSA-2012-0033.NASL", "ORACLELINUX_ELSA-2012-0071.NASL", "PHP_5_4_1.NASL", "PHP_CGI_REMOTE_CODE_EXECUTION.NASL", "REDHAT-RHSA-2012-0019.NASL", "REDHAT-RHSA-2012-0093.NASL", "SL_20120627_PHP_ON_SL6_X.NASL", "SUSE_11_3_MAN-PAGES-110823.NASL", "SUSE_11_4_APACHE2-MOD_PHP5-110601.NASL", "SUSE_11_4_GLIBC-110729.NASL", "SUSE_11_GLIBC-BLOWFISH-110729.NASL", "SUSE_YAST2-CORE-7726.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310110012", "OPENVAS:136141256231071384", "OPENVAS:1361412562310831500", "OPENVAS:1361412562310840646", "OPENVAS:1361412562310841052", "OPENVAS:1361412562310863518", "OPENVAS:1361412562310863706", "OPENVAS:1361412562310863740", "OPENVAS:1361412562310863969", "OPENVAS:1361412562310864253", "OPENVAS:1361412562310864259", "OPENVAS:1361412562310870533", "OPENVAS:1361412562310870542", "OPENVAS:1361412562310881024", "OPENVAS:1361412562310881310", "OPENVAS:70717", "OPENVAS:70725", "OPENVAS:71265", "OPENVAS:863518", "OPENVAS:863523", "OPENVAS:864590", "OPENVAS:870531", "OPENVAS:870539", "OPENVAS:870542", "OPENVAS:870782", "OPENVAS:881310"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2012-392727"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0033", "ELSA-2012-0546"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:112971", "PACKETSTORM:123833"]}, {"type": "redhat", "idList": ["RHSA-2012:0071", "RHSA-2012:0546", "RHSA-2012:0547", "RHSA-2012:0569"]}, {"type": "saint", "idList": ["SAINT:383F4FB67DCF7CAE7E06F44A5B5DC13F"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26931", "SECURITYVULNS:VULN:11919", "SECURITYVULNS:VULN:13310"]}, {"type": "seebug", "idList": ["SSV:79637"]}, {"type": "slackware", "idList": ["SSA-2012-041-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2012:0426-1"]}, {"type": "thn", "idList": ["THN:26139DCDB80F29AA56F9DB9ADFBD986B"]}, {"type": "threatpost", "idList": ["THREATPOST:219EFB4DE8A56286E444E303B599B79C", "THREATPOST:9FD19F2ACF1E3C44BAE775A250F1E132"]}, {"type": "ubuntu", "idList": ["USN-1358-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-1657", "UB:CVE-2012-0807", "UB:CVE-2012-1172"]}]}, "exploitation": null, "affected_software": {"major_version": []}, "epss": [{"cve": "CVE-2012-2336", "epss": "0.037880000", "percentile": "0.904360000", "modified": "2023-03-19"}, {"cve": "CVE-2011-1148", "epss": "0.015790000", "percentile": "0.852800000", "modified": "2023-03-19"}, {"cve": "CVE-2012-2335", "epss": "0.142540000", "percentile": "0.948140000", "modified": "2023-03-19"}, {"cve": "CVE-2012-1823", "epss": "0.975400000", "percentile": "0.999850000", "modified": "2023-03-19"}, {"cve": "CVE-2011-1938", "epss": "0.019890000", "percentile": "0.870030000", "modified": "2023-03-19"}, {"cve": "CVE-2011-4885", "epss": "0.930420000", "percentile": "0.984620000", "modified": "2023-03-19"}, {"cve": "CVE-2011-2483", "epss": "0.004370000", "percentile": "0.707310000", "modified": "2023-03-19"}, {"cve": "CVE-2012-0788", "epss": "0.214350000", "percentile": "0.956570000", "modified": "2023-03-19"}, {"cve": "CVE-2012-0830", "epss": "0.908890000", "percentile": "0.982540000", "modified": "2023-03-19"}, {"cve": "CVE-2011-1657", "epss": "0.018190000", "percentile": "0.863240000", "modified": "2023-03-20"}, {"cve": "CVE-2011-3268", "epss": "0.011820000", "percentile": "0.828850000", "modified": "2023-03-20"}, {"cve": "CVE-2011-3182", "epss": "0.022540000", "percentile": "0.878310000", "modified": "2023-03-20"}, {"cve": "CVE-2012-1172", "epss": "0.044090000", "percentile": "0.910900000", "modified": "2023-03-19"}, {"cve": "CVE-2011-4566", "epss": "0.901840000", "percentile": "0.981880000", "modified": "2023-03-19"}, {"cve": "CVE-2011-3267", "epss": "0.009580000", "percentile": "0.808970000", "modified": "2023-03-20"}, {"cve": "CVE-2011-3379", "epss": "0.062440000", "percentile": "0.924420000", "modified": "2023-03-19"}, {"cve": "CVE-2011-2202", "epss": "0.064840000", "percentile": "0.925800000", "modified": "2023-03-19"}, {"cve": "CVE-2012-0831", "epss": "0.010420000", "percentile": "0.816760000", "modified": "2023-03-19"}, {"cve": "CVE-2012-0807", "epss": "0.045710000", "percentile": "0.912290000", "modified": "2023-03-20"}], "vulnersScore": 0.0}, "_state": {"dependencies": 1678962961, "score": 1684016453, "affected_software_major_version": 0, "epss": 1679322135}, "_internal": {"score_hash": "944e92f4188ada7aa6cb8adf574926bf"}, "sourceData": "", "affectedSoftware": [], "appercut": {}, "exploitpack": {}, "hackapp": {}, "toolHref": "", "w3af": {}}

{"openvas": [{"lastseen": "2019-05-29T18:39:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-11-08T00:00:00", "type": "openvas", "title": "Mandriva Update for php MDVSA-2011:165 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-1657", "CVE-2011-3268", "CVE-2011-3182", "CVE-2011-3267", "CVE-2011-2202"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831484", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831484", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php MDVSA-2011:165 (php)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-11/msg00003.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831484\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-08 19:08:19 +0530 (Tue, 08 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"MDVSA\", value:\"2011:165\");\n script_cve_id(\"CVE-2011-1148\", \"CVE-2011-1657\", \"CVE-2011-1938\", \"CVE-2011-2202\",\n \"CVE-2011-2483\", \"CVE-2011-3182\", \"CVE-2011-3267\", \"CVE-2011-3268\");\n script_name(\"Mandriva Update for php MDVSA-2011:165 (php)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_2010\\.1\");\n script_tag(name:\"affected\", value:\"php on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been identified and fixed in php:\n\n Use-after-free vulnerability in the substr_replace function in PHP\n 5.3.6 and earlier allows context-dependent attackers to cause a\n denial of service (memory corruption) or possibly have unspecified\n other impact by using the same variable for multiple arguments\n (CVE-2011-1148).\n\n The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions\n in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent attackers\n to cause a denial of service (application crash) via certain flags\n arguments, as demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND\n (CVE-2011-1657).\n\n Stack-based buffer overflow in the socket_connect function in\n ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow\n context-dependent attackers to execute arbitrary code via a long\n pathname for a UNIX socket (CVE-2011-1938).\n\n The rfc1867_post_handler function in main/rfc1867.c in PHP before\n 5.3.7 does not properly restrict filenames in multipart/form-data\n POST requests, which allows remote attackers to conduct absolute\n path traversal attacks, and possibly create or overwrite arbitrary\n files, via a crafted upload request, related to a file path injection\n vulnerability. (CVE-2011-2202).\n\n crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain\n platforms, does not properly handle 8-bit characters, which makes\n it easier for context-dependent attackers to determine a cleartext\n password by leveraging knowledge of a password hash (CVE-2011-2483).\n\n PHP before 5.3.7 does not properly check the return values of\n the malloc, calloc, and realloc library functions, which allows\n context-dependent attackers to cause a denial of service (NULL\n pointer dereference and application crash) or trigger a buffer\n overflow by leveraging the ability to provide an arbitrary value\n for a function argument, related to (1) ext/curl/interface.c, (2)\n ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c,\n (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6)\n ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c,\n (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10)\n TSRM/tsrm_win32.c, and (11) the strtotime function (CVE-2011-3182).\n\n PHP before 5.3.7 does not properly implement the error_log function,\n which allows context-dependent attackers to cause a denial of service\n (application crash) via unspecified vectors (CVE-2011-3267).\n\n Buffer overflow in the crypt function in PHP before 5.3.7 allows\n context-dependent attackers to ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-apc\", rpm:\"php-apc~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-apc-admin\", rpm:\"php-apc-admin~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~1.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator-admin\", rpm:\"php-eaccelerator-admin~0.9.6.1~1.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gearman\", rpm:\"php-gearman~0.7.0~0.4mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mailparse\", rpm:\"php-mailparse~2.1.5~8.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcal\", rpm:\"php-mcal~0.6~35.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-optimizer\", rpm:\"php-optimizer~0.1~0.alpha2.8.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pinba\", rpm:\"php-pinba~0.0.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sasl\", rpm:\"php-sasl~0.1.0~33.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sphinx\", rpm:\"php-sphinx~1.0.4~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ssh2\", rpm:\"php-ssh2~0.11.2~0.4mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.32.1~0.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tclink\", rpm:\"php-tclink~3.4.5~7.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-timezonedb\", rpm:\"php-timezonedb~2011.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-translit\", rpm:\"php-translit~0.6.1~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-vld\", rpm:\"php-vld~0.10.1~1.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xattr\", rpm:\"php-xattr~1.1.0~13.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xdebug\", rpm:\"php-xdebug~2.1.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:32", "description": "Check for the Version of php", "cvss3": {}, "published": "2011-11-08T00:00:00", "type": "openvas", "title": "Mandriva Update for php MDVSA-2011:165 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-1657", "CVE-2011-3268", "CVE-2011-3182", "CVE-2011-3267", "CVE-2011-2202"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831484", "href": "http://plugins.openvas.org/nasl.php?oid=831484", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php MDVSA-2011:165 (php)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been identified and fixed in php:\n\n Use-after-free vulnerability in the substr_replace function in PHP\n 5.3.6 and earlier allows context-dependent attackers to cause a\n denial of service (memory corruption) or possibly have unspecified\n other impact by using the same variable for multiple arguments\n (CVE-2011-1148).\n\n The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions\n in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent attackers\n to cause a denial of service (application crash) via certain flags\n arguments, as demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND\n (CVE-2011-1657).\n\n Stack-based buffer overflow in the socket_connect function in\n ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow\n context-dependent attackers to execute arbitrary code via a long\n pathname for a UNIX socket (CVE-2011-1938).\n\n The rfc1867_post_handler function in main/rfc1867.c in PHP before\n 5.3.7 does not properly restrict filenames in multipart/form-data\n POST requests, which allows remote attackers to conduct absolute\n path traversal attacks, and possibly create or overwrite arbitrary\n files, via a crafted upload request, related to a file path injection\n vulnerability. (CVE-2011-2202).\n\n crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain\n platforms, does not properly handle 8-bit characters, which makes\n it easier for context-dependent attackers to determine a cleartext\n password by leveraging knowledge of a password hash (CVE-2011-2483).\n\n PHP before 5.3.7 does not properly check the return values of\n the malloc, calloc, and realloc library functions, which allows\n context-dependent attackers to cause a denial of service (NULL\n pointer dereference and application crash) or trigger a buffer\n overflow by leveraging the ability to provide an arbitrary value\n for a function argument, related to (1) ext/curl/interface.c, (2)\n ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c,\n (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6)\n ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c,\n (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10)\n TSRM/tsrm_win32.c, and (11) the strtotime function (CVE-2011-3182).\n\n PHP before 5.3.7 does not properly implement the error_log function,\n which allows context-dependent attackers to cause a denial of service\n (application crash) via unspecified vectors (CVE-2011-3267).\n\n Buffer overflow in the crypt function in PHP before 5.3.7 allows\n context-dependent attackers to ...\n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-11/msg00003.php\");\n script_id(831484);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-08 19:08:19 +0530 (Tue, 08 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2011:165\");\n script_cve_id(\"CVE-2011-1148\", \"CVE-2011-1657\", \"CVE-2011-1938\", \"CVE-2011-2202\",\n \"CVE-2011-2483\", \"CVE-2011-3182\", \"CVE-2011-3267\", \"CVE-2011-3268\");\n script_name(\"Mandriva Update for php MDVSA-2011:165 (php)\");\n\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-apc\", rpm:\"php-apc~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-apc-admin\", rpm:\"php-apc-admin~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~1.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator-admin\", rpm:\"php-eaccelerator-admin~0.9.6.1~1.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gearman\", rpm:\"php-gearman~0.7.0~0.4mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mailparse\", rpm:\"php-mailparse~2.1.5~8.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcal\", rpm:\"php-mcal~0.6~35.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-optimizer\", rpm:\"php-optimizer~0.1~0.alpha2.8.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pinba\", rpm:\"php-pinba~0.0.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sasl\", rpm:\"php-sasl~0.1.0~33.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sphinx\", rpm:\"php-sphinx~1.0.4~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ssh2\", rpm:\"php-ssh2~0.11.2~0.4mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.32.1~0.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tclink\", rpm:\"php-tclink~3.4.5~7.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-timezonedb\", rpm:\"php-timezonedb~2011.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-translit\", rpm:\"php-translit~0.6.1~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-vld\", rpm:\"php-vld~0.10.1~1.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xattr\", rpm:\"php-xattr~1.1.0~13.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xdebug\", rpm:\"php-xdebug~2.1.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.8~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:57:31", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-08-03T00:00:00", "type": "openvas", "title": "Mandriva Update for php MDVSA-2012:065 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2012-0788", "CVE-2012-0830", "CVE-2012-1172", "CVE-2012-0831", "CVE-2012-0807"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:831621", "href": "http://plugins.openvas.org/nasl.php?oid=831621", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php MDVSA-2012:065 (php)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been identified and fixed in php:\n\n The PDORow implementation in PHP before 5.3.9 does not properly\n interact with the session feature, which allows remote attackers to\n cause a denial of service (application crash) via a crafted application\n that uses a PDO driver for a fetch and then calls the session_start\n function, as demonstrated by a crash of the Apache HTTP Server\n (CVE-2012-0788). Note: this was fixed with php-5.3.10\n\n The php_register_variable_ex function in php_variables.c in PHP\n 5.3.9 allows remote attackers to execute arbitrary code via a request\n containing a large number of variables, related to improper handling\n of array variables. NOTE: this vulnerability exists because of an\n incorrect fix for CVE-2011-4885 (CVE-2012-0830). Note: this was fixed\n with php-5.3.10\n\n PHP before 5.3.10 does not properly perform a temporary change\n to the magic_quotes_gpc directive during the importing of\n environment variables, which makes it easier for remote attackers\n to conduct SQL injection attacks via a crafted request, related to\n main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c\n (CVE-2012-0831).\n\n Insufficient validating of upload name leading to corrupted $_FILES\n indices (CVE-2012-1172).\n\n The updated php packages have been upgraded to 5.3.11 which is not\n vulnerable to these issues.\n\n Stack-based buffer overflow in the suhosin_encrypt_single_cookie\n function in the transparent cookie-encryption feature in the Suhosin\n extension before 0.9.33 for PHP, when suhosin.cookie.encrypt and\n suhosin.multiheader are enabled, might allow remote attackers to\n execute arbitrary code via a long string that is used in a Set-Cookie\n HTTP header (CVE-2012-0807). The php-suhosin packages has been upgraded\n to the 0.9.33 version which is not affected by this issue.\n\n Additionally some of the PECL extensions has been upgraded to their\n latest respective versions which resolves various upstream bugs.\";\n\ntag_affected = \"php on Mandriva Linux 2011.0,\n Mandriva Linux 2010.1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:065\");\n script_id(831621);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-03 09:54:59 +0530 (Fri, 03 Aug 2012)\");\n script_cve_id(\"CVE-2012-0788\", \"CVE-2011-4885\", \"CVE-2012-0830\",\n \"CVE-2012-0831\", \"CVE-2012-1172\", \"CVE-2012-0807\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2012:065\");\n script_name(\"Mandriva Update for php MDVSA-2012:065 (php)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mailparse\", rpm:\"php-mailparse~2.1.6~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ssh2\", rpm:\"php-ssh2~0.11.3~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.33~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-timezonedb\", rpm:\"php-timezonedb~2012.3~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-vld\", rpm:\"php-vld~0.11.1~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xdebug\", rpm:\"php-xdebug~2.1.4~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mailparse\", rpm:\"php-mailparse~2.1.6~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.33~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-vld\", rpm:\"php-vld~0.11.1~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mailparse\", rpm:\"php-mailparse~2.1.6~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ssh2\", rpm:\"php-ssh2~0.11.3~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.33~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-timezonedb\", rpm:\"php-timezonedb~2012.3~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-vld\", rpm:\"php-vld~0.11.1~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xdebug\", rpm:\"php-xdebug~2.1.4~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:04:01", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2011-7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-3379", "CVE-2011-2202"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120517", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120517", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120517\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 11:27:40 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2011-7)\");\n script_tag(name:\"solution\", value:\"Run yum update php to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2011-7.html\");\n script_cve_id(\"CVE-2011-3182\", \"CVE-2011-3379\", \"CVE-2011-2483\", \"CVE-2011-1938\", \"CVE-2011-2202\", \"CVE-2011-1148\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-zts\", rpm:\"php-zts~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-embedded\", rpm:\"php-embedded~5.3.8~3.19.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-03T00:00:00", "type": "openvas", "title": "Mandriva Update for php MDVSA-2012:065 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2012-0788", "CVE-2012-0830", "CVE-2012-1172", "CVE-2012-0831", "CVE-2012-0807"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831621", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831621", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php MDVSA-2012:065 (php)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:065\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831621\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-03 09:54:59 +0530 (Fri, 03 Aug 2012)\");\n script_cve_id(\"CVE-2012-0788\", \"CVE-2011-4885\", \"CVE-2012-0830\",\n \"CVE-2012-0831\", \"CVE-2012-1172\", \"CVE-2012-0807\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:065\");\n script_name(\"Mandriva Update for php MDVSA-2012:065 (php)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(2011\\.0|2010\\.1)\");\n script_tag(name:\"affected\", value:\"php on Mandriva Linux 2011.0,\n Mandriva Linux 2010.1\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been identified and fixed in php:\n\n The PDORow implementation in PHP before 5.3.9 does not properly\n interact with the session feature, which allows remote attackers to\n cause a denial of service (application crash) via a crafted application\n that uses a PDO driver for a fetch and then calls the session_start\n function, as demonstrated by a crash of the Apache HTTP Server\n (CVE-2012-0788). Note: this was fixed with php-5.3.10\n\n The php_register_variable_ex function in php_variables.c in PHP\n 5.3.9 allows remote attackers to execute arbitrary code via a request\n containing a large number of variables, related to improper handling\n of array variables. NOTE: this vulnerability exists because of an\n incorrect fix for CVE-2011-4885 (CVE-2012-0830). Note: this was fixed\n with php-5.3.10\n\n PHP before 5.3.10 does not properly perform a temporary change\n to the magic_quotes_gpc directive during the importing of\n environment variables, which makes it easier for remote attackers\n to conduct SQL injection attacks via a crafted request, related to\n main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c\n (CVE-2012-0831).\n\n Insufficient validating of upload name leading to corrupted $_FILES\n indices (CVE-2012-1172).\n\n The updated php packages have been upgraded to 5.3.11 which is not\n vulnerable to these issues.\n\n Stack-based buffer overflow in the suhosin_encrypt_single_cookie\n function in the transparent cookie-encryption feature in the Suhosin\n extension before 0.9.33 for PHP, when suhosin.cookie.encrypt and\n suhosin.multiheader are enabled, might allow remote attackers to\n execute arbitrary code via a long string that is used in a Set-Cookie\n HTTP header (CVE-2012-0807). The php-suhosin packages has been upgraded\n to the 0.9.33 version which is not affected by this issue.\n\n Additionally some of the PECL extensions has been upgraded to their\n latest respective versions which resolves various upstream bugs.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mailparse\", rpm:\"php-mailparse~2.1.6~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ssh2\", rpm:\"php-ssh2~0.11.3~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.33~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-timezonedb\", rpm:\"php-timezonedb~2012.3~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-vld\", rpm:\"php-vld~0.11.1~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xdebug\", rpm:\"php-xdebug~2.1.4~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mailparse\", rpm:\"php-mailparse~2.1.6~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.33~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-vld\", rpm:\"php-vld~0.11.1~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.11~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mailparse\", rpm:\"php-mailparse~2.1.6~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ssh2\", rpm:\"php-ssh2~0.11.3~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.33~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-timezonedb\", rpm:\"php-timezonedb~2012.3~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-vld\", rpm:\"php-vld~0.11.1~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xdebug\", rpm:\"php-xdebug~2.1.4~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:42", "description": "This host is running PHP and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2011-09-07T00:00:00", "type": "openvas", "title": "PHP Multiple Vulnerabilities - Sep11 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483", "CVE-2011-1657", "CVE-2011-3268", "CVE-2011-3182", "CVE-2011-3267"], "modified": "2018-10-20T00:00:00", "id": "OPENVAS:1361412562310802330", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802330", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_mult_vuln_win_sep11.nasl 11997 2018-10-20 11:59:41Z mmartin $\n#\n# PHP Multiple Vulnerabilities - Sep11 (Windows)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802330\");\n script_version(\"$Revision: 11997 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-20 13:59:41 +0200 (Sat, 20 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-07 08:36:57 +0200 (Wed, 07 Sep 2011)\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-1657\", \"CVE-2011-3182\", \"CVE-2011-3267\",\n \"CVE-2011-3268\");\n script_bugtraq_id(49241, 49252);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"PHP Multiple Vulnerabilities - Sep11 (Windows)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"os_detection.nasl\", \"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/44874/\");\n script_xref(name:\"URL\", value:\"http://www.php.net/archive/2011.php#id2011-08-18-1\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows remote attackers to execute arbitrary code,\n obtain sensitive information or cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"PHP version prior to 5.3.7 on Windows\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Improper handling of passwords with 8-bit characters by 'crypt_blowfish'\n function.\n\n - An error in 'ZipArchive::addGlob' and 'ZipArchive::addPattern' functions\n in ext/zip/php_zip.c file allows remote attackers to cause denial of\n service via certain flags arguments.\n\n - Improper validation of the return values of the malloc, calloc and realloc\n library functions.\n\n - Improper implementation of the error_log function.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.3.7 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is running PHP and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/downloads.php\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\n##To check PHP version prior to 5.3.7\nif(version_is_less(version:phpVer, test_version:\"5.3.7\")){\n report = report_fixed_ver(installed_version:phpVer, fixed_version:\"5.3.7\");\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2011-11464", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863788", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863788", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2011-11464\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065674.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863788\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:15:57 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11464\");\n script_name(\"Fedora Update for php FEDORA-2011-11464\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"php on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.8~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2011-11464", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863875", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863875", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2011-11464\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065675.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863875\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:27:25 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\",\n \"CVE-2011-3182\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11464\");\n script_name(\"Fedora Update for maniadrive FEDORA-2011-11464\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'maniadrive'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"maniadrive on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:55:44", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2011-09-20T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2011-11528", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863531", "href": "http://plugins.openvas.org/nasl.php?oid=863531", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2011-11528\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 15\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging &quot;story mode&quot;, LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066105.html\");\n script_id(863531);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-20 15:38:54 +0200 (Tue, 20 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11528\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_name(\"Fedora Update for maniadrive FEDORA-2011-11528\");\n\n script_summary(\"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:23", "description": "Check for the Version of php-eaccelerator", "cvss3": {}, "published": "2011-09-20T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2011-11537", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863523", "href": "http://plugins.openvas.org/nasl.php?oid=863523", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2011-11537\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"php-eaccelerator on Fedora 14\";\ntag_insight = \"eAccelerator is a further development of the MMCache PHP Accelerator &amp; Encoder.\n It increases performance of PHP scripts by caching them in compiled state, so\n that the overhead of compiling is almost completely eliminated.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066104.html\");\n script_id(863523);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-20 15:38:54 +0200 (Tue, 20 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11537\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2011-11537\");\n\n script_summary(\"Check for the Version of php-eaccelerator\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~9.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:07:17", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2011-11464", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:863788", "href": "http://plugins.openvas.org/nasl.php?oid=863788", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2011-11464\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\ntag_affected = \"php on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065674.html\");\n script_id(863788);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:15:57 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11464\");\n script_name(\"Fedora Update for php FEDORA-2011-11464\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.8~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:24", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2011-09-20T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2011-11537", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863527", "href": "http://plugins.openvas.org/nasl.php?oid=863527", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2011-11537\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 14\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging &quot;story mode&quot;, LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066103.html\");\n script_id(863527);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-20 15:38:54 +0200 (Tue, 20 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11537\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_name(\"Fedora Update for maniadrive FEDORA-2011-11537\");\n\n script_summary(\"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:47", "description": "Check for the Version of php-eaccelerator", "cvss3": {}, "published": "2011-09-20T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2011-11528", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863518", "href": "http://plugins.openvas.org/nasl.php?oid=863518", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2011-11528\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"php-eaccelerator on Fedora 15\";\ntag_insight = \"eAccelerator is a further development of the MMCache PHP Accelerator &amp; Encoder.\n It increases performance of PHP scripts by caching them in compiled state, so\n that the overhead of compiling is almost completely eliminated.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066107.html\");\n script_id(863518);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-20 15:38:54 +0200 (Tue, 20 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11528\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2011-11528\");\n\n script_summary(\"Check for the Version of php-eaccelerator\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~9.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:58:05", "description": "Check for the Version of php-eaccelerator", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2011-11464", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:863794", "href": "http://plugins.openvas.org/nasl.php?oid=863794", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2011-11464\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"php-eaccelerator on Fedora 16\";\ntag_insight = \"eAccelerator is a further development of the MMCache PHP Accelerator &amp; Encoder.\n It increases performance of PHP scripts by caching them in compiled state, so\n that the overhead of compiling is almost completely eliminated.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065673.html\");\n script_id(863794);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:16:35 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11464\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2011-11464\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php-eaccelerator\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~9.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:52", "description": "Check for the Version of php", "cvss3": {}, "published": "2011-09-20T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2011-11528", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863520", "href": "http://plugins.openvas.org/nasl.php?oid=863520", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2011-11528\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on Fedora 15\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066106.html\");\n script_id(863520);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-20 15:38:54 +0200 (Tue, 20 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11528\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_name(\"Fedora Update for php FEDORA-2011-11528\");\n\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.8~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-09-20T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2011-11537", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863527", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863527", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2011-11537\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066103.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863527\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-20 15:38:54 +0200 (Tue, 20 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11537\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_name(\"Fedora Update for maniadrive FEDORA-2011-11537\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'maniadrive'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"maniadrive on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-09-20T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2011-11537", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863523", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863523", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2011-11537\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066104.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863523\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-20 15:38:54 +0200 (Tue, 20 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11537\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2011-11537\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-eaccelerator'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"php-eaccelerator on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~9.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:40:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-09-20T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2011-11528", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863518", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863518", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2011-11528\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066107.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863518\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-20 15:38:54 +0200 (Tue, 20 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11528\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2011-11528\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-eaccelerator'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"php-eaccelerator on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~9.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-09-20T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2011-11537", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863524", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863524", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2011-11537\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066102.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863524\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-20 15:38:54 +0200 (Tue, 20 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11537\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_name(\"Fedora Update for php FEDORA-2011-11537\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"php on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.8~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-18T11:07:57", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2011-11464", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:863875", "href": "http://plugins.openvas.org/nasl.php?oid=863875", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2011-11464\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 16\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging &quot;story mode&quot;, LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065675.html\");\n script_id(863875);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:27:25 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\",\n \"CVE-2011-3182\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11464\");\n script_name(\"Fedora Update for maniadrive FEDORA-2011-11464\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:50", "description": "Check for the Version of php", "cvss3": {}, "published": "2011-09-20T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2011-11537", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863524", "href": "http://plugins.openvas.org/nasl.php?oid=863524", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2011-11537\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on Fedora 14\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066102.html\");\n script_id(863524);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-20 15:38:54 +0200 (Tue, 20 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2011-11537\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_name(\"Fedora Update for php FEDORA-2011-11537\");\n\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.8~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-09-20T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2011-11528", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863531", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863531", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2011-11528\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066105.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863531\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-20 15:38:54 +0200 (Tue, 20 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11528\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_name(\"Fedora Update for maniadrive FEDORA-2011-11528\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'maniadrive'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"maniadrive on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2011-11464", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863794", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863794", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2011-11464\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065673.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863794\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:16:35 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11464\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2011-11464\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-eaccelerator'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"php-eaccelerator on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~9.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-09-20T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2011-11528", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-2202"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863520", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863520", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2011-11528\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066106.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863520\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-20 15:38:54 +0200 (Tue, 20 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2011-11528\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\", \"CVE-2011-3182\");\n script_name(\"Fedora Update for php FEDORA-2011-11528\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"php on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.8~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:46", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2011-09-21T00:00:00", "type": "openvas", "title": "FreeBSD Ports: php5, php5-sockets", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-2202"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231070257", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070257", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_php513.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 057bf770-cac4-11e0-aea3-00215c6a37bb\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70257\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-21 05:47:11 +0200 (Wed, 21 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\");\n script_bugtraq_id(49241);\n script_name(\"FreeBSD Ports: php5, php5-sockets\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n php5\n php5-sockets\n\nCVE-2011-2483\ncrypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain\nplatforms, does not properly handle 8-bit characters, which makes it\neasier for context-dependent attackers to determine a cleartext\npassword by leveraging knowledge of a password hash.\n\nCVE-2011-2202\nThe rfc1867_post_handler function in main/rfc1867.c in PHP before\n5.3.7 does not properly restrict filenames in multipart/form-data POST\nrequests, which allows remote attackers to conduct absolute path\ntraversal attacks, and possibly create or overwrite arbitrary files,\nvia a crafted upload request, related to a 'file path injection\nvulnerability.'\n\nCVE-2011-1938\nStack-based buffer overflow in the socket_connect function in\next/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow\ncontext-dependent attackers to execute arbitrary code via a long\npathname for a UNIX socket.\n\nCVE-2011-1148\nUse-after-free vulnerability in the substr_replace function in PHP\n5.3.6 and earlier allows context-dependent attackers to cause a denial\nof service (memory corruption) or possibly have unspecified other\nimpact by using the same variable for multiple arguments.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"php5\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.3.7\")<0) {\n txt += 'Package php5 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"php5-sockets\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.3.7\")<0) {\n txt += 'Package php5-sockets version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-02T21:13:30", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2011-09-21T00:00:00", "type": "openvas", "title": "FreeBSD Ports: php5, php5-sockets", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-2202"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:70257", "href": "http://plugins.openvas.org/nasl.php?oid=70257", "sourceData": "#\n#VID 057bf770-cac4-11e0-aea3-00215c6a37bb\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 057bf770-cac4-11e0-aea3-00215c6a37bb\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n php5\n php5-sockets\n\nCVE-2011-2483\ncrypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain\nplatforms, does not properly handle 8-bit characters, which makes it\neasier for context-dependent attackers to determine a cleartext\npassword by leveraging knowledge of a password hash.\n\nCVE-2011-2202\nThe rfc1867_post_handler function in main/rfc1867.c in PHP before\n5.3.7 does not properly restrict filenames in multipart/form-data POST\nrequests, which allows remote attackers to conduct absolute path\ntraversal attacks, and possibly create or overwrite arbitrary files,\nvia a crafted upload request, related to a 'file path injection\nvulnerability.'\n\nCVE-2011-1938\nStack-based buffer overflow in the socket_connect function in\next/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow\ncontext-dependent attackers to execute arbitrary code via a long\npathname for a UNIX socket.\n\nCVE-2011-1148\nUse-after-free vulnerability in the substr_replace function in PHP\n5.3.6 and earlier allows context-dependent attackers to cause a denial\nof service (memory corruption) or possibly have unspecified other\nimpact by using the same variable for multiple arguments.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\n\nif(description)\n{\n script_id(70257);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-21 05:47:11 +0200 (Wed, 21 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\");\n script_bugtraq_id(49241);\n script_name(\"FreeBSD Ports: php5, php5-sockets\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"php5\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.3.7\")<0) {\n txt += 'Package php5 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"php5-sockets\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.3.7\")<0) {\n txt += 'Package php5-sockets version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:51:00", "description": "The remote host is missing an update as announced\nvia advisory SSA:2011-237-01.", "cvss3": {}, "published": "2012-09-10T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2011-237-01 php ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-2202"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:71962", "href": "http://plugins.openvas.org/nasl.php?oid=71962", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2011_237_01.nasl 6581 2017-07-06 13:58:51Z cfischer $\n# Description: Auto-generated from advisory SSA:2011-237-01\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,\n13.1, 13.37, and -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2011-237-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2011-237-01\";\n \nif(description)\n{\n script_id(71962);\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6581 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:58:51 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:18 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2011-237-01 php \");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack13.1\", rls:\"SLK13.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack13.37\", rls:\"SLK13.37\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:26:42", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1231-1", "cvss3": {}, "published": "2011-10-21T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 USN-1231-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2484", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-1657", "CVE-2011-3182", "CVE-2010-1914", "CVE-2011-3267", "CVE-2011-2202"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840782", "href": "http://plugins.openvas.org/nasl.php?oid=840782", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1231_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for php5 USN-1231-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mateusz Kocielski, Marek Kroemeke and Filip Palian discovered that a\n stack-based buffer overflow existed in the socket_connect function's\n handling of long pathnames for AF_UNIX sockets. A remote attacker\n might be able to exploit this to execute arbitrary code; however,\n the default compiler options for affected releases should reduce\n the vulnerability to a denial of service. This issue affected Ubuntu\n 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1938)\n\n Krzysztof Kotowicz discovered that the PHP post handler function\n does not properly restrict filenames in multipart/form-data POST\n requests. This may allow remote attackers to conduct absolute\n path traversal attacks and possibly create or overwrite arbitrary\n files. This issue affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu\n 10.10 and Ubuntu 11.04. (CVE-2011-2202)\n \n It was discovered that the crypt function for blowfish does not\n properly handle 8-bit characters. This could make it easier for an\n attacker to discover a cleartext password containing an 8-bit character\n that has a matching blowfish crypt value. This issue affected Ubuntu\n 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-2483)\n \n It was discovered that PHP did not properly check the return values of\n the malloc(3), calloc(3) and realloc(3) library functions in multiple\n locations. This could allow an attacker to cause a denial of service\n via a NULL pointer dereference or possibly execute arbitrary code.\n This issue affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10\n and Ubuntu 11.04. (CVE-2011-3182)\n \n Maksymilian Arciemowicz discovered that PHP did not properly implement\n the error_log function. This could allow an attacker to cause a denial\n of service via an application crash. This issue affected Ubuntu 10.04\n LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3267)\n \n Maksymilian Arciemowicz discovered that the ZipArchive functions\n addGlob() and addPattern() did not properly check their flag arguments.\n This could allow a malicious script author to cause a denial of\n service via application crash. This issue affected Ubuntu 10.04 LTS,\n Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-1657)\n \n It was discovered that the Xend opcode parser in PHP could be interrupted\n while handling the shift-left, shift-right, and bitwise-xor opcodes.\n This could allow a malicious script author to expose memory\n contents. This issue affected Ubuntu 10.04 LTS. (CVE-2010-1914)\n \n It was discovered that the strrchr function in PHP could be interrupted\n by a malicious script, allowing the exposure of memory contents. This\n issue affected Ubuntu 8.04 LTS. (CVE-2010-2484)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1231-1\";\ntag_affected = \"php5 on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1231-1/\");\n script_id(840782);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-21 16:31:29 +0200 (Fri, 21 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1231-1\");\n script_cve_id(\"CVE-2011-1938\", \"CVE-2011-2202\", \"CVE-2011-2483\", \"CVE-2011-3182\",\n \"CVE-2011-3267\", \"CVE-2011-1657\", \"CVE-2010-1914\", \"CVE-2010-2484\");\n script_name(\"Ubuntu Update for php5 USN-1231-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-1ubuntu9.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-1ubuntu9.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-1ubuntu9.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-1ubuntu9.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.2-1ubuntu4.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.5-1ubuntu7.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.5-1ubuntu7.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.5-1ubuntu7.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.5-1ubuntu7.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.4-2ubuntu5.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:44", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1231-1", "cvss3": {}, "published": "2011-10-21T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 USN-1231-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2484", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-1657", "CVE-2011-3182", "CVE-2010-1914", "CVE-2011-3267", "CVE-2011-2202"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840782", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840782", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1231_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for php5 USN-1231-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1231-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840782\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-21 16:31:29 +0200 (Fri, 21 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1231-1\");\n script_cve_id(\"CVE-2011-1938\", \"CVE-2011-2202\", \"CVE-2011-2483\", \"CVE-2011-3182\",\n \"CVE-2011-3267\", \"CVE-2011-1657\", \"CVE-2010-1914\", \"CVE-2010-2484\");\n script_name(\"Ubuntu Update for php5 USN-1231-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1231-1\");\n script_tag(name:\"affected\", value:\"php5 on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Mateusz Kocielski, Marek Kroemeke and Filip Palian discovered that a\n stack-based buffer overflow existed in the socket_connect function's\n handling of long pathnames for AF_UNIX sockets. A remote attacker\n might be able to exploit this to execute arbitrary code. However,\n the default compiler options for affected releases should reduce\n the vulnerability to a denial of service. This issue affected Ubuntu\n 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1938)\n\n Krzysztof Kotowicz discovered that the PHP post handler function\n does not properly restrict filenames in multipart/form-data POST\n requests. This may allow remote attackers to conduct absolute\n path traversal attacks and possibly create or overwrite arbitrary\n files. This issue affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu\n 10.10 and Ubuntu 11.04. (CVE-2011-2202)\n\n It was discovered that the crypt function for blowfish does not\n properly handle 8-bit characters. This could make it easier for an\n attacker to discover a cleartext password containing an 8-bit character\n that has a matching blowfish crypt value. This issue affected Ubuntu\n 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-2483)\n\n It was discovered that PHP did not properly check the return values of\n the malloc(3), calloc(3) and realloc(3) library functions in multiple\n locations. This could allow an attacker to cause a denial of service\n via a NULL pointer dereference or possibly execute arbitrary code.\n This issue affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10\n and Ubuntu 11.04. (CVE-2011-3182)\n\n Maksymilian Arciemowicz discovered that PHP did not properly implement\n the error_log function. This could allow an attacker to cause a denial\n of service via an application crash. This issue affected Ubuntu 10.04\n LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3267)\n\n Maksymilian Arciemowicz discovered that the ZipArchive functions\n addGlob() and addPattern() did not properly check their flag arguments.\n This could allow a malicious script author to cause a denial of\n service via application crash. This issue affected Ubuntu 10.04 LTS,\n Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-1657)\n\n It was discovered that the Xend opcode parser in PHP could be interrupted\n while handling the shift-left, shift-right, and bitwise-xor opcodes.\n This could allow a malicious script author to expose memory\n contents. This issue affected Ubuntu 10.04 LTS. (CVE-2010-1914)\n\n It was discovered that the strrchr function in PHP could be interrupted\n by a malicious script, allowing the exposure of memory contents. This\n issue affected Ubuntu 8.04 LTS. (CVE-2010-2484)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-1ubuntu9.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-1ubuntu9.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-1ubuntu9.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-1ubuntu9.6\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.2-1ubuntu4.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.5-1ubuntu7.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.5-1ubuntu7.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.5-1ubuntu7.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.5-1ubuntu7.3\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.4-2ubuntu5.18\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:52", "description": "The remote host is missing an update as announced\nvia advisory SSA:2011-237-01.", "cvss3": {}, "published": "2012-09-10T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2011-237-01 php", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2483", "CVE-2011-2202"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231071962", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071962", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2011_237_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from advisory SSA:2011-237-01\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71962\");\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-2202\", \"CVE-2011-1938\", \"CVE-2011-1148\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:18 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2011-237-01 php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(11\\.0|12\\.0|12\\.1|12\\.2|13\\.0|13\\.1|13\\.37)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2011-237-01\");\n\n script_tag(name:\"insight\", value:\"New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,\n13.1, 13.37, and -current to fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2011-237-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack13.1\", rls:\"SLK13.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"php\", ver:\"5.3.8-i486-1_slack13.37\", rls:\"SLK13.37\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:57:46", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-08-03T00:00:00", "type": "openvas", "title": "Mandriva Update for php MDVSA-2012:068-1 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2336", "CVE-2012-2335", "CVE-2012-1823"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:831627", "href": "http://plugins.openvas.org/nasl.php?oid=831627", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php MDVSA-2012:068-1 (php)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in php(-cgi):\n\n PHP-CGI-based setups contain a vulnerability when parsing query string\n parameters from php files. A remote unauthenticated attacker could\n obtain sensitive information, cause a denial of service condition or\n may be able to execute arbitrary code with the privileges of the web\n server (CVE-2012-1823).\n\n The updated packages have been patched to correct this issue.\n\n Update:\n\n It was discovered that the previous fix for the CVE-2012-1823\n vulnerability was incomplete (CVE-2012-2335, CVE-2012-2336). The\n updated packages provides the latest version (5.3.13) which provides\n a solution to this flaw.\";\n\ntag_affected = \"php on Mandriva Linux 2011.0,\n Mandriva Linux 2010.1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:068-1\");\n script_id(831627);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-03 09:56:04 +0530 (Fri, 03 Aug 2012)\");\n script_cve_id(\"CVE-2012-1823\", \"CVE-2012-2335\", \"CVE-2012-2336\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2012:068-1\");\n script_name(\"Mandriva Update for php MDVSA-2012:068-1 (php)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:51:13", "description": "The remote host is missing an update to php5\nannounced via advisory DSA 2399-1.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2399-1 (php5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1938", "CVE-2011-4885", "CVE-2011-2483", "CVE-2012-0057", "CVE-2011-4566"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70716", "href": "http://plugins.openvas.org/nasl.php?oid=70716", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2399_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2399-1 (php5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in PHP, the web scripting\nlanguage. The Common Vulnerabilities and Exposures project identifies\nthe following issues:\n\nCVE-2011-1938\n\nThe UNIX socket handling allowed attackers to trigger a buffer overflow\nvia a long path name.\n\nCVE-2011-2483\n\nThe crypt_blowfish function did not properly handle 8-bit characters,\nwhich made it easier for attackers to determine a cleartext password\nby using knowledge of a password hash.\n\nCVE-2011-4566\n\nWhen used on 32 bit platforms, the exif extension could be used to\ntrigger an integer overflow in the exif_process_IFD_TAG function\nwhen processing a JPEG file.\n\nCVE-2011-4885\n\nIt was possible to trigger hash collisions predictably when parsing\nform parameters, which allows remote attackers to cause a denial of\nservice by sending many crafted parameters.\n\nCVE-2012-0057\n\nWhen applying a crafted XSLT transform, an attacker could write files\nto arbitrary places in the filesystem.\n\nNOTE: the fix for CVE-2011-2483 required changing the behaviour of this\nfunction: it is now incompatible with some old (wrongly) generated hashes\nfor passwords containing 8-bit characters. See the package NEWS entry\nfor details. This change has not been applied to the Lenny version of PHP.\n\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 5.2.6.dfsg.1-1+lenny14.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 5.3.3-7+squeeze5.\n\nFor the testing distribution (wheezy) and unstable distribution (sid),\nthese problems have been fixed in version 5.3.9-1.\n\nWe recommend that you upgrade your php5 packages.\";\ntag_summary = \"The remote host is missing an update to php5\nannounced via advisory DSA 2399-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202399-1\";\n\nif(description)\n{\n script_id(70716);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-1938\", \"CVE-2011-2483\", \"CVE-2011-4566\", \"CVE-2011-4885\", \"CVE-2012-0057\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 06:36:57 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2399-1 (php5)\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:28", "description": "The remote host is missing an update to php5\nannounced via advisory DSA 2399-2.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2399-2 (php5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1938", "CVE-2011-4885", "CVE-2011-2483", "CVE-2012-0057", "CVE-2011-4566"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70717", "href": "http://plugins.openvas.org/nasl.php?oid=70717", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2399_2.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2399-2 (php5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A regression was found in the fix for PHP's XSLT transformations\n(CVE-2012-0057). Updated packages are now available to address this\nregression. For reference, the original advisory text follows.\n\nSeveral vulnerabilities have been discovered in PHP, the web scripting\nlanguage. The Common Vulnerabilities and Exposures project identifies\nthe following issues:\n\nCVE-2011-1938\n\nThe UNIX socket handling allowed attackers to trigger a buffer overflow\nvia a long path name.\n\nCVE-2011-2483\n\nThe crypt_blowfish function did not properly handle 8-bit characters,\nwhich made it easier for attackers to determine a cleartext password\nby using knowledge of a password hash.\n\nCVE-2011-4566\n\nWhen used on 32 bit platforms, the exif extension could be used to\ntrigger an integer overflow in the exif_process_IFD_TAG function\nwhen processing a JPEG file.\n\nCVE-2011-4885\n\nIt was possible to trigger hash collisions predictably when parsing\nform parameters, which allows remote attackers to cause a denial of\nservice by sending many crafted parameters.\n\nCVE-2012-0057\n\nWhen applying a crafted XSLT transform, an attacker could write files\nto arbitrary places in the filesystem.\n\nNOTE: the fix for CVE-2011-2483 required changing the behaviour of this\nfunction: it is now incompatible with some old (wrongly) generated hashes\nfor passwords containing 8-bit characters. See the package NEWS entry\nfor details. This change has not been applied to the Lenny version of PHP.\n\nNOTE: at the time of release packages for some architectures are still\nbeing built. They will be installed into the archive as soon as they\narrive.\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 5.2.6.dfsg.1-1+lenny15.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 5.3.3-7+squeeze6.\n\nFor the testing distribution (wheezy) and unstable distribution (sid),\nthese problems have been fixed in version 5.3.9-1.\n\nWe recommend that you upgrade your php5 packages.\";\ntag_summary = \"The remote host is missing an update to php5\nannounced via advisory DSA 2399-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202399-2\";\n\nif(description)\n{\n script_id(70717);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-1938\", \"CVE-2011-2483\", \"CVE-2011-4566\", \"CVE-2011-4885\", \"CVE-2012-0057\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 06:38:45 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2399-2 (php5)\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.10-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:02", "description": "The remote host is missing an update to php5\nannounced via advisory DSA 2399-1.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2399-1 (php5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1938", "CVE-2011-4885", "CVE-2011-2483", "CVE-2012-0057", "CVE-2011-4566"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231070716", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070716", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2399_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2399-1 (php5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70716\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-1938\", \"CVE-2011-2483\", \"CVE-2011-4566\", \"CVE-2011-4885\", \"CVE-2012-0057\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 06:36:57 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2399-1 (php5)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202399-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in PHP, the web scripting\nlanguage. The Common Vulnerabilities and Exposures project identifies\nthe following issues:\n\nCVE-2011-1938\n\nThe UNIX socket handling allowed attackers to trigger a buffer overflow\nvia a long path name.\n\nCVE-2011-2483\n\nThe crypt_blowfish function did not properly handle 8-bit characters,\nwhich made it easier for attackers to determine a cleartext password\nby using knowledge of a password hash.\n\nCVE-2011-4566\n\nWhen used on 32 bit platforms, the exif extension could be used to\ntrigger an integer overflow in the exif_process_IFD_TAG function\nwhen processing a JPEG file.\n\nCVE-2011-4885\n\nIt was possible to trigger hash collisions predictably when parsing\nform parameters, which allows remote attackers to cause a denial of\nservice by sending many crafted parameters.\n\nCVE-2012-0057\n\nWhen applying a crafted XSLT transform, an attacker could write files\nto arbitrary places in the filesystem.\n\nNOTE: the fix for CVE-2011-2483 required changing the behaviour of this\nfunction: it is now incompatible with some old (wrongly) generated hashes\nfor passwords containing 8-bit characters. See the package NEWS entry\nfor details. This change has not been applied to the Lenny version of PHP.\n\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 5.2.6.dfsg.1-1+lenny14.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 5.3.3-7+squeeze5.\n\nFor the testing distribution (wheezy) and unstable distribution (sid),\nthese problems have been fixed in version 5.3.9-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your php5 packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to php5\nannounced via advisory DSA 2399-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6.dfsg.1-1+lenny14\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.3-7+squeeze5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:48", "description": "The remote host is missing an update to php5\nannounced via advisory DSA 2399-2.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2399-2 (php5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1938", "CVE-2011-4885", "CVE-2011-2483", "CVE-2012-0057", "CVE-2011-4566"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231070717", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070717", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2399_2.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2399-2 (php5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70717\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-1938\", \"CVE-2011-2483\", \"CVE-2011-4566\", \"CVE-2011-4885\", \"CVE-2012-0057\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 06:38:45 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2399-2 (php5)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202399-2\");\n script_tag(name:\"insight\", value:\"A regression was found in the fix for PHP's XSLT transformations\n(CVE-2012-0057). Updated packages are now available to address this\nregression. For reference, the original advisory text follows.\n\nSeveral vulnerabilities have been discovered in PHP, the web scripting\nlanguage. The Common Vulnerabilities and Exposures project identifies\nthe following issues:\n\nCVE-2011-1938\n\nThe UNIX socket handling allowed attackers to trigger a buffer overflow\nvia a long path name.\n\nCVE-2011-2483\n\nThe crypt_blowfish function did not properly handle 8-bit characters,\nwhich made it easier for attackers to determine a cleartext password\nby using knowledge of a password hash.\n\nCVE-2011-4566\n\nWhen used on 32 bit platforms, the exif extension could be used to\ntrigger an integer overflow in the exif_process_IFD_TAG function\nwhen processing a JPEG file.\n\nCVE-2011-4885\n\nIt was possible to trigger hash collisions predictably when parsing\nform parameters, which allows remote attackers to cause a denial of\nservice by sending many crafted parameters.\n\nCVE-2012-0057\n\nWhen applying a crafted XSLT transform, an attacker could write files\nto arbitrary places in the filesystem.\n\nNOTE: the fix for CVE-2011-2483 required changing the behaviour of this\nfunction: it is now incompatible with some old (wrongly) generated hashes\nfor passwords containing 8-bit characters. See the package NEWS entry\nfor details. This change has not been applied to the Lenny version of PHP.\n\nNOTE: at the time of release packages for some architectures are still\nbeing built. They will be installed into the archive as soon as they\narrive.\n\nFor the oldstable distribution (lenny), these problems have been fixed\nin version 5.2.6.dfsg.1-1+lenny15.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 5.3.3-7+squeeze6.\n\nFor the testing distribution (wheezy) and unstable distribution (sid),\nthese problems have been fixed in version 5.3.9-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your php5 packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to php5\nannounced via advisory DSA 2399-2.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6.dfsg.1-1+lenny15\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.3-7+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.10-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-03T00:00:00", "type": "openvas", "title": "Mandriva Update for php MDVSA-2012:068-1 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2336", "CVE-2012-2335", "CVE-2012-1823"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831627", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831627", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php MDVSA-2012:068-1 (php)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:068-1\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831627\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-03 09:56:04 +0530 (Fri, 03 Aug 2012)\");\n script_cve_id(\"CVE-2012-1823\", \"CVE-2012-2335\", \"CVE-2012-2336\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:068-1\");\n script_name(\"Mandriva Update for php MDVSA-2012:068-1 (php)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(2011\\.0|2010\\.1)\");\n script_tag(name:\"affected\", value:\"php on Mandriva Linux 2011.0,\n Mandriva Linux 2010.1\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A vulnerability has been found and corrected in php(-cgi):\n\n PHP-CGI-based setups contain a vulnerability when parsing query string\n parameters from php files. A remote unauthenticated attacker could\n obtain sensitive information, cause a denial of service condition or\n may be able to execute arbitrary code with the privileges of the web\n server (CVE-2012-1823).\n\n The updated packages have been patched to correct this issue.\n\n Update:\n\n It was discovered that the previous fix for the CVE-2012-1823\n vulnerability was incomplete (CVE-2012-2335, CVE-2012-2336). The\n updated packages provides the latest version (5.3.13) which provides\n a solution to this flaw.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.13~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.13~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:46", "description": "The remote host is missing updates announced in\nadvisory GLSA 201209-03.", "cvss3": {}, "published": "2012-09-26T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201209-03 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2336", "CVE-2012-2386", "CVE-2012-3450", "CVE-2012-0789", "CVE-2012-2335", "CVE-2012-1823", "CVE-2012-2143", "CVE-2011-4885", "CVE-2012-2688", "CVE-2011-1398", "CVE-2012-0788", "CVE-2012-0830", "CVE-2012-0057", "CVE-2012-1172", "CVE-2011-4566", "CVE-2011-3379", "CVE-2012-0831", "CVE-2012-3365"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231072420", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231072420", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201209_03.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.72420\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-1398\", \"CVE-2011-3379\", \"CVE-2011-4566\", \"CVE-2011-4885\", \"CVE-2012-0057\", \"CVE-2012-0788\", \"CVE-2012-0789\", \"CVE-2012-0830\", \"CVE-2012-0831\", \"CVE-2012-1172\", \"CVE-2012-1823\", \"CVE-2012-2143\", \"CVE-2012-2311\", \"CVE-2012-2335\", \"CVE-2012-2336\", \"CVE-2012-2386\", \"CVE-2012-2688\", \"CVE-2012-3365\", \"CVE-2012-3450\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-26 11:20:48 -0400 (Wed, 26 Sep 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201209-03 (php)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were found in PHP, the worst of which lead\nto remote execution of arbitrary code.\");\n script_tag(name:\"solution\", value:\"All PHP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.3.15'\n\n\nAll PHP users on ARM should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.4.5'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201209-03\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=384301\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=396311\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=396533\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=399247\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=399567\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=399573\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=401997\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=410957\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=414553\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=421489\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=427354\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=429630\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201209-03.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.3.15\", \"ge 5.4.5\"), vulnerable: make_list(\"lt 5.3.15\", \"lt 5.4.5\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:50:26", "description": "The remote host is missing updates announced in\nadvisory GLSA 201209-03.", "cvss3": {}, "published": "2012-09-26T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201209-03 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2336", "CVE-2012-2386", "CVE-2012-3450", "CVE-2012-0789", "CVE-2012-2335", "CVE-2012-1823", "CVE-2012-2143", "CVE-2011-4885", "CVE-2012-2688", "CVE-2011-1398", "CVE-2012-0788", "CVE-2012-0830", "CVE-2012-0057", "CVE-2012-1172", "CVE-2011-4566", "CVE-2011-3379", "CVE-2012-0831", "CVE-2012-3365"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:72420", "href": "http://plugins.openvas.org/nasl.php?oid=72420", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in PHP, the worst of which lead\nto remote execution of arbitrary code.\";\ntag_solution = \"All PHP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.3.15'\n \n\nAll PHP users on ARM should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.4.5'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201209-03\nhttp://bugs.gentoo.org/show_bug.cgi?id=384301\nhttp://bugs.gentoo.org/show_bug.cgi?id=396311\nhttp://bugs.gentoo.org/show_bug.cgi?id=396533\nhttp://bugs.gentoo.org/show_bug.cgi?id=399247\nhttp://bugs.gentoo.org/show_bug.cgi?id=399567\nhttp://bugs.gentoo.org/show_bug.cgi?id=399573\nhttp://bugs.gentoo.org/show_bug.cgi?id=401997\nhttp://bugs.gentoo.org/show_bug.cgi?id=410957\nhttp://bugs.gentoo.org/show_bug.cgi?id=414553\nhttp://bugs.gentoo.org/show_bug.cgi?id=421489\nhttp://bugs.gentoo.org/show_bug.cgi?id=427354\nhttp://bugs.gentoo.org/show_bug.cgi?id=429630\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201209-03.\";\n\n \n \nif(description)\n{\n script_id(72420);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-1398\", \"CVE-2011-3379\", \"CVE-2011-4566\", \"CVE-2011-4885\", \"CVE-2012-0057\", \"CVE-2012-0788\", \"CVE-2012-0789\", \"CVE-2012-0830\", \"CVE-2012-0831\", \"CVE-2012-1172\", \"CVE-2012-1823\", \"CVE-2012-2143\", \"CVE-2012-2311\", \"CVE-2012-2335\", \"CVE-2012-2336\", \"CVE-2012-2386\", \"CVE-2012-2688\", \"CVE-2012-3365\", \"CVE-2012-3450\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-26 11:20:48 -0400 (Wed, 26 Sep 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201209-03 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.3.15\", \"ge 5.4.5\"), vulnerable: make_list(\"lt 5.3.15\", \"lt 5.4.5\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-07-21T22:03:21", "description": "PHP is prone to an information-disclosure vulnerability.", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "openvas", "title": "PHP-CGI-based setups vulnerability when parsing query string parameters from php files.", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2336", "CVE-2012-2335", "CVE-2012-1823"], "modified": "2020-07-17T00:00:00", "id": "OPENVAS:1361412562310103482", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103482", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# PHP-CGI-based setups vulnerability when parsing query string parameters from php files.\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103482\");\n script_version(\"2020-07-17T07:18:20+0000\");\n script_bugtraq_id(53388);\n script_cve_id(\"CVE-2012-1823\", \"CVE-2012-2311\", \"CVE-2012-2336\", \"CVE-2012-2335\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-07-17 07:18:20 +0000 (Fri, 17 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-05-04 10:40:34 +0100 (Fri, 04 May 2012)\");\n script_name(\"PHP-CGI-based setups vulnerability when parsing query string parameters from php files.\");\n script_category(ACT_ATTACK);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"find_service.nasl\", \"httpver.nasl\", \"no404.nasl\", \"webmirror.nasl\", \"DDI_Directory_Scanner.nasl\", \"gb_php_detect.nasl\", \"global_settings.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n\n script_xref(name:\"URL\", value:\"http://www.h-online.com/open/news/item/Critical-open-hole-in-PHP-creates-risks-Update-1567532.html\");\n script_xref(name:\"URL\", value:\"http://www.kb.cert.org/vuls/id/520827\");\n script_xref(name:\"URL\", value:\"http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/\");\n script_xref(name:\"URL\", value:\"https://bugs.php.net/bug.php?id=61910\");\n script_xref(name:\"URL\", value:\"http://www.php.net/manual/en/security.cgi-bin.php\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/53388\");\n\n script_tag(name:\"summary\", value:\"PHP is prone to an information-disclosure vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Sends a crafted HTTP POST request and checks the response.\");\n\n script_tag(name:\"insight\", value:\"When PHP is used in a CGI-based setup (such as Apache's mod_cgid), the\n php-cgi receives a processed query string parameter as command line arguments which allows command-line\n switches, such as -s, -d or -c to be passed to the php-cgi binary, which can be exploited to disclose\n source code and obtain arbitrary code execution.\n\n An example of the -s command, allowing an attacker to view the source code of index.php is below:\n\n http://example.com/index.php?-s\");\n\n script_tag(name:\"impact\", value:\"Exploiting this issue allows remote attackers to view the source code of files in the\n context of the server process. This may allow the attacker to obtain sensitive information and to run arbitrary PHP code\n on the affected computer. Other attacks are also possible.\");\n\n script_tag(name:\"solution\", value:\"PHP has released version 5.4.3 and 5.3.13 to address this vulnerability.\n PHP is recommending that users upgrade to the latest version of PHP.\");\n\n script_tag(name:\"qod_type\", value:\"remote_active\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_timeout(600);\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\ninclude(\"misc_func.inc\");\n\nport = http_get_port(default:80);\nif(!http_can_host_php(port:port))\n exit(0);\n\nhost = http_host_name(dont_add_port:TRUE);\n_phps = http_get_kb_file_extensions(port:port, host:host, ext:\"php\");\n\nif(!isnull(_phps)) {\n _phps = make_list(\"/\", \"/index.php\", _phps);\n} else {\n _phps = make_list(\"/\", \"/index.php\");\n}\n\n_phps = make_list(\"/cgi-bin/php\", \"/cgi-bin/php4\", \"/cgi-bin/php4-cgi\", \"/cgi-bin/php4.cgi\", \"/cgi-bin/php5\",\n \"/cgi-bin/php5-cgi\", \"/cgi-bin/php5.cgi\", \"/cgi-bin/php-cgi\", \"/cgi-bin/php.cgi\", \"/cgi/php\",\n \"/cgi/php4\", \"/cgi/php4-cgi\", \"/cgi/php4.cgi\", \"/cgi/php5\", \"/cgi/php5-cgi\", \"/cgi/php5.cgi\",\n \"/cgi/php-cgi\", \"/cgi/php.cgi\", \"/php\", \"/php4\", \"/php4.cgi\", \"/php5\", \"/php5.cgi\", \"/php.cgi\", _phps);\n\n_phps = make_list_unique(_phps);\n\nphpinfos = get_kb_list(\"php/phpinfo/\" + host + \"/\" + port + \"/detected_urls\");\nphps = make_list();\n\nif(phpinfos) {\n foreach p(_phps) {\n exist = FALSE;\n foreach pi(phpinfos) {\n if(p == pi)\n exist = TRUE;\n break;\n }\n if(!exist)\n phps = make_list(phps, p);\n }\n} else {\n phps = _phps;\n}\n\nmax = 10;\ncount = 1;\n\npost_data = '<?php phpinfo();?>';\npost_urls[i++] = '-dallow_url_include%3don+-dauto_prepend_file%3dphp://input';\npost_urls[i++] = '%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64' +\n '+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%7' +\n '3%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%7' +\n '5%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%7' +\n '2%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%6' +\n '5%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5' +\n 'F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%7' +\n '4%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E'; # from Kingcope apache-magika.c (-d allow_url_include=on -d safe_mode=off -d suhosin.simulation=on -d disable_functions=\"\" -d open_basedir=none -d auto_prepend_file=php://input -d cgi.force_redirect=0 -d cgi.redirect_status_env=0 -n)\n\n# nb: This function is expected to be here so that we're passing the port below in the Host: header...\nhost = http_host_name(port:port);\n\nforeach php(phps) {\n foreach post_url(post_urls) {\n\n url = php + \"?\" + post_url;\n req = http_post_put_req(port:port, url:url, data:post_data, add_headers:make_array(\"Content-Type\", \"application/x-www-form-urlencoded\"));\n res = http_keepalive_send_recv(port:port, data:req, bodyonly:TRUE);\n if(!res)\n continue;\n\n if(found = egrep(string:res, pattern:\"<title>phpinfo\\(\\)</title>\", icase:FALSE)) {\n\n info['\"HTTP POST\" body'] = post_data;\n info[\"URL\"] = http_report_vuln_url(port:port, url:url, url_only:TRUE);\n\n report = 'By doing the following HTTP POST request:\\n\\n';\n report += text_format_table(array:info) + '\\n\\n';\n report += 'it was possible to execute the \"' + post_data + '\" command.';\n report += '\\n\\nResult: ' + chomp(found);\n\n expert_info = 'Request:\\n'+ req + 'Response:\\n' + res;\n security_message(port:port, data:report, expert_info:expert_info);\n exit(0);\n }\n }\n count++;\n if(count >= max)\n exit(99);\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:42:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-12-13T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for update (openSUSE-SU-2012:0426-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1466", "CVE-2012-0789", "CVE-2011-4885", "CVE-2012-0788", "CVE-2012-0830", "CVE-2012-0781", "CVE-2012-0057", "CVE-2011-4566", "CVE-2012-0831", "CVE-2011-4153", "CVE-2012-0807"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850217", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850217", "sourceData": "# Copyright (C) 2012 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850217\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-12-13 17:01:21 +0530 (Thu, 13 Dec 2012)\");\n script_cve_id(\"CVE-2011-1466\", \"CVE-2011-4153\", \"CVE-2011-4566\", \"CVE-2011-4885\",\n \"CVE-2012-0057\", \"CVE-2012-0781\", \"CVE-2012-0788\", \"CVE-2012-0789\",\n \"CVE-2012-0807\", \"CVE-2012-0830\", \"CVE-2012-0831\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"openSUSE-SU\", value:\"2012:0426-1\");\n script_name(\"openSUSE: Security Advisory for update (openSUSE-SU-2012:0426-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'update'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE12\\.1\");\n\n script_tag(name:\"affected\", value:\"update on openSUSE 12.1\");\n\n script_tag(name:\"insight\", value:\"php5 security update\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE12.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.3.8~4.9.2\", rls:\"openSUSE12.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:57:07", "description": "Check for the Version of update", "cvss3": {}, "published": "2012-12-13T00:00:00", "type": "openvas", "title": "SuSE Update for update openSUSE-SU-2012:0426-1 (update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1466", "CVE-2012-0789", "CVE-2011-4885", "CVE-2012-0788", "CVE-2012-0830", "CVE-2012-0781", "CVE-2012-0057", "CVE-2011-4566", "CVE-2012-0831", "CVE-2011-4153", "CVE-2012-0807"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:850217", "href": "http://plugins.openvas.org/nasl.php?oid=850217", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2012_0426_1.nasl 8245 2017-12-26 06:29:59Z teissa $\n#\n# SuSE Update for update openSUSE-SU-2012:0426-1 (update)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"update on openSUSE 12.1\";\ntag_insight = \"php5 security update\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850217);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-13 17:01:21 +0530 (Thu, 13 Dec 2012)\");\n script_cve_id(\"CVE-2011-1466\", \"CVE-2011-4153\", \"CVE-2011-4566\", \"CVE-2011-4885\",\n \"CVE-2012-0057\", \"CVE-2012-0781\", \"CVE-2012-0788\", \"CVE-2012-0789\",\n \"CVE-2012-0807\", \"CVE-2012-0830\", \"CVE-2012-0831\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"openSUSE-SU\", value: \"2012:0426_1\");\n script_name(\"SuSE Update for update openSUSE-SU-2012:0426-1 (update)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of update\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE12.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.3.8~4.9.2\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-06T13:07:31", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-01-20T00:00:00", "type": "openvas", "title": "RedHat Update for php RHSA-2012:0033-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1466", "CVE-2011-4885", "CVE-2011-0708", "CVE-2011-1469", "CVE-2011-4566", "CVE-2011-2202"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:870531", "href": "http://plugins.openvas.org/nasl.php?oid=870531", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2012:0033-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was found that the hashing routine used by PHP arrays was susceptible\n to predictable hash collisions. If an HTTP POST request to a PHP\n application contained many parameters whose names map to the same hash\n value, a large amount of CPU time would be consumed. This flaw has been\n mitigated by adding a new configuration directive, max_input_vars, that\n limits the maximum number of parameters processed per request. By\n default, max_input_vars is set to 1000. (CVE-2011-4885)\n\n A use-after-free flaw was found in the PHP substr_replace() function. If a\n PHP script used the same variable as multiple function arguments, a remote\n attacker could possibly use this to crash the PHP interpreter or, possibly,\n execute arbitrary code. (CVE-2011-1148)\n\n An integer overflow flaw was found in the PHP exif extension. On 32-bit\n systems, a specially-crafted image file could cause the PHP interpreter to\n crash or disclose portions of its memory when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-4566)\n\n An insufficient input validation flaw, leading to a buffer over-read, was\n found in the PHP exif extension. A specially-crafted image file could cause\n the PHP interpreter to crash when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-0708)\n\n An integer overflow flaw was found in the PHP calendar extension. A remote\n attacker able to make a PHP script call SdnToJulian() with a large value\n could cause the PHP interpreter to crash. (CVE-2011-1466)\n\n A bug in the PHP Streams component caused the PHP interpreter to crash if\n an FTP wrapper connection was made through an HTTP proxy. A remote attacker\n could possibly trigger this issue if a PHP script accepted an untrusted URL\n to connect to. (CVE-2011-1469)\n\n An off-by-one flaw was found in PHP. If an attacker uploaded a file with a\n specially-crafted file name it could cause a PHP script to attempt to write\n a file to the root (/) directory. By default, PHP runs as the &quot;apache&quot;\n user, preventing it from writing to the root directory. (CVE-2011-2202)\n\n Red Hat would like to thank oCERT for reporting CVE-2011-4885. oCERT\n acknowledges Julian Wlde and Alexander Klink as the original reporters of\n CVE-2011-4885.\n\n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_affected = \"php on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00008.html\");\n script_id(870531);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-20 10:59:11 +0530 (Fri, 20 Jan 2012)\");\n script_cve_id(\"CVE-2011-0708\", \"CVE-2011-1148\", \"CVE-2011-1466\", \"CVE-2011-1469\", \"CVE-2011-2202\", \"CVE-2011-4566\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:0033-01\");\n script_name(\"RedHat Update for php RHSA-2012:0033-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-08T12:57:10", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2012:0033 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1466", "CVE-2011-4885", "CVE-2011-0708", "CVE-2011-1469", "CVE-2011-4566", "CVE-2011-2202"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:881147", "href": "http://plugins.openvas.org/nasl.php?oid=881147", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2012:0033 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was found that the hashing routine used by PHP arrays was susceptible\n to predictable hash collisions. If an HTTP POST request to a PHP\n application contained many parameters whose names map to the same hash\n value, a large amount of CPU time would be consumed. This flaw has been\n mitigated by adding a new configuration directive, max_input_vars, that\n limits the maximum number of parameters processed per request. By\n default, max_input_vars is set to 1000. (CVE-2011-4885)\n \n A use-after-free flaw was found in the PHP substr_replace() function. If a\n PHP script used the same variable as multiple function arguments, a remote\n attacker could possibly use this to crash the PHP interpreter or, possibly,\n execute arbitrary code. (CVE-2011-1148)\n \n An integer overflow flaw was found in the PHP exif extension. On 32-bit\n systems, a specially-crafted image file could cause the PHP interpreter to\n crash or disclose portions of its memory when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-4566)\n \n An insufficient input validation flaw, leading to a buffer over-read, was\n found in the PHP exif extension. A specially-crafted image file could cause\n the PHP interpreter to crash when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-0708)\n \n An integer overflow flaw was found in the PHP calendar extension. A remote\n attacker able to make a PHP script call SdnToJulian() with a large value\n could cause the PHP interpreter to crash. (CVE-2011-1466)\n \n A bug in the PHP Streams component caused the PHP interpreter to crash if\n an FTP wrapper connection was made through an HTTP proxy. A remote attacker\n could possibly trigger this issue if a PHP script accepted an untrusted URL\n to connect to. (CVE-2011-1469)\n \n An off-by-one flaw was found in PHP. If an attacker uploaded a file with a\n specially-crafted file name it could cause a PHP script to attempt to write\n a file to the root (/) directory. By default, PHP runs as the &quot;apache&quot;\n user, preventing it from writing to the root directory. (CVE-2011-2202)\n \n Red Hat would like to thank oCERT for reporting CVE-2011-4885. oCERT\n acknowledges Julian Wlde and Alexander Klink as the original reporters of\n CVE-2011-4885.\n \n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_affected = \"php on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-January/018379.html\");\n script_id(881147);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:22:15 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-0708\", \"CVE-2011-1148\", \"CVE-2011-1466\", \"CVE-2011-1469\",\n \"CVE-2011-2202\", \"CVE-2011-4566\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0033\");\n script_name(\"CentOS Update for php CESA-2012:0033 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-20T00:00:00", "type": "openvas", "title": "RedHat Update for php RHSA-2012:0033-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1466", "CVE-2011-4885", "CVE-2011-0708", "CVE-2011-1469", "CVE-2011-4566", "CVE-2011-2202"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870531", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870531", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2012:0033-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00008.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870531\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-20 10:59:11 +0530 (Fri, 20 Jan 2012)\");\n script_cve_id(\"CVE-2011-0708\", \"CVE-2011-1148\", \"CVE-2011-1466\", \"CVE-2011-1469\", \"CVE-2011-2202\", \"CVE-2011-4566\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:0033-01\");\n script_name(\"RedHat Update for php RHSA-2012:0033-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"php on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was found that the hashing routine used by PHP arrays was susceptible\n to predictable hash collisions. If an HTTP POST request to a PHP\n application contained many parameters whose names map to the same hash\n value, a large amount of CPU time would be consumed. This flaw has been\n mitigated by adding a new configuration directive, max_input_vars, that\n limits the maximum number of parameters processed per request. By\n default, max_input_vars is set to 1000. (CVE-2011-4885)\n\n A use-after-free flaw was found in the PHP substr_replace() function. If a\n PHP script used the same variable as multiple function arguments, a remote\n attacker could possibly use this to crash the PHP interpreter or, possibly,\n execute arbitrary code. (CVE-2011-1148)\n\n An integer overflow flaw was found in the PHP exif extension. On 32-bit\n systems, a specially-crafted image file could cause the PHP interpreter to\n crash or disclose portions of its memory when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-4566)\n\n An insufficient input validation flaw, leading to a buffer over-read, was\n found in the PHP exif extension. A specially-crafted image file could cause\n the PHP interpreter to crash when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-0708)\n\n An integer overflow flaw was found in the PHP calendar extension. A remote\n attacker able to make a PHP script call SdnToJulian() with a large value\n could cause the PHP interpreter to crash. (CVE-2011-1466)\n\n A bug in the PHP Streams component caused the PHP interpreter to crash if\n an FTP wrapper connection was made through an HTTP proxy. A remote attacker\n could possibly trigger this issue if a PHP script accepted an untrusted URL\n to connect to. (CVE-2011-1469)\n\n An off-by-one flaw was found in PHP. If an attacker uploaded a file with a\n specially-crafted file name it could cause a PHP script to attempt to write\n a file to the root (/) directory. By default, PHP runs as the 'apache'\n user, preventing it from writing to the root directory. (CVE-2011-2202)\n\n Red Hat would like to thank oCERT for reporting CVE-2011-4885. oCERT\n acknowledges Julian Wlde and Alexander Klink as the original reporters of\n CVE-2011-4885.\n\n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_7.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T23:02:49", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-37)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120220", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120220", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120220\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:20:39 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-37)\");\n script_tag(name:\"insight\", value:\"It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash value, a large amount of CPU time would be consumed. This flaw has been mitigated by adding a new configuration directive, max_input_vars, that limits the maximum number of parameters processed per request. By default, max_input_vars is set to 1000. (CVE-2011-4885 )An integer overflow flaw was found in the PHP exif extension. On 32-bit systems, a specially-crafted image file could cause the PHP interpreter to crash or disclose portions of its memory when a PHP script tries to extract Exchangeable image file format (Exif) metadata from the image file. (CVE-2011-4566 )\");\n script_tag(name:\"solution\", value:\"Run yum update php to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-37.html\");\n script_cve_id(\"CVE-2011-4566\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-embedded\", rpm:\"php-embedded~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.9~1.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2012-0504", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864028", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864028", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2012-0504\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072177.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864028\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:02:04 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-4885\", \"CVE-2011-4566\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-0504\");\n script_name(\"Fedora Update for maniadrive FEDORA-2012-0504\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'maniadrive'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"maniadrive on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc16.1\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2018-01-02T10:57:33", "description": "Check for the Version of php-eaccelerator", "cvss3": {}, "published": "2012-02-01T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2012-0420", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:863706", "href": "http://plugins.openvas.org/nasl.php?oid=863706", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2012-0420\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"php-eaccelerator on Fedora 15\";\ntag_insight = \"eAccelerator is a further development of the MMCache PHP Accelerator &amp; Encoder.\n It increases performance of PHP scripts by caching them in compiled state, so\n that the overhead of compiling is almost completely eliminated.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072490.html\");\n script_id(863706);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:31:53 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-4885\", \"CVE-2011-4566\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-0420\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2012-0420\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php-eaccelerator\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~9.fc15.1\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-02-01T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2012-0420", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863706", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863706", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2012-0420\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072490.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863706\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:31:53 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-4885\", \"CVE-2011-4566\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-0420\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2012-0420\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-eaccelerator'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"php-eaccelerator on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~9.fc15.1\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2012-0504", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863815", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863815", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2012-0504\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072178.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863815\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:19:34 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-4885\", \"CVE-2011-4566\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-0504\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2012-0504\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-eaccelerator'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"php-eaccelerator on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~9.fc16.1\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:53", "description": "Oracle Linux Local Security Checks ELSA-2012-0033", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0033", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1466", "CVE-2011-4885", "CVE-2011-0708", "CVE-2011-1469", "CVE-2011-4566", "CVE-2011-2202"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122011", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122011", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0033.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122011\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:11:39 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0033\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0033 - php security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0033\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0033.html\");\n script_cve_id(\"CVE-2011-0708\", \"CVE-2011-1148\", \"CVE-2011-1466\", \"CVE-2011-1469\", \"CVE-2011-2202\", \"CVE-2011-4566\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_7.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2012:0033 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1466", "CVE-2011-4885", "CVE-2011-0708", "CVE-2011-1469", "CVE-2011-4566", "CVE-2011-2202"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881147", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881147", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2012:0033 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-January/018379.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881147\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:22:15 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-0708\", \"CVE-2011-1148\", \"CVE-2011-1466\", \"CVE-2011-1469\",\n \"CVE-2011-2202\", \"CVE-2011-4566\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:0033\");\n script_name(\"CentOS Update for php CESA-2012:0033 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"php on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was found that the hashing routine used by PHP arrays was susceptible\n to predictable hash collisions. If an HTTP POST request to a PHP\n application contained many parameters whose names map to the same hash\n value, a large amount of CPU time would be consumed. This flaw has been\n mitigated by adding a new configuration directive, max_input_vars, that\n limits the maximum number of parameters processed per request. By\n default, max_input_vars is set to 1000. (CVE-2011-4885)\n\n A use-after-free flaw was found in the PHP substr_replace() function. If a\n PHP script used the same variable as multiple function arguments, a remote\n attacker could possibly use this to crash the PHP interpreter or, possibly,\n execute arbitrary code. (CVE-2011-1148)\n\n An integer overflow flaw was found in the PHP exif extension. On 32-bit\n systems, a specially-crafted image file could cause the PHP interpreter to\n crash or disclose portions of its memory when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-4566)\n\n An insufficient input validation flaw, leading to a buffer over-read, was\n found in the PHP exif extension. A specially-crafted image file could cause\n the PHP interpreter to crash when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-0708)\n\n An integer overflow flaw was found in the PHP calendar extension. A remote\n attacker able to make a PHP script call SdnToJulian() with a large value\n could cause the PHP interpreter to crash. (CVE-2011-1466)\n\n A bug in the PHP Streams component caused the PHP interpreter to crash if\n an FTP wrapper connection was made through an HTTP proxy. A remote attacker\n could possibly trigger this issue if a PHP script accepted an untrusted URL\n to connect to. (CVE-2011-1469)\n\n An off-by-one flaw was found in PHP. If an attacker uploaded a file with a\n specially-crafted file name it could cause a PHP script to attempt to write\n a file to the root (/) directory. By default, PHP runs as the 'apache'\n user, preventing it from writing to the root directory. (CVE-2011-2202)\n\n Red Hat would like to thank oCERT for reporting CVE-2011-4885. oCERT\n acknowledges Julian Wlde and Alexander Klink as the original reporters of\n CVE-2011-4885.\n\n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_7.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:56:41", "description": "Check for the Version of php53", "cvss3": {}, "published": "2012-02-03T00:00:00", "type": "openvas", "title": "RedHat Update for php53 RHSA-2012:0092-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2012-0830"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:870539", "href": "http://plugins.openvas.org/nasl.php?oid=870539", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php53 RHSA-2012:0092-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was discovered that the fix for CVE-2011-4885 (released via\n RHSA-2012:0019 for php53 packages in Red Hat Enterprise Linux 5) introduced\n an uninitialized memory use flaw. A remote attacker could send a specially-\n crafted HTTP request to cause the PHP interpreter to crash or, possibly,\n execute arbitrary code. (CVE-2012-0830)\n\n All php53 users should upgrade to these updated packages, which contain a\n backported patch to resolve this issue. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_affected = \"php53 on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00012.html\");\n script_id(870539);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-03 11:24:09 +0530 (Fri, 03 Feb 2012)\");\n script_cve_id(\"CVE-2012-0830\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:0092-01\");\n script_name(\"RedHat Update for php53 RHSA-2012:0092-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php53\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-debuginfo\", rpm:\"php53-debuginfo~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_7.6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:57:40", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2012:0093 centos4 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2012-0830"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:881226", "href": "http://plugins.openvas.org/nasl.php?oid=881226", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2012:0093 centos4 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was discovered that the fix for CVE-2011-4885 (released via\n RHSA-2012:0071, RHSA-2012:0033, and RHSA-2012:0019 for php packages in Red\n Hat Enterprise Linux 4, 5, and 6 respectively) introduced an uninitialized\n memory use flaw. A remote attacker could send a specially-crafted HTTP\n request to cause the PHP interpreter to crash or, possibly, execute\n arbitrary code. (CVE-2012-0830)\n \n All php users should upgrade to these updated packages, which contain a\n backported patch to resolve this issue. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_affected = \"php on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-February/018418.html\");\n script_id(881226);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:52:56 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0830\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0093\");\n script_name(\"CentOS Update for php CESA-2012:0093 centos4 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-domxml\", rpm:\"php-domxml~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~4.3.9~3.36\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-02-21T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2012-1301", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2012-0830"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863735", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863735", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2012-1301\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-February/073230.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863735\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:54:38 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2012-0830\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-1301\");\n script_name(\"Fedora Update for maniadrive FEDORA-2012-1301\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'maniadrive'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"maniadrive on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc15.2\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:58:06", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2012:0093 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2012-0830"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:881075", "href": "http://plugins.openvas.org/nasl.php?oid=881075", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2012:0093 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was discovered that the fix for CVE-2011-4885 (released via\n RHSA-2012:0071, RHSA-2012:0033, and RHSA-2012:0019 for php packages in Red\n Hat Enterprise Linux 4, 5, and 6 respectively) introduced an uninitialized\n memory use flaw. A remote attacker could send a specially-crafted HTTP\n request to cause the PHP interpreter to crash or, possibly, execute\n arbitrary code. (CVE-2012-0830)\n \n All php users should upgrade to these updated packages, which contain a\n backported patch to resolve this issue. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_affected = \"php on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-February/018420.html\");\n script_id(881075);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:01:25 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0830\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0093\");\n script_name(\"CentOS Update for php CESA-2012:0093 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-embedded\", rpm:\"php-embedded~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zts\", rpm:\"php-zts~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:21:11", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1358-2", "cvss3": {}, "published": "2012-02-21T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 USN-1358-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0441", "CVE-2011-4885", "CVE-2012-0788", "CVE-2012-0830", "CVE-2012-0057", "CVE-2012-0831", "CVE-2011-4153"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840895", "href": "http://plugins.openvas.org/nasl.php?oid=840895", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1358_2.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for php5 USN-1358-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN 1358-1 fixed multiple vulnerabilities in PHP. The fix for\n CVE-2012-0831 introduced a regression where the state of the\n magic_quotes_gpc setting was not correctly reflected when calling\n the ini_get() function.\n\n We apologize for the inconvenience.\n\n Original advisory details:\n\n It was discovered that PHP computed hash values for form parameters\n without restricting the ability to trigger hash collisions predictably.\n This could allow a remote attacker to cause a denial of service by\n sending many crafted parameters. (CVE-2011-4885)\n\n ATTENTION: this update changes previous PHP behavior by\n limiting the number of external input variables to 1000.\n This may be increased by adding a &quot;max_input_vars&quot;\n directive to the php.ini configuration file. See\n http://www.php.net/manual/en/info.configuration.php#ini.max-input-vars\n for more information.\n\n Stefan Esser discovered that the fix to address the predictable hash\n collision issue, CVE-2011-4885, did not properly handle the situation\n where the limit was reached. This could allow a remote attacker to\n cause a denial of service or execute arbitrary code via a request\n containing a large number of variables. (CVE-2012-0830)\n\n It was discovered that PHP did not always check the return value of\n the zend_strndup function. This could allow a remote attacker to\n cause a denial of service. (CVE-2011-4153)\n\n It was discovered that PHP did not properly enforce libxslt security\n settings. This could allow a remote attacker to create arbitrary\n files via a crafted XSLT stylesheet that uses the libxslt output\n extension. (CVE-2012-0057)\n\n It was discovered that PHP did not properly enforce that PDORow\n objects could not be serialized and not be saved in a session. A\n remote attacker could use this to cause a denial of service via an\n application crash. (CVE-2012-0788)\n\n It was discovered that PHP allowed the magic_quotes_gpc setting to\n be disabled remotely. This could allow a remote attacker to bypass\n restrictions that could prevent an SQL injection. (CVE-2012-0831)\n\n USN 1126-1 addressed an issue where the /etc/cron.d/php5 cron job\n for PHP allowed local users to delete arbitrary files via a symlink\n attack on a directory under /var/lib/php5/. Emese Revfy discovered\n that the fix had not been applied to PHP for Ubuntu 10.04 LTS. This\n update corrects the issue. We apologize for the error. (CVE-2011-0441)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1358-2\";\ntag_affected = \"php5 on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1358-2/\");\n script_id(840895);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:59:05 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2012-0831\", \"CVE-2011-4885\", \"CVE-2012-0830\", \"CVE-2011-4153\",\n \"CVE-2012-0057\", \"CVE-2012-0788\", \"CVE-2011-0441\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1358-2\");\n script_name(\"Ubuntu Update for php5 USN-1358-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-1ubuntu9.10\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-1ubuntu9.10\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-1ubuntu9.10\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-1ubuntu9.10\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.14\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.2-1ubuntu4.14\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.14\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.14\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.5-1ubuntu7.7\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.5-1ubuntu7.7\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.5-1ubuntu7.7\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.5-1ubuntu7.7\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.23\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.23\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.23\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.23\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:58:08", "description": "Check for the Version of php-eaccelerator", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2012-0504", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:863815", "href": "http://plugins.openvas.org/nasl.php?oid=863815", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2012-0504\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"php-eaccelerator on Fedora 16\";\ntag_insight = \"eAccelerator is a further development of the MMCache PHP Accelerator &amp; Encoder.\n It increases performance of PHP scripts by caching them in compiled state, so\n that the overhead of compiling is almost completely eliminated.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072178.html\");\n script_id(863815);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:19:34 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-4885\", \"CVE-2011-4566\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-0504\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2012-0504\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php-eaccelerator\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~9.fc16.1\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-06T13:07:40", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-02-01T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-0420", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:863712", "href": "http://plugins.openvas.org/nasl.php?oid=863712", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-0420\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\ntag_affected = \"php on Fedora 15\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072489.html\");\n script_id(863712);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:35:13 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-4885\", \"CVE-2011-4566\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-0420\");\n script_name(\"Fedora Update for php FEDORA-2012-0420\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.9~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-08T12:58:22", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2012-02-01T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2012-0420", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:863713", "href": "http://plugins.openvas.org/nasl.php?oid=863713", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2012-0420\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 15\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging &quot;story mode&quot;, LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072488.html\");\n script_id(863713);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:35:18 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-4885\", \"CVE-2011-4566\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-0420\");\n script_name(\"Fedora Update for maniadrive FEDORA-2012-0420\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc15.1\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:56:51", "description": "Check for the Version of php53", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for php53 CESA-2012:0019 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:881119", "href": "http://plugins.openvas.org/nasl.php?oid=881119", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php53 CESA-2012:0019 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was found that the hashing routine used by PHP arrays was susceptible\n to predictable hash collisions. If an HTTP POST request to a PHP\n application contained many parameters whose names map to the same hash\n value, a large amount of CPU time would be consumed. This flaw has been\n mitigated by adding a new configuration directive, max_input_vars, that\n limits the maximum number of parameters processed per request. By\n default, max_input_vars is set to 1000. (CVE-2011-4885)\n \n An integer overflow flaw was found in the PHP exif extension. On 32-bit\n systems, a specially-crafted image file could cause the PHP interpreter to\n crash or disclose portions of its memory when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-4566)\n \n Red Hat would like to thank oCERT for reporting CVE-2011-4885. oCERT\n acknowledges Julian Wlde and Alexander Klink as the original reporters of\n CVE-2011-4885.\n \n All php53 and php users should upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing the\n updated packages, the httpd daemon must be restarted for the update to take\n effect.\";\n\ntag_affected = \"php53 on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-January/018372.html\");\n script_id(881119);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:13:47 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4566\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0019\");\n script_name(\"CentOS Update for php53 CESA-2012:0019 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php53\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-02-01T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-0420", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863712", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863712", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-0420\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072489.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863712\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:35:13 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-4885\", \"CVE-2011-4566\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-0420\");\n script_name(\"Fedora Update for php FEDORA-2012-0420\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"php on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.9~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2018-01-02T10:57:52", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2012:0019 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:881095", "href": "http://plugins.openvas.org/nasl.php?oid=881095", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2012:0019 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was found that the hashing routine used by PHP arrays was susceptible\n to predictable hash collisions. If an HTTP POST request to a PHP\n application contained many parameters whose names map to the same hash\n value, a large amount of CPU time would be consumed. This flaw has been\n mitigated by adding a new configuration directive, max_input_vars, that\n limits the maximum number of parameters processed per request. By\n default, max_input_vars is set to 1000. (CVE-2011-4885)\n \n An integer overflow flaw was found in the PHP exif extension. On 32-bit\n systems, a specially-crafted image file could cause the PHP interpreter to\n crash or disclose portions of its memory when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-4566)\n \n Red Hat would like to thank oCERT for reporting CVE-2011-4885. oCERT\n acknowledges Julian Wlde and Alexander Klink as the original reporters of\n CVE-2011-4885.\n \n All php53 and php users should upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing the\n updated packages, the httpd daemon must be restarted for the update to take\n effect.\";\n\ntag_affected = \"php on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-January/018373.html\");\n script_id(881095);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:07:47 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4566\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0019\");\n script_name(\"CentOS Update for php CESA-2012:0019 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-embedded\", rpm:\"php-embedded~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zts\", rpm:\"php-zts~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:57:50", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-0504", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:864015", "href": "http://plugins.openvas.org/nasl.php?oid=864015", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-0504\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\ntag_affected = \"php on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072179.html\");\n script_id(864015);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:59:54 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-4885\", \"CVE-2011-4566\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-0504\");\n script_name(\"Fedora Update for php FEDORA-2012-0504\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.9~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:17", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1358-1", "cvss3": {}, "published": "2012-02-13T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 USN-1358-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0441", "CVE-2011-4885", "CVE-2012-0788", "CVE-2012-0830", "CVE-2012-0057", "CVE-2012-0831", "CVE-2011-4153"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840891", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840891", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1358_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for php5 USN-1358-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1358-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840891\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-13 16:32:26 +0530 (Mon, 13 Feb 2012)\");\n script_cve_id(\"CVE-2011-4885\", \"CVE-2012-0830\", \"CVE-2011-4153\", \"CVE-2012-0057\",\n \"CVE-2012-0788\", \"CVE-2012-0831\", \"CVE-2011-0441\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1358-1\");\n script_name(\"Ubuntu Update for php5 USN-1358-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1358-1\");\n script_tag(name:\"affected\", value:\"php5 on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that PHP computed hash values for form parameters\n without restricting the ability to trigger hash collisions predictably.\n This could allow a remote attacker to cause a denial of service by\n sending many crafted parameters. (CVE-2011-4885)\n\n ATTENTION: this update changes previous PHP behavior by\n limiting the number of external input variables to 1000.\n This may be increased by adding a 'max_input_vars'\n directive to the php.ini configuration file. See\n the references for more information.\n\n Stefan Esser discovered that the fix to address the predictable hash\n collision issue, CVE-2011-4885, did not properly handle the situation\n where the limit was reached. This could allow a remote attacker to\n cause a denial of service or execute arbitrary code via a request\n containing a large number of variables. (CVE-2012-0830)\n\n It was discovered that PHP did not always check the return value of\n the zend_strndup function. This could allow a remote attacker to\n cause a denial of service. (CVE-2011-4153)\n\n It was discovered that PHP did not properly enforce libxslt security\n settings. This could allow a remote attacker to create arbitrary\n files via a crafted XSLT stylesheet that uses the libxslt output\n extension. (CVE-2012-0057)\n\n It was discovered that PHP did not properly enforce that PDORow\n objects could not be serialized and not be saved in a session. A\n remote attacker could use this to cause a denial of service via an\n application crash. (CVE-2012-0788)\n\n It was discovered that PHP allowed the magic_quotes_gpc setting to\n be disabled remotely. This could allow a remote attacker to bypass\n restrictions that could prevent an SQL injection. (CVE-2012-0831)\n\n USN 1126-1 addressed an issue where the /etc/cron.d/php5 cron job\n for PHP allowed local users to delete arbitrary files via a symlink\n attack on a directory under /var/lib/php5/. Emese Revfy discovered\n that the fix had not been applied to PHP for Ubuntu 10.04 LTS. This\n update corrects the issue. We apologize for the error. (CVE-2011-0441)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/manual/en/info.configuration.php#ini.max-input-vars\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-1ubuntu9.9\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-1ubuntu9.9\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-1ubuntu9.9\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-1ubuntu9.9\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-1ubuntu9.9\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.3-1ubuntu9.9\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.13\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.2-1ubuntu4.13\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.13\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.13\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.2-1ubuntu4.13\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.2-1ubuntu4.13\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.5-1ubuntu7.6\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.5-1ubuntu7.6\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.5-1ubuntu7.6\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.5-1ubuntu7.6\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.5-1ubuntu7.6\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.5-1ubuntu7.6\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.22\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.22\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.22\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.22\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.4-2ubuntu5.22\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.4-2ubuntu5.22\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:57:18", "description": "Check for the Version of php53 and php", "cvss3": {}, "published": "2012-01-13T00:00:00", "type": "openvas", "title": "RedHat Update for php53 and php RHSA-2012:0019-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:870529", "href": "http://plugins.openvas.org/nasl.php?oid=870529", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php53 and php RHSA-2012:0019-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was found that the hashing routine used by PHP arrays was susceptible\n to predictable hash collisions. If an HTTP POST request to a PHP\n application contained many parameters whose names map to the same hash\n value, a large amount of CPU time would be consumed. This flaw has been\n mitigated by adding a new configuration directive, max_input_vars, that\n limits the maximum number of parameters processed per request. By\n default, max_input_vars is set to 1000. (CVE-2011-4885)\n\n An integer overflow flaw was found in the PHP exif extension. On 32-bit\n systems, a specially-crafted image file could cause the PHP interpreter to\n crash or disclose portions of its memory when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-4566)\n\n Red Hat would like to thank oCERT for reporting CVE-2011-4885. oCERT\n acknowledges Julian Wlde and Alexander Klink as the original reporters of\n CVE-2011-4885.\n\n All php53 and php users should upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing the\n updated packages, the httpd daemon must be restarted for the update to take\n effect.\";\n\ntag_affected = \"php53 and php on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00007.html\");\n script_id(870529);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-13 10:45:38 +0530 (Fri, 13 Jan 2012)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:0019-01\");\n script_cve_id(\"CVE-2011-4566\", \"CVE-2011-4885\");\n script_name(\"RedHat Update for php53 and php RHSA-2012:0019-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php53 and php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-debuginfo\", rpm:\"php53-debuginfo~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for php53 CESA-2012:0019 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881119", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881119", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php53 CESA-2012:0019 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-January/018372.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881119\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:13:47 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4566\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2012:0019\");\n script_name(\"CentOS Update for php53 CESA-2012:0019 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php53'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"php53 on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was found that the hashing routine used by PHP arrays was susceptible\n to predictable hash collisions. If an HTTP POST request to a PHP\n application contained many parameters whose names map to the same hash\n value, a large amount of CPU time would be consumed. This flaw has been\n mitigated by adding a new configuration directive, max_input_vars, that\n limits the maximum number of parameters processed per request. By\n default, max_input_vars is set to 1000. (CVE-2011-4885)\n\n An integer overflow flaw was found in the PHP exif extension. On 32-bit\n systems, a specially-crafted image file could cause the PHP interpreter to\n crash or disclose portions of its memory when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-4566)\n\n Red Hat would like to thank oCERT for reporting CVE-2011-4885. oCERT\n acknowledges Julian Wlde and Alexander Klink as the original reporters of\n CVE-2011-4885.\n\n All php53 and php users should upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing the\n updated packages, the httpd daemon must be restarted for the update to take\n effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_7.5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-13T00:00:00", "type": "openvas", "title": "RedHat Update for php53 and php RHSA-2012:0019-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870529", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870529", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php53 and php RHSA-2012:0019-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-January/msg00007.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870529\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-13 10:45:38 +0530 (Fri, 13 Jan 2012)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:0019-01\");\n script_cve_id(\"CVE-2011-4566\", \"CVE-2011-4885\");\n script_name(\"RedHat Update for php53 and php RHSA-2012:0019-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php53 and php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"php53 and php on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was found that the hashing routine used by PHP arrays was susceptible\n to predictable hash collisions. If an HTTP POST request to a PHP\n application contained many parameters whose names map to the same hash\n value, a large amount of CPU time would be consumed. This flaw has been\n mitigated by adding a new configuration directive, max_input_vars, that\n limits the maximum number of parameters processed per request. By\n default, max_input_vars is set to 1000. (CVE-2011-4885)\n\n An integer overflow flaw was found in the PHP exif extension. On 32-bit\n systems, a specially-crafted image file could cause the PHP interpreter to\n crash or disclose portions of its memory when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-4566)\n\n Red Hat would like to thank oCERT for reporting CVE-2011-4885. oCERT\n acknowledges Julian Wlde and Alexander Klink as the original reporters of\n CVE-2011-4885.\n\n All php53 and php users should upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing the\n updated packages, the httpd daemon must be restarted for the update to take\n effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-debuginfo\", rpm:\"php53-debuginfo~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-02-01T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2012-0420", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863713", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863713", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2012-0420\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072488.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863713\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-01 11:35:18 +0530 (Wed, 01 Feb 2012)\");\n script_cve_id(\"CVE-2011-4885\", \"CVE-2011-4566\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-0420\");\n script_name(\"Fedora Update for maniadrive FEDORA-2012-0420\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'maniadrive'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"maniadrive on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc15.1\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:06", "description": "Oracle Linux Local Security Checks ELSA-2012-0019", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0019", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122012", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122012", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0019.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122012\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:11:40 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0019\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0019\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0019.html\");\n script_cve_id(\"CVE-2011-4566\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_7.5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-embedded\", rpm:\"php-embedded~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-zts\", rpm:\"php-zts~5.3.3~3.el6_2.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2018-01-02T10:57:33", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2012-0504", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:864028", "href": "http://plugins.openvas.org/nasl.php?oid=864028", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2012-0504\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 16\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging &quot;story mode&quot;, LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072177.html\");\n script_id(864028);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:02:04 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-4885\", \"CVE-2011-4566\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-0504\");\n script_name(\"Fedora Update for maniadrive FEDORA-2012-0504\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc16.1\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-0504", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864015", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864015", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-0504\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072179.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864015\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:59:54 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-4885\", \"CVE-2011-4566\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-0504\");\n script_name(\"Fedora Update for php FEDORA-2012-0504\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"php on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.9~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2012:0019 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2011-4566"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881095", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881095", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2012:0019 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-January/018373.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881095\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:07:47 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4566\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2012:0019\");\n script_name(\"CentOS Update for php CESA-2012:0019 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"php on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was found that the hashing routine used by PHP arrays was susceptible\n to predictable hash collisions. If an HTTP POST request to a PHP\n application contained many parameters whose names map to the same hash\n value, a large amount of CPU time would be consumed. This flaw has been\n mitigated by adding a new configuration directive, max_input_vars, that\n limits the maximum number of parameters processed per request. By\n default, max_input_vars is set to 1000. (CVE-2011-4885)\n\n An integer overflow flaw was found in the PHP exif extension. On 32-bit\n systems, a specially-crafted image file could cause the PHP interpreter to\n crash or disclose portions of its memory when a PHP script tries to extract\n Exchangeable image file format (Exif) metadata from the image file.\n (CVE-2011-4566)\n\n Red Hat would like to thank oCERT for reporting CVE-2011-4885. oCERT\n acknowledges Julian Wlde and Alexander Klink as the original reporters of\n CVE-2011-4885.\n\n All php53 and php users should upgrade to these updated packages, which\n contain backported patches to resolve these issues. After installing the\n updated packages, the httpd daemon must be restarted for the update to take\n effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-embedded\", rpm:\"php-embedded~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zts\", rpm:\"php-zts~5.3.3~3.el6_2.5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2012:0093 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2012-0830"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881075", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881075", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2012:0093 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-February/018420.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881075\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:01:25 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0830\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:0093\");\n script_name(\"CentOS Update for php CESA-2012:0093 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"php on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was discovered that the fix for CVE-2011-4885 (released via\n RHSA-2012:0071, RHSA-2012:0033, and RHSA-2012:0019 for php packages in Red\n Hat Enterprise Linux 4, 5, and 6 respectively) introduced an uninitialized\n memory use flaw. A remote attacker could send a specially-crafted HTTP\n request to cause the PHP interpreter to crash or, possibly, execute\n arbitrary code. (CVE-2012-0830)\n\n All php users should upgrade to these updated packages, which contain a\n backported patch to resolve this issue. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-embedded\", rpm:\"php-embedded~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zts\", rpm:\"php-zts~5.3.3~3.el6_2.6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:56:59", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2012-02-21T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2012-1301", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2012-0830"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:863735", "href": "http://plugins.openvas.org/nasl.php?oid=863735", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2012-1301\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 15\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging &quot;story mode&quot;, LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-February/073230.html\");\n script_id(863735);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:54:38 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2012-0830\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-1301\");\n script_name(\"Fedora Update for maniadrive FEDORA-2012-1301\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc15.2\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:06:21", "description": "Check for the Version of php53", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for php53 CESA-2012:0092 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2012-0830"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:881142", "href": "http://plugins.openvas.org/nasl.php?oid=881142", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php53 CESA-2012:0092 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was discovered that the fix for CVE-2011-4885 (released via\n RHSA-2012:0019 for php53 packages in Red Hat Enterprise Linux 5) introduced\n an uninitialized memory use flaw. A remote attacker could send a specially-\n crafted HTTP request to cause the PHP interpreter to crash or, possibly,\n execute arbitrary code. (CVE-2012-0830)\n \n All php53 users should upgrade to these updated packages, which contain a\n backported patch to resolve this issue. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_affected = \"php53 on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-February/018416.html\");\n script_id(881142);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:21:29 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0830\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0092\");\n script_name(\"CentOS Update for php53 CESA-2012:0092 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php53\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_7.6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-03T10:57:13", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-02-03T00:00:00", "type": "openvas", "title": "RedHat Update for php RHSA-2012:0093-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4885", "CVE-2012-0830"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:870542", "href": "http://plugins.openvas.org/nasl.php?oid=870542", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2012:0093-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n It was discovered that the fix for CVE-2011-4885 (released via\n RHSA-2012:0071, RHSA-2012:0033, and RHSA-2012:0019 for php packages in Red\n Hat Enterprise Linux 4, 5, and 6 respectively) introduced an uninitialized\n memory use flaw. A remote attacker could send a specially-crafted HTTP\n request to cause the PHP interpreter to crash or, possibly, execute\n arbitrary code. (CVE-2012-0830)\n\n All php users should upgrade to these updated packages, which contain a\n backported patch to resolve this issue. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_affected = \"php on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00016.html\");\n script_id(870542);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-03 11:24:43 +0530 (Fri, 03 Feb 2012)\");\n script_cve_id(\"CVE-2012-0830\", \"CVE-2011-4885\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:0093-01\");\n script_name(\"RedHat Update for php RHSA-2012:0093-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_7.5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-domxml\", rpm:\"php-domxml~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~4.3.9~3.36\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2012:0093 centos4", "bulletinFamily": "scanner&