ID SECURITYVULNS:DOC:32511Type securityvulnsReporter SecurityvulnsModified 2015-09-15T00:00:00
Description
Debian Security Advisory DSA-3358-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
September 13, 2015 https://www.debian.org/security/faq
Package : php5
CVE ID : CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837
CVE-2015-6838
Several vulnerabilities were found in PHP, a general-purpose scripting
language commonly used for web application development.
The vulnerabilities are addressed by upgrading PHP to new upstream
versions (5.4.45 and 5.6.13), which include additional bug fixes. Please
refer to the upstream changelog for more information:
https://php.net/ChangeLog-5.php#5.4.45
https://php.net/ChangeLog-5.php#5.6.13
For the oldstable distribution (wheezy), these problems have been fixed
in version 5.4.45-0+deb7u1.
For the stable distribution (jessie), these problems have been fixed in
version 5.6.13+dfsg-0+deb8u1.
We recommend that you upgrade your php5 packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
{"id": "SECURITYVULNS:DOC:32511", "bulletinFamily": "software", "title": "[SECURITY] [DSA 3358-1] php5 security update", "description": "\r\n\r\n-------------------------------------------------------------------------\r\nDebian Security Advisory DSA-3358-1 security@debian.org\r\nhttps://www.debian.org/security/ Salvatore Bonaccorso\r\nSeptember 13, 2015 https://www.debian.org/security/faq\r\n-------------------------------------------------------------------------\r\n\r\nPackage : php5\r\nCVE ID : CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837\r\n CVE-2015-6838\r\n\r\nSeveral vulnerabilities were found in PHP, a general-purpose scripting\r\nlanguage commonly used for web application development.\r\n\r\nThe vulnerabilities are addressed by upgrading PHP to new upstream\r\nversions (5.4.45 and 5.6.13), which include additional bug fixes. Please\r\nrefer to the upstream changelog for more information:\r\n\r\n https://php.net/ChangeLog-5.php#5.4.45\r\n https://php.net/ChangeLog-5.php#5.6.13\r\n\r\nFor the oldstable distribution (wheezy), these problems have been fixed\r\nin version 5.4.45-0+deb7u1.\r\n\r\nFor the stable distribution (jessie), these problems have been fixed in\r\nversion 5.6.13+dfsg-0+deb8u1.\r\n\r\nWe recommend that you upgrade your php5 packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: https://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n\r\n", "published": "2015-09-15T00:00:00", "modified": "2015-09-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32511", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "type": "securityvulns", "lastseen": "2018-08-31T11:11:01", "edition": 1, "viewCount": 62, "enchantments": {"score": {"value": 6.3, "vector": "NONE", "modified": "2018-08-31T11:11:01", "rev": 2}, "dependencies": {"references": [{"type": "f5", "idList": ["SOL17377", "F5:K17377"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310808617", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310807505", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310703358", "OPENVAS:1361412562310807091", "OPENVAS:1361412562310120660", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120396", "OPENVAS:1361412562310120520", "OPENVAS:703358", "OPENVAS:1361412562311220191543", "OPENVAS:1361412562310813191"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566"]}, {"type": "fedora", "idList": ["FEDORA:F0C5861361B0", "FEDORA:90BE461976AB", "FEDORA:02C1260F4011"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"]}, {"type": "amazon", "idList": ["ALAS-2016-670", "ALAS-2015-601", "ALAS-2015-602", "ALAS-2017-788"]}, {"type": "slackware", "idList": ["SSA-2015-274-02"]}, {"type": "freebsd", "idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "nessus", "idList": ["ALA_ALAS-2016-670.NASL", "PHP_5_6_13.NASL", "SUSE_SU-2015-1818-1.NASL", "F5_BIGIP_SOL17377.NASL", "WEB_APPLICATION_SCANNING_98805", "ALA_ALAS-2015-602.NASL", "ALA_ALAS-2015-601.NASL", "PHP_5_5_28.NASL", "OPENSUSE-2015-609.NASL", "SUSE_SU-2015-1633-1.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "GENTOO_GLSA-201606-10.NASL", "8861.PRM", "FEDORA_2015-14976.NASL", "PHP_5_4_45.NASL", "DEBIAN_DSA-3358.NASL", "UBUNTU_USN-2758-1.NASL", "DEBIAN_DLA-341.NASL", "MACOSX_10_11_1.NASL", "MACOSX_SECUPD2015-007.NASL", "SUSE_SU-2016-1638-1.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "SUSE_SU-2015-1701-1.NASL", "EULEROS_SA-2019-1543.NASL", "FEDORA_2015-14977.NASL", "9324.PRM", "PHP_5_5_29.NASL", "FEDORA_2015-14978.NASL"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6835", "UB:CVE-2015-6837", "UB:CVE-2015-6838", "UB:CVE-2015-6834", "UB:CVE-2015-6836"]}, {"type": "cve", "idList": ["CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838", "CVE-2015-6834", "CVE-2015-6836"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1638-1", "SUSE-SU-2015:1701-1", "SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1"]}, {"type": "ubuntu", "idList": ["USN-2758-1"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "hackerone", "idList": ["H1:103996", "H1:103995", "H1:104010", "H1:103998", "H1:103997"]}, {"type": "exploitdb", "idList": ["EDB-ID:38122", "EDB-ID:38120", "EDB-ID:38123"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9936"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"]}, {"type": "kaspersky", "idList": ["KLA10747", "KLA10746"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1605798462"]}], "modified": "2018-08-31T11:11:01", "rev": 2}, "vulnersScore": 6.3}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}}
{"f5": [{"id": "F5:K17377", "hash": "57b5eac9249a73590fc67992100ef44f", "type": "f5", "bulletinFamily": "software", "title": "PHP vulnerabilities CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, and CVE-2015-6838", "description": "\nF5 Product Development has assigned ID 534075 (BIG-IP), ID 536881 (BIG-IQ), and ID 536882 (Enterprise Manager) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP AAM| 12.0.0 \n11.6.0 \n11.4.0 - 11.5.3| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP AFM| 12.0.0 \n11.6.0 \n11.3.0 - 11.5.3| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP Analytics| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP APM| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP ASM| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP DNS| 12.0.0| 12.1.0| Low| PHP in Control Plane \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Low| PHP in Control Plane \nBIG-IP GTM| 11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP Link Controller| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP PEM| 12.0.0 \n11.6.0 \n11.3.0 - 11.5.3| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP PSM| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| None| Low| PHP in Control Plane \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Low| PHP in Control Plane \nBIG-IP WOM| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Low| PHP in Control Plane \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| 3.0.0 - 3.1.1| None| Low| PHP in Control Plane \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Low| PHP in Control Plane \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Low| PHP in Control Plane \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Low| PHP in Control Plane \nBIG-IQ ADC| 4.5.0| None| Low| PHP in Control Plane \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None \n \n_**Important**: Although the software of the affected F5 products contains the vulnerable code, the affected F5 products do not use the vulnerable code in a way that exposes the vulnerability in a default configuration for the control plane. There is no data plane exposure for this vulnerability on the affected F5 products. _\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you should permit management access to F5 products over a secure network and limit access to only trusted users. For more information about securing access to BIG-IP/Enterprise Manager systems, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\nAdditionally, you should avoid any customization of PHP files on the affected F5 products.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "published": "2015-10-08T10:11:00", "modified": "2017-04-06T16:51:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://support.f5.com/csp/article/K17377", "reporter": "f5", "references": [], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "immutableFields": [], "lastseen": "2019-03-21T18:28:50", "history": [{"bulletin": {"id": "F5:K17377", "hash": "c0dc96122ccfa0b7e4b6042d2ed0988e6ab0f97139b495eab291d92b2f9c622b", "type": "f5", "bulletinFamily": "software", "title": "PHP vulnerabilities CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, and CVE-2015-6838", "description": "\nF5 Product Development has assigned ID 534075 (BIG-IP), ID 536881 (BIG-IQ), and ID 536882 (Enterprise Manager) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP AAM| 12.0.0 \n11.6.0 \n11.4.0 - 11.5.3| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP AFM| 12.0.0 \n11.6.0 \n11.3.0 - 11.5.3| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP Analytics| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP APM| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP ASM| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP DNS| 12.0.0| 12.1.0| Low| PHP in Control Plane \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Low| PHP in Control Plane \nBIG-IP GTM| 11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP Link Controller| 12.0.0 \n11.6.0 \n11.0.0 - 11.5.3 \n10.1.0 - 10.2.4| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP PEM| 12.0.0 \n11.6.0 \n11.3.0 - 11.5.3| 12.1.0 \n11.6.1 \n11.5.4| Low| PHP in Control Plane \nBIG-IP PSM| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| None| Low| PHP in Control Plane \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Low| PHP in Control Plane \nBIG-IP WOM| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Low| PHP in Control Plane \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| 3.0.0 - 3.1.1| None| Low| PHP in Control Plane \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Low| PHP in Control Plane \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Low| PHP in Control Plane \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Low| PHP in Control Plane \nBIG-IQ ADC| 4.5.0| None| Low| PHP in Control Plane \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| Not vulnerable| None \n \n_**Important**: Although the software of the affected F5 products contains the vulnerable code, the affected F5 products do not use the vulnerable code in a way that exposes the vulnerability in a default configuration for the control plane. There is no data plane exposure for this vulnerability on the affected F5 products. _\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you should permit management access to F5 products over a secure network and limit access to only trusted users. For more information about securing access to BIG-IP/Enterprise Manager systems, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\nAdditionally, you should avoid any customization of PHP files on the affected F5 products.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "published": "2015-10-08T10:11:00", "modified": "2017-04-06T16:51:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "cvss2": {}, "cvss3": {}, "href": "https://support.f5.com/csp/article/K17377", "reporter": "f5", "references": [], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "immutableFields": [], "lastseen": "2019-03-21T18:28:50", "history": [], "viewCount": 66, "enchantments": {"dependencies": {"modified": "2019-03-21T18:28:50", "references": [{"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}, {"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "type": "cve"}, {"idList": ["KLA10929", "KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120396"], "type": "openvas"}, {"idList": ["FEDORA:F0C5861361B0", "FEDORA:90BE461976AB", "FEDORA:02C1260F4011"], "type": "fedora"}, {"idList": ["UB:CVE-2015-6834", "UB:CVE-2015-6835", "UB:CVE-2015-6838", "UB:CVE-2015-6837", "UB:CVE-2015-6836"], "type": "ubuntucve"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:104010", "H1:103995"], "type": "hackerone"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["RH:CVE-2016-9936"], "type": "redhatcve"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["CLSA-2020:1605798462"], "type": "cloudlinux"}, {"idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"], "type": "exploitpack"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}, {"idList": ["SOL17377"], "type": "f5"}, {"idList": ["FEDORA_2015-14978.NASL", "FEDORA_2015-14976.NASL", "PHP_5_5_29.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "PHP_5_4_45.NASL", "FEDORA_2015-14977.NASL", "DEBIAN_DSA-3358.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2016-670.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}], "rev": 2}, "score": {"modified": "2019-03-21T18:28:50", "rev": 2, "value": 7.1, "vector": "NONE"}}, "objectVersion": "1.6", "affectedSoftware": []}, "different_elements": ["cvss3", "cvss2"], "edition": 1, "lastseen": "2019-03-21T18:28:50"}], "viewCount": 66, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["SOL17377"]}, {"type": "slackware", "idList": ["SSA-2015-274-02"]}, {"type": "fedora", "idList": ["FEDORA:90BE461976AB", "FEDORA:02C1260F4011", "FEDORA:F0C5861361B0"]}, {"type": "nessus", "idList": ["FEDORA_2015-14977.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "FEDORA_2015-14976.NASL", "F5_BIGIP_SOL17377.NASL", "DEBIAN_DSA-3358.NASL", "PHP_5_6_13.NASL", "8861.PRM", "SLACKWARE_SSA_2015-274-02.NASL", "FEDORA_2015-14978.NASL", "ALA_ALAS-2016-670.NASL"]}, {"type": "freebsd", "idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14702", "SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310850689", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310120660", "OPENVAS:1361412562310703358", "OPENVAS:703358", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310808617"]}, {"type": "amazon", "idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2016-670", "ALAS-2015-601"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6834", "UB:CVE-2015-6838", "UB:CVE-2015-6836", "UB:CVE-2015-6837", "UB:CVE-2015-6835"]}, {"type": "cve", "idList": ["CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838", "CVE-2015-6836", "CVE-2015-6834"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1701-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1818-1"]}, {"type": "ubuntu", "idList": ["USN-2758-1"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "exploitdb", "idList": ["EDB-ID:38122", "EDB-ID:38120", "EDB-ID:38123"]}, {"type": "hackerone", "idList": ["H1:103998", "H1:104010", "H1:103996", "H1:103995", "H1:103997"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:138812", "PACKETSTORM:134949"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9936"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"]}, {"type": "kaspersky", "idList": ["KLA10747", "KLA10746"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1605798462"]}], "modified": "2019-03-21T18:28:50", "rev": 2}, "score": {"value": 7.1, "vector": "NONE", "modified": "2019-03-21T18:28:50", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [], "_object_type": "robots.models.f5.F5Bulletin", "_object_types": ["robots.models.f5.F5Bulletin", "robots.models.base.Bulletin"]}, {"id": "SOL17377", "hash": "404ce94d7a0e4450d3577dd02b8927fe", "type": "f5", "bulletinFamily": "software", "title": "SOL17377 - PHP vulnerabilities CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, and CVE-2015-6838", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you should permit management access to F5 products over a secure network and limit access to only trusted users. For more information about securing access to BIG-IP/Enterprise Manager systems, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x) and SOL13092: Overview of securing access to the BIG-IP system.\n\nAdditionally, you should avoid any customization of PHP files on the affected F5 products.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "published": "2015-10-08T00:00:00", "modified": "2016-11-08T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "http://support.f5.com/kb/en-us/solutions/public/17000/300/sol17377.html", "reporter": "f5", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "immutableFields": [], "lastseen": "2021-06-08T18:49:01", "history": [{"bulletin": {"id": "SOL17377", "hash": "2311c4351b327420a53f07350a702291a8127fd86a2e310bc98c7e672169ded9", "type": "f5", "bulletinFamily": "software", "title": "SOL17377 - PHP vulnerabilities CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, and CVE-2015-6838", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you should permit management access to F5 products over a secure network and limit access to only trusted users. For more information about securing access to BIG-IP/Enterprise Manager systems, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x) and SOL13092: Overview of securing access to the BIG-IP system.\n\nAdditionally, you should avoid any customization of PHP files on the affected F5 products.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "published": "2015-10-08T00:00:00", "modified": "2016-11-08T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "cvss2": {}, "cvss3": {}, "href": "http://support.f5.com/kb/en-us/solutions/public/17000/300/sol17377.html", "reporter": "f5", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "immutableFields": [], "lastseen": "2016-11-08T17:26:25", "history": [], "viewCount": 75, "enchantments": {"dependencies": {"modified": "2016-11-08T17:26:25", "references": [{"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}, {"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "type": "cve"}, {"idList": ["KLA10929", "KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120396"], "type": "openvas"}, {"idList": ["FEDORA:F0C5861361B0", "FEDORA:90BE461976AB", "FEDORA:02C1260F4011"], "type": "fedora"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:104010", "H1:103995"], "type": "hackerone"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["RH:CVE-2016-9936"], "type": "redhatcve"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["FEDORA_2015-14978.NASL", "FEDORA_2015-14976.NASL", "PHP_5_5_29.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "FEDORA_2015-14977.NASL", "DEBIAN_DSA-3358.NASL", "PHP_5_6_13.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2016-670.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}, {"idList": ["F5:K17377"], "type": "f5"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["CLSA-2020:1605798462"], "type": "cloudlinux"}, {"idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"], "type": "exploitpack"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}], "rev": 2}, "score": {"modified": "2016-11-08T17:26:25", "rev": 2, "value": 5.9, "vector": "NONE"}}, "objectVersion": "1.6", "affectedSoftware": [{"name": "BIG-IP PSM", "operator": "le", "version": "10.2.4"}, {"name": "BIG-IP AAM", "operator": "le", "version": "12.0.0"}, {"name": "BIG-IP AFM", "operator": "le", "version": "12.0.0"}, {"name": "BIG-IP APM", "operator": "le", "version": "12.0.0"}, {"name": "BIG-IP Link Controller", "operator": "le", "version": "11.6.0"}, {"name": "BIG-IP Link Controller", "operator": "le", "version": "11.5.3"}, {"name": "BIG-IP Edge Gateway", "operator": "le", "version": "11.3.0"}, {"name": "BIG-IQ Device", "operator": "le", "version": "4.5.0"}, {"name": "BIG-IP GTM", "operator": "le", "version": "11.6.0"}, {"name": "BIG-IP PEM", "operator": "le", "version": "11.6.0"}, {"name": "Enterprise Manager", "operator": "le", "version": "3.1.1"}, {"name": "BIG-IP APM", "operator": "le", "version": "10.2.4"}, {"name": "BIG-IP Analytics", "operator": "le", "version": "11.6.0"}, {"name": "BIG-IP ASM", "operator": "le", "version": "11.5.3"}, {"name": "BIG-IP PEM", "operator": "le", "version": "11.5.3"}, {"name": "BIG-IP APM", "operator": "le", "version": "11.5.3"}, {"name": "BIG-IP WebAccelerator", "operator": "le", "version": "11.3.0"}, {"name": "BIG-IP Analytics", "operator": "le", "version": "12.0.0"}, {"name": "BIG-IP ASM", "operator": "le", "version": "11.6.0"}, {"name": "BIG-IP LTM", "operator": "le", "version": "11.5.3"}, {"name": "BIG-IP LTM", "operator": "le", "version": "10.2.4"}, {"name": "BIG-IP PSM", "operator": "le", "version": "11.4.1"}, {"name": "BIG-IP LTM", "operator": "le", "version": "11.6.0"}, {"name": "BIG-IP AAM", "operator": "le", "version": "11.6.0"}, {"name": "BIG-IP ASM", "operator": "le", "version": "10.2.4"}, {"name": "BIG-IP WebAccelerator", "operator": "le", "version": "10.2.4"}, {"name": "BIG-IP PEM", "operator": "le", "version": "12.0.0"}, {"name": "BIG-IP DNS", "operator": "le", "version": "12.0.0"}, {"name": "BIG-IP Link Controller", "operator": "le", "version": "10.2.4"}, {"name": "BIG-IP AFM", "operator": "le", "version": "11.6.0"}, {"name": "BIG-IQ Cloud", "operator": "le", "version": "4.5.0"}, {"name": "BIG-IP Edge Gateway", "operator": "le", "version": "10.2.4"}, {"name": "BIG-IP Analytics", "operator": "le", "version": "11.5.3"}, {"name": "BIG-IP APM", "operator": "le", "version": "11.6.0"}, {"name": "BIG-IP Link Controller", "operator": "le", "version": "12.0.0"}, {"name": "BIG-IP WOM", "operator": "le", "version": "10.2.4"}, {"name": "BIG-IQ Security", "operator": "le", "version": "4.5.0"}, {"name": "BIG-IP GTM", "operator": "le", "version": "10.2.4"}, {"name": "BIG-IP LTM", "operator": "le", "version": "12.0.0"}, {"name": "BIG-IQ ADC", "operator": "le", "version": "4.5.0"}, {"name": "BIG-IP WOM", "operator": "le", "version": "11.3.0"}, {"name": "BIG-IP AAM", "operator": "le", "version": "11.5.3"}, {"name": "BIG-IP GTM", "operator": "le", "version": "11.5.3"}, {"name": "BIG-IP AFM", "operator": "le", "version": "11.5.3"}, {"name": "BIG-IP ASM", "operator": "le", "version": "12.0.0"}]}, "different_elements": ["affectedSoftware"], "edition": 1, "lastseen": "2016-11-08T17:26:25"}, {"bulletin": {"id": "SOL17377", "hash": "3fe8602241e7151e25ae90b304274fed5e77d8519c1465e57025220fdbe3f3ef", "type": "f5", "bulletinFamily": "software", "title": "SOL17377 - PHP vulnerabilities CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, and CVE-2015-6838", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you should permit management access to F5 products over a secure network and limit access to only trusted users. For more information about securing access to BIG-IP/Enterprise Manager systems, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x) and SOL13092: Overview of securing access to the BIG-IP system.\n\nAdditionally, you should avoid any customization of PHP files on the affected F5 products.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "published": "2015-10-08T00:00:00", "modified": "2016-11-08T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "cvss2": {}, "cvss3": {}, "href": "http://support.f5.com/kb/en-us/solutions/public/17000/300/sol17377.html", "reporter": "f5", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "immutableFields": [], "lastseen": "2021-06-08T18:49:01", "history": [], "viewCount": 75, "enchantments": {"dependencies": {"modified": "2021-06-08T18:49:01", "references": [{"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}, {"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "type": "cve"}, {"idList": ["KLA10929", "KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120396"], "type": "openvas"}, {"idList": ["FEDORA:F0C5861361B0", "FEDORA:90BE461976AB", "FEDORA:02C1260F4011"], "type": "fedora"}, {"idList": ["UB:CVE-2015-6834", "UB:CVE-2015-6835", "UB:CVE-2015-6838", "UB:CVE-2015-6837", "UB:CVE-2015-6836"], "type": "ubuntucve"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:104010", "H1:103995"], "type": "hackerone"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["RH:CVE-2016-9936"], "type": "redhatcve"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["F5:K17377"], "type": "f5"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["CLSA-2020:1605798462"], "type": "cloudlinux"}, {"idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"], "type": "exploitpack"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}, {"idList": ["FEDORA_2015-14978.NASL", "FEDORA_2015-14976.NASL", "PHP_5_5_29.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "PHP_5_4_45.NASL", "FEDORA_2015-14977.NASL", "DEBIAN_DSA-3358.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2016-670.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}], "rev": 2}, "score": {"modified": "2021-06-08T18:49:01", "rev": 2, "value": 5.9, "vector": "NONE"}}, "objectVersion": "1.6", "affectedSoftware": []}, "different_elements": ["cvss3", "cvss2"], "edition": 2, "lastseen": "2021-06-08T18:49:01"}], "viewCount": 75, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K17377"]}, {"type": "nessus", "idList": ["FEDORA_2015-14977.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "FEDORA_2015-14976.NASL", "F5_BIGIP_SOL17377.NASL", "DEBIAN_DSA-3358.NASL", "PHP_5_4_45.NASL", "8861.PRM", "SLACKWARE_SSA_2015-274-02.NASL", "FEDORA_2015-14978.NASL", "ALA_ALAS-2016-670.NASL"]}, {"type": "fedora", "idList": ["FEDORA:90BE461976AB", "FEDORA:02C1260F4011", "FEDORA:F0C5861361B0"]}, {"type": "freebsd", "idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14702", "SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310850689", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310703358", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310120396", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310808617"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"]}, {"type": "amazon", "idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2016-670", "ALAS-2015-601"]}, {"type": "slackware", "idList": ["SSA-2015-274-02"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6834", "UB:CVE-2015-6838", "UB:CVE-2015-6836", "UB:CVE-2015-6837", "UB:CVE-2015-6835"]}, {"type": "cve", "idList": ["CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838", "CVE-2015-6836", "CVE-2015-6834"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1701-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1818-1"]}, {"type": "ubuntu", "idList": ["USN-2758-1"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "exploitdb", "idList": ["EDB-ID:38122", "EDB-ID:38120", "EDB-ID:38123"]}, {"type": "hackerone", "idList": ["H1:103998", "H1:104010", "H1:103996", "H1:103995", "H1:103997"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:138812", "PACKETSTORM:134949"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9936"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"]}, {"type": "kaspersky", "idList": ["KLA10747", "KLA10746"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1605798462"]}], "modified": "2021-06-08T18:49:01", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2021-06-08T18:49:01", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"name": "big-iq security", "operator": "le", "version": "4.5.0"}, {"name": "big-ip apm", "operator": "le", "version": "10.2.4"}, {"name": "big-ip ltm", "operator": "le", "version": "11.5.3"}, {"name": "big-ip afm", "operator": "le", "version": "12.0.0"}, {"name": "big-ip edge gateway", "operator": "le", "version": "11.3.0"}, {"name": "big-ip ltm", "operator": "le", "version": "11.6.0"}, {"name": "big-ip link controller", "operator": "le", "version": "11.6.0"}, {"name": "big-ip webaccelerator", "operator": "le", "version": "11.3.0"}, {"name": "big-ip analytics", "operator": "le", "version": "11.5.3"}, {"name": "big-ip aam", "operator": "le", "version": "12.0.0"}, {"name": "big-ip ltm", "operator": "le", "version": "12.0.0"}, {"name": "big-ip link controller", "operator": "le", "version": "11.5.3"}, {"name": "big-ip apm", "operator": "le", "version": "11.6.0"}, {"name": "big-ip wom", "operator": "le", "version": "10.2.4"}, {"name": "big-ip webaccelerator", "operator": "le", "version": "10.2.4"}, {"name": "big-ip psm", "operator": "le", "version": "11.4.1"}, {"name": "big-ip analytics", "operator": "le", "version": "11.6.0"}, {"name": "big-ip asm", "operator": "le", "version": "12.0.0"}, {"name": "big-ip gtm", "operator": "le", "version": "10.2.4"}, {"name": "big-ip aam", "operator": "le", "version": "11.5.3"}, {"name": "big-ip analytics", "operator": "le", "version": "12.0.0"}, {"name": "big-ip edge gateway", "operator": "le", "version": "10.2.4"}, {"name": "big-ip pem", "operator": "le", "version": "12.0.0"}, {"name": "big-ip gtm", "operator": "le", "version": "11.6.0"}, {"name": "big-ip ltm", "operator": "le", "version": "10.2.4"}, {"name": "big-ip asm", "operator": "le", "version": "10.2.4"}, {"name": "big-ip psm", "operator": "le", "version": "10.2.4"}, {"name": "big-ip pem", "operator": "le", "version": "11.6.0"}, {"name": "big-iq cloud", "operator": "le", "version": "4.5.0"}, {"name": "big-ip afm", "operator": "le", "version": "11.5.3"}, {"name": "big-ip link controller", "operator": "le", "version": "12.0.0"}, {"name": "big-ip apm", "operator": "le", "version": "12.0.0"}, {"name": "big-ip asm", "operator": "le", "version": "11.6.0"}, {"name": "big-iq device", "operator": "le", "version": "4.5.0"}, {"name": "big-iq adc", "operator": "le", "version": "4.5.0"}, {"name": "big-ip afm", "operator": "le", "version": "11.6.0"}, {"name": "big-ip apm", "operator": "le", "version": "11.5.3"}, {"name": "big-ip aam", "operator": "le", "version": "11.6.0"}, {"name": "big-ip asm", "operator": "le", "version": "11.5.3"}, {"name": "big-ip pem", "operator": "le", "version": "11.5.3"}, {"name": "enterprise manager", "operator": "le", "version": "3.1.1"}, {"name": "big-ip wom", "operator": "le", "version": "11.3.0"}, {"name": "big-ip link controller", "operator": "le", "version": "10.2.4"}, {"name": "big-ip dns", "operator": "le", "version": "12.0.0"}, {"name": "big-ip gtm", "operator": "le", "version": "11.5.3"}], "_object_type": "robots.models.f5.F5Bulletin", "_object_types": ["robots.models.f5.F5Bulletin", "robots.models.base.Bulletin"]}], "openvas": [{"id": "OPENVAS:1361412562310120660", "hash": "d448475f39522906e40d0a037e2b0df6", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux: Security Advisory (ALAS-2016-670)", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "published": "2016-03-17T00:00:00", "modified": "2020-03-13T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120660", "reporter": "Copyright (C) 2016 Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2016-670.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2020-03-17T22:56:25", "history": [{"bulletin": {"id": "OPENVAS:1361412562310120660", "hash": "d8eaaa26f3abda082d69c67cd7d9cafaff0d6cdbdf74954beec92a2bc594ed47", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux: Security Advisory (ALAS-2016-670)", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "published": "2016-03-17T00:00:00", "modified": "2020-03-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120660", "reporter": "Copyright (C) 2016 Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2016-670.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2020-03-14T18:56:48", "history": [], "viewCount": 9, "enchantments": {"dependencies": {"modified": "2020-03-14T18:56:48", "references": [{"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310808617", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120396"], "type": "openvas"}, {"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "type": "cve"}, {"idList": ["KLA10929", "KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["SOL17377", "F5:K17377"], "type": "f5"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:104010", "H1:103995"], "type": "hackerone"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["FEDORA_2015-14978.NASL", "FEDORA_2015-14976.NASL", "PHP_5_5_29.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "FEDORA_2015-14977.NASL", "DEBIAN_DSA-3358.NASL", "PHP_5_6_13.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2016-670.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}]}, "score": {"modified": "2020-03-14T18:56:48", "value": 8.2, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310120660", "sourceData": "# Copyright (C) 2016 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120660\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2016-03-17 16:05:04 +0200 (Thu, 17 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"2020-03-14 11:59:40 +0000 (Sat, 14 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2016-670)\");\n script_tag(name:\"insight\", value:\"A NULL pointer dereference flaw was found in the XSLTProcessor class in PHP. An attacker could use this flaw to cause a PHP application to crash if it performed Extensible Stylesheet Language (XSL) transformations using untrusted XSLT files and allowed the use of PHP functions to be used as XSLT functions within XSL stylesheets. (CVE-2015-6837, CVE-2015-6838 )A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2015-6834, CVE-2015-6835, CVE-2015-6836 )\");\n script_tag(name:\"solution\", value:\"Run yum update php54 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-670.html\");\n script_cve_id(\"CVE-2015-6838\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2016 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php54-xml\", rpm:\"php54-xml~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-enchant\", rpm:\"php54-enchant~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-recode\", rpm:\"php54-recode~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mysqlnd\", rpm:\"php54-mysqlnd~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-tidy\", rpm:\"php54-tidy~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-bcmath\", rpm:\"php54-bcmath~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mcrypt\", rpm:\"php54-mcrypt~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-cli\", rpm:\"php54-cli~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-xmlrpc\", rpm:\"php54-xmlrpc~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-dba\", rpm:\"php54-dba~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-devel\", rpm:\"php54-devel~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-intl\", rpm:\"php54-intl~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pgsql\", rpm:\"php54-pgsql~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mbstring\", rpm:\"php54-mbstring~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-process\", rpm:\"php54-process~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-gd\", rpm:\"php54-gd~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pdo\", rpm:\"php54-pdo~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-embedded\", rpm:\"php54-embedded~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mssql\", rpm:\"php54-mssql~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-soap\", rpm:\"php54-soap~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-debuginfo\", rpm:\"php54-debuginfo~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mysql\", rpm:\"php54-mysql~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-snmp\", rpm:\"php54-snmp~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-fpm\", rpm:\"php54-fpm~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pspell\", rpm:\"php54-pspell~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-imap\", rpm:\"php54-imap~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54\", rpm:\"php54~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-odbc\", rpm:\"php54-odbc~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-ldap\", rpm:\"php54-ldap~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-common\", rpm:\"php54-common~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 9, "lastseen": "2020-03-14T18:56:48"}, {"bulletin": {"id": "OPENVAS:1361412562310120660", "hash": "5127345e227bd5d3f8d3074bd49d17eb28319d49874b099a1502df666aa477a6", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux Local Check: alas-2016-670", "description": "Amazon Linux Local Security Checks", "published": "2016-03-17T00:00:00", "modified": "2017-07-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120660", "reporter": "Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2016-670.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-09-01T23:46:45", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310120660", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Amazon Linux security check \n# $Id: alas-2016-670.nasl 6574 2017-07-06 13:41:26Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@iki.fi> \n#\n# OpenVAS and security consultance available from openvas@solinor.com\n# see https://solinor.fi/openvas-en/ for more information\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org \n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.120660\");\nscript_version(\"$Revision: 6574 $\");\nscript_tag(name:\"creation_date\", value:\"2016-03-17 16:05:04 +0200 (Thu, 17 Mar 2016)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:41:26 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Amazon Linux Local Check: alas-2016-670\");\nscript_tag(name: \"insight\", value: \"A NULL pointer dereference flaw was found in the XSLTProcessor class in PHP. An attacker could use this flaw to cause a PHP application to crash if it performed Extensible Stylesheet Language (XSL) transformations using untrusted XSLT files and allowed the use of PHP functions to be used as XSLT functions within XSL stylesheets. (CVE-2015-6837 , CVE-2015-6838 )A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2015-6834 , CVE-2015-6835 , CVE-2015-6836 )\"); \nscript_tag(name : \"solution\", value : \"Run yum update php54 to update your system.\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://alas.aws.amazon.com/ALAS-2016-670.html\");\nscript_cve_id(\"CVE-2015-6838\",\"CVE-2015-6834\",\"CVE-2015-6835\",\"CVE-2015-6836\",\"CVE-2015-6837\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Amazon Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"php54-xml\", rpm:\"php54-xml~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-enchant\", rpm:\"php54-enchant~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-recode\", rpm:\"php54-recode~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mysqlnd\", rpm:\"php54-mysqlnd~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-tidy\", rpm:\"php54-tidy~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-bcmath\", rpm:\"php54-bcmath~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mcrypt\", rpm:\"php54-mcrypt~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-cli\", rpm:\"php54-cli~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-xmlrpc\", rpm:\"php54-xmlrpc~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-dba\", rpm:\"php54-dba~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-devel\", rpm:\"php54-devel~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-intl\", rpm:\"php54-intl~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-pgsql\", rpm:\"php54-pgsql~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mbstring\", rpm:\"php54-mbstring~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-process\", rpm:\"php54-process~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-gd\", rpm:\"php54-gd~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-pdo\", rpm:\"php54-pdo~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-embedded\", rpm:\"php54-embedded~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mssql\", rpm:\"php54-mssql~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-soap\", rpm:\"php54-soap~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-debuginfo\", rpm:\"php54-debuginfo~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mysql\", rpm:\"php54-mysql~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-snmp\", rpm:\"php54-snmp~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-fpm\", rpm:\"php54-fpm~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-pspell\", rpm:\"php54-pspell~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-imap\", rpm:\"php54-imap~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54\", rpm:\"php54~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-odbc\", rpm:\"php54-odbc~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-ldap\", rpm:\"php54-ldap~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-common\", rpm:\"php54-common~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2018-09-01T23:46:45"}, {"bulletin": {"id": "OPENVAS:1361412562310120660", "hash": "e9558bc26cb7712cf692427b44b0a622938dfd2ad65cc499360df95236497362", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux Local Check: alas-2016-670", "description": "Amazon Linux Local Security Checks", "published": "2016-03-17T00:00:00", "modified": "2018-10-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120660", "reporter": "Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2016-670.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-10-02T14:29:06", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310120660", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2016-670.nasl 6574 2017-07-06 13:41:26Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# OpenVAS and security consultance available from openvas@solinor.com\n# see https://solinor.fi/openvas-en/ for more information\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120660\");\n script_version(\"$Revision: 11703 $\");\n script_tag(name:\"creation_date\", value:\"2016-03-17 16:05:04 +0200 (Thu, 17 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 10:05:31 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: alas-2016-670\");\n script_tag(name:\"insight\", value:\"A NULL pointer dereference flaw was found in the XSLTProcessor class in PHP. An attacker could use this flaw to cause a PHP application to crash if it performed Extensible Stylesheet Language (XSL) transformations using untrusted XSLT files and allowed the use of PHP functions to be used as XSLT functions within XSL stylesheets. (CVE-2015-6837, CVE-2015-6838 )A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2015-6834, CVE-2015-6835, CVE-2015-6836 )\");\n script_tag(name:\"solution\", value:\"Run yum update php54 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-670.html\");\n script_cve_id(\"CVE-2015-6838\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"php54-xml\", rpm:\"php54-xml~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-enchant\", rpm:\"php54-enchant~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-recode\", rpm:\"php54-recode~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mysqlnd\", rpm:\"php54-mysqlnd~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-tidy\", rpm:\"php54-tidy~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-bcmath\", rpm:\"php54-bcmath~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mcrypt\", rpm:\"php54-mcrypt~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-cli\", rpm:\"php54-cli~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-xmlrpc\", rpm:\"php54-xmlrpc~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-dba\", rpm:\"php54-dba~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-devel\", rpm:\"php54-devel~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-intl\", rpm:\"php54-intl~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-pgsql\", rpm:\"php54-pgsql~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mbstring\", rpm:\"php54-mbstring~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-process\", rpm:\"php54-process~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-gd\", rpm:\"php54-gd~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-pdo\", rpm:\"php54-pdo~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-embedded\", rpm:\"php54-embedded~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mssql\", rpm:\"php54-mssql~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-soap\", rpm:\"php54-soap~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-debuginfo\", rpm:\"php54-debuginfo~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mysql\", rpm:\"php54-mysql~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-snmp\", rpm:\"php54-snmp~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-fpm\", rpm:\"php54-fpm~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-pspell\", rpm:\"php54-pspell~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-imap\", rpm:\"php54-imap~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54\", rpm:\"php54~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-odbc\", rpm:\"php54-odbc~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-ldap\", rpm:\"php54-ldap~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-common\", rpm:\"php54-common~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 5, "lastseen": "2018-10-02T14:29:06"}, {"bulletin": {"id": "OPENVAS:1361412562310120660", "hash": "9b041eb675346c92a766bd4dc9173e696b8995cb795199fc12cc2b6c815752dd", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux Local Check: alas-2016-670", "description": "Amazon Linux Local Security Checks", "published": "2016-03-17T00:00:00", "modified": "2017-07-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120660", "reporter": "Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2016-670.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-08-30T19:21:03", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310120660", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Amazon Linux security check \n# $Id: alas-2016-670.nasl 6574 2017-07-06 13:41:26Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@iki.fi> \n#\n# OpenVAS and security consultance available from openvas@solinor.com\n# see https://solinor.fi/openvas-en/ for more information\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org \n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.120660\");\nscript_version(\"$Revision: 6574 $\");\nscript_tag(name:\"creation_date\", value:\"2016-03-17 16:05:04 +0200 (Thu, 17 Mar 2016)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:41:26 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Amazon Linux Local Check: alas-2016-670\");\nscript_tag(name: \"insight\", value: \"A NULL pointer dereference flaw was found in the XSLTProcessor class in PHP. An attacker could use this flaw to cause a PHP application to crash if it performed Extensible Stylesheet Language (XSL) transformations using untrusted XSLT files and allowed the use of PHP functions to be used as XSLT functions within XSL stylesheets. (CVE-2015-6837 , CVE-2015-6838 )A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2015-6834 , CVE-2015-6835 , CVE-2015-6836 )\"); \nscript_tag(name : \"solution\", value : \"Run yum update php54 to update your system.\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://alas.aws.amazon.com/ALAS-2016-670.html\");\nscript_cve_id(\"CVE-2015-6838\",\"CVE-2015-6834\",\"CVE-2015-6835\",\"CVE-2015-6836\",\"CVE-2015-6837\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Amazon Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"php54-xml\", rpm:\"php54-xml~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-enchant\", rpm:\"php54-enchant~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-recode\", rpm:\"php54-recode~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mysqlnd\", rpm:\"php54-mysqlnd~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-tidy\", rpm:\"php54-tidy~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-bcmath\", rpm:\"php54-bcmath~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mcrypt\", rpm:\"php54-mcrypt~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-cli\", rpm:\"php54-cli~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-xmlrpc\", rpm:\"php54-xmlrpc~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-dba\", rpm:\"php54-dba~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-devel\", rpm:\"php54-devel~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-intl\", rpm:\"php54-intl~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-pgsql\", rpm:\"php54-pgsql~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mbstring\", rpm:\"php54-mbstring~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-process\", rpm:\"php54-process~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-gd\", rpm:\"php54-gd~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-pdo\", rpm:\"php54-pdo~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-embedded\", rpm:\"php54-embedded~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mssql\", rpm:\"php54-mssql~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-soap\", rpm:\"php54-soap~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-debuginfo\", rpm:\"php54-debuginfo~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mysql\", rpm:\"php54-mysql~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-snmp\", rpm:\"php54-snmp~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-fpm\", rpm:\"php54-fpm~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-pspell\", rpm:\"php54-pspell~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-imap\", rpm:\"php54-imap~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54\", rpm:\"php54~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-odbc\", rpm:\"php54-odbc~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-ldap\", rpm:\"php54-ldap~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-common\", rpm:\"php54-common~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:21:03"}, {"bulletin": {"id": "OPENVAS:1361412562310120660", "hash": "fd264a6a7024cac28b73b1a2de331210a5501ea4d3574d1d3c9851f1a5ce072d", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux Local Check: alas-2016-670", "description": "Amazon Linux Local Security Checks", "published": "2016-03-17T00:00:00", "modified": "2017-03-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120660", "reporter": "Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2016-670.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2017-07-02T21:13:14", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310120660", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Amazon Linux security check \n# $Id: alas-2016-670.nasl 5712 2017-03-24 10:00:49Z teissa $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@iki.fi> \n#\n# OpenVAS and security consultance available from openvas@solinor.com\n# see https://solinor.fi/openvas-en/ for more information\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org \n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.120660\");\nscript_version(\"$Revision: 5712 $\");\nscript_tag(name:\"creation_date\", value:\"2016-03-17 16:05:04 +0200 (Thu, 17 Mar 2016)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-03-24 11:00:49 +0100 (Fri, 24 Mar 2017) $\");\nscript_name(\"Amazon Linux Local Check: alas-2016-670\");\nscript_tag(name: \"insight\", value: \"A NULL pointer dereference flaw was found in the XSLTProcessor class in PHP. An attacker could use this flaw to cause a PHP application to crash if it performed Extensible Stylesheet Language (XSL) transformations using untrusted XSLT files and allowed the use of PHP functions to be used as XSLT functions within XSL stylesheets. (CVE-2015-6837 , CVE-2015-6838 )A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2015-6834 , CVE-2015-6835 , CVE-2015-6836 )\"); \nscript_tag(name : \"solution\", value : \"Run yum update php54 to update your system.\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://alas.aws.amazon.com/ALAS-2016-670.html\");\nscript_cve_id(\"CVE-2015-6838\",\"CVE-2015-6834\",\"CVE-2015-6835\",\"CVE-2015-6836\",\"CVE-2015-6837\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"HostDetails/OS/cpe:/o:amazon:linux\", \"login/SSH/success\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Amazon Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"php54-xml\", rpm:\"php54-xml~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-enchant\", rpm:\"php54-enchant~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-recode\", rpm:\"php54-recode~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mysqlnd\", rpm:\"php54-mysqlnd~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-tidy\", rpm:\"php54-tidy~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-bcmath\", rpm:\"php54-bcmath~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mcrypt\", rpm:\"php54-mcrypt~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-cli\", rpm:\"php54-cli~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-xmlrpc\", rpm:\"php54-xmlrpc~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-dba\", rpm:\"php54-dba~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-devel\", rpm:\"php54-devel~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-intl\", rpm:\"php54-intl~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-pgsql\", rpm:\"php54-pgsql~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mbstring\", rpm:\"php54-mbstring~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-process\", rpm:\"php54-process~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-gd\", rpm:\"php54-gd~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-pdo\", rpm:\"php54-pdo~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-embedded\", rpm:\"php54-embedded~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mssql\", rpm:\"php54-mssql~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-soap\", rpm:\"php54-soap~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-debuginfo\", rpm:\"php54-debuginfo~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-mysql\", rpm:\"php54-mysql~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-snmp\", rpm:\"php54-snmp~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-fpm\", rpm:\"php54-fpm~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-pspell\", rpm:\"php54-pspell~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-imap\", rpm:\"php54-imap~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54\", rpm:\"php54~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-odbc\", rpm:\"php54-odbc~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-ldap\", rpm:\"php54-ldap~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php54-common\", rpm:\"php54-common~5.4.45~1.75.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:13:14"}], "viewCount": 10, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K17377", "SOL17377"]}, {"type": "nessus", "idList": ["FEDORA_2015-14977.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "8861.PRM", "FEDORA_2015-14976.NASL", "PHP_5_5_29.NASL", "FEDORA_2015-14978.NASL", "ALA_ALAS-2016-670.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "F5_BIGIP_SOL17377.NASL", "DEBIAN_DSA-3358.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:703358", "OPENVAS:1361412562310120396", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310703358", "OPENVAS:1361412562310120520"]}, {"type": "slackware", "idList": ["SSA-2015-274-02"]}, {"type": "freebsd", "idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "fedora", "idList": ["FEDORA:90BE461976AB", "FEDORA:02C1260F4011", "FEDORA:F0C5861361B0"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"]}, {"type": "amazon", "idList": ["ALAS-2015-602", "ALAS-2015-601", "ALAS-2017-788", "ALAS-2016-670"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32566", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32511", "SECURITYVULNS:VULN:14694"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6837", "UB:CVE-2015-6836", "UB:CVE-2015-6838", "UB:CVE-2015-6835", "UB:CVE-2015-6834"]}, {"type": "cve", "idList": ["CVE-2015-6837", "CVE-2015-6836", "CVE-2015-6838", "CVE-2015-6835", "CVE-2015-6834"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1818-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1638-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2015:1701-1"]}, {"type": "ubuntu", "idList": ["USN-2758-1"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "exploitdb", "idList": ["EDB-ID:38120", "EDB-ID:38122", "EDB-ID:38123"]}, {"type": "hackerone", "idList": ["H1:103995", "H1:103997", "H1:103996", "H1:103998", "H1:104010"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9936"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"]}, {"type": "kaspersky", "idList": ["KLA10746", "KLA10747"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1605798462"]}], "modified": "2020-03-17T22:56:25", "rev": 2}, "score": {"value": 8.2, "vector": "NONE", "modified": "2020-03-17T22:56:25", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310120660", "sourceData": "# Copyright (C) 2016 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120660\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2016-03-17 16:05:04 +0200 (Thu, 17 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2016-670)\");\n script_tag(name:\"insight\", value:\"A NULL pointer dereference flaw was found in the XSLTProcessor class in PHP. An attacker could use this flaw to cause a PHP application to crash if it performed Extensible Stylesheet Language (XSL) transformations using untrusted XSLT files and allowed the use of PHP functions to be used as XSLT functions within XSL stylesheets. (CVE-2015-6837, CVE-2015-6838 )A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2015-6834, CVE-2015-6835, CVE-2015-6836 )\");\n script_tag(name:\"solution\", value:\"Run yum update php54 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-670.html\");\n script_cve_id(\"CVE-2015-6838\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2016 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php54-xml\", rpm:\"php54-xml~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-enchant\", rpm:\"php54-enchant~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-recode\", rpm:\"php54-recode~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mysqlnd\", rpm:\"php54-mysqlnd~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-tidy\", rpm:\"php54-tidy~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-bcmath\", rpm:\"php54-bcmath~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mcrypt\", rpm:\"php54-mcrypt~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-cli\", rpm:\"php54-cli~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-xmlrpc\", rpm:\"php54-xmlrpc~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-dba\", rpm:\"php54-dba~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-devel\", rpm:\"php54-devel~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-intl\", rpm:\"php54-intl~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pgsql\", rpm:\"php54-pgsql~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mbstring\", rpm:\"php54-mbstring~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-process\", rpm:\"php54-process~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-gd\", rpm:\"php54-gd~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pdo\", rpm:\"php54-pdo~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-embedded\", rpm:\"php54-embedded~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mssql\", rpm:\"php54-mssql~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-soap\", rpm:\"php54-soap~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-debuginfo\", rpm:\"php54-debuginfo~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mysql\", rpm:\"php54-mysql~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-snmp\", rpm:\"php54-snmp~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-fpm\", rpm:\"php54-fpm~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pspell\", rpm:\"php54-pspell~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-imap\", rpm:\"php54-imap~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54\", rpm:\"php54~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-odbc\", rpm:\"php54-odbc~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-ldap\", rpm:\"php54-ldap~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-common\", rpm:\"php54-common~5.4.45~1.75.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Amazon Linux Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310703358", "hash": "5135abb91463e7ce182f740332f32bf1", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 3358-1 (php5 - security update)", "description": "Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes.", "published": "2015-09-13T00:00:00", "modified": "2019-03-18T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703358", "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "references": ["http://www.debian.org/security/2015/dsa-3358.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2019-05-29T18:36:59", "history": [{"bulletin": {"id": "OPENVAS:1361412562310703358", "hash": "f469b9e74256f02749022b7bc0471ff07c1c9696aaaf8a2ebffce434473d0658", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 3358-1 (php5 - security update)", "description": "Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes. Please\nrefer to the upstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.4.45https://php.net/ChangeLog-5.php#5.6.13", "published": "2015-09-13T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703358", "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "references": ["http://www.debian.org/security/2015/dsa-3358.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-09-01T23:52:44", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"modified": "2018-09-01T23:52:44", "references": [{"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}, {"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "type": "cve"}, {"idList": ["KLA10929", "KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["SOL17377", "F5:K17377"], "type": "f5"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:104010", "H1:103995"], "type": "hackerone"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["FEDORA_2015-14976.NASL", "PHP_5_5_29.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "PHP_5_4_45.NASL", "FEDORA_2015-14977.NASL", "DEBIAN_DSA-3358.NASL", "PHP_5_6_13.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2016-670.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["OPENVAS:1361412562310808616", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120396"], "type": "openvas"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310703358", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3358.nasl 9355 2018-04-06 07:16:07Z cfischer $\n# Auto-generated from advisory DSA 3358-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703358\");\n script_version(\"$Revision: 9355 $\");\n script_cve_id(\"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_name(\"Debian Security Advisory DSA 3358-1 (php5 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:16:07 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2015-09-13 00:00:00 +0200 (Sun, 13 Sep 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3358.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"php5 on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package is a metapackage that,\nwhen installed, guarantees that you have at least one of the four server-side\nversions of the PHP5 interpreter installed. Removing this package won't remove\nPHP5 from your system, however it may remove other packages that depend on this\none.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 5.4.45-0+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.6.13+dfsg-0+deb8u1.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes. Please\nrefer to the upstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.4.45https://php.net/ChangeLog-5.php#5.6.13\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks"}, "differentElements": ["description", "modified", "sourceData"], "edition": 3, "lastseen": "2018-09-01T23:52:44"}, {"bulletin": {"id": "OPENVAS:1361412562310703358", "hash": "3adf9b1c49917672e22bf7e95bade093f4d8388c8e3c097ccd8fafee85434b25", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 3358-1 (php5 - security update)", "description": "Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes.", "published": "2015-09-13T00:00:00", "modified": "2019-03-18T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703358", "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "references": ["http://www.debian.org/security/2015/dsa-3358.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2019-03-19T12:37:18", "history": [], "viewCount": 3, "enchantments": {"dependencies": {"modified": "2019-03-19T12:37:18", "references": [{"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}, {"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "type": "cve"}, {"idList": ["KLA10929", "KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["SOL17377", "F5:K17377"], "type": "f5"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["FEDORA_2015-14978.NASL", "FEDORA_2015-14976.NASL", "PHP_5_5_29.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "PHP_5_4_45.NASL", "FEDORA_2015-14977.NASL", "DEBIAN_DSA-3358.NASL", "PHP_5_6_13.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2016-670.NASL"], "type": "nessus"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:104010", "H1:103995"], "type": "hackerone"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["OPENVAS:1361412562310808616", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120396"], "type": "openvas"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310703358", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3358.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3358-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703358\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_name(\"Debian Security Advisory DSA 3358-1 (php5 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-13 00:00:00 +0200 (Sun, 13 Sep 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3358.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"php5 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 5.4.45-0+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.6.13+dfsg-0+deb8u1.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "naslFamily": "Debian Local Security Checks"}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2019-03-19T12:37:18"}, {"bulletin": {"id": "OPENVAS:1361412562310703358", "hash": "f469b9e74256f02749022b7bc0471ff07c1c9696aaaf8a2ebffce434473d0658", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 3358-1 (php5 - security update)", "description": "Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes. Please\nrefer to the upstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.4.45https://php.net/ChangeLog-5.php#5.6.13", "published": "2015-09-13T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703358", "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "references": ["http://www.debian.org/security/2015/dsa-3358.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-04-06T11:29:46", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310703358", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3358.nasl 9355 2018-04-06 07:16:07Z cfischer $\n# Auto-generated from advisory DSA 3358-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703358\");\n script_version(\"$Revision: 9355 $\");\n script_cve_id(\"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_name(\"Debian Security Advisory DSA 3358-1 (php5 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:16:07 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2015-09-13 00:00:00 +0200 (Sun, 13 Sep 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3358.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"php5 on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package is a metapackage that,\nwhen installed, guarantees that you have at least one of the four server-side\nversions of the PHP5 interpreter installed. Removing this package won't remove\nPHP5 from your system, however it may remove other packages that depend on this\none.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 5.4.45-0+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.6.13+dfsg-0+deb8u1.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes. Please\nrefer to the upstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.4.45https://php.net/ChangeLog-5.php#5.6.13\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks"}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2018-04-06T11:29:46"}, {"bulletin": {"id": "OPENVAS:1361412562310703358", "hash": "cf49f76951237f30a8395b8dec5e7a259039d26abf6325fde9c2cb10980d1a68", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 3358-1 (php5 - security update)", "description": "Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes. Please\nrefer to the upstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.4.45https://php.net/ChangeLog-5.php#5.6.13", "published": "2015-09-13T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703358", "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "references": ["http://www.debian.org/security/2015/dsa-3358.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-08-30T19:23:04", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310703358", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3358.nasl 9355 2018-04-06 07:16:07Z cfischer $\n# Auto-generated from advisory DSA 3358-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703358\");\n script_version(\"$Revision: 9355 $\");\n script_cve_id(\"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_name(\"Debian Security Advisory DSA 3358-1 (php5 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:16:07 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2015-09-13 00:00:00 +0200 (Sun, 13 Sep 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3358.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"php5 on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package is a metapackage that,\nwhen installed, guarantees that you have at least one of the four server-side\nversions of the PHP5 interpreter installed. Removing this package won't remove\nPHP5 from your system, however it may remove other packages that depend on this\none.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 5.4.45-0+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.6.13+dfsg-0+deb8u1.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes. Please\nrefer to the upstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.4.45https://php.net/ChangeLog-5.php#5.6.13\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks"}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-08-30T19:23:04"}], "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["SOL17377", "F5:K17377"]}, {"type": "fedora", "idList": ["FEDORA:90BE461976AB", "FEDORA:F0C5861361B0", "FEDORA:02C1260F4011"]}, {"type": "slackware", "idList": ["SSA-2015-274-02"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310850689", "OPENVAS:703358", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310120396", "OPENVAS:1361412562310120660", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310869939"]}, {"type": "freebsd", "idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL17377.NASL", "FEDORA_2015-14976.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "FEDORA_2015-14978.NASL", "DEBIAN_DSA-3358.NASL", "PHP_5_5_29.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "FEDORA_2015-14977.NASL", "ALA_ALAS-2016-670.NASL", "8861.PRM"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32511", "SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:VULN:14702"]}, {"type": "debian", "idList": ["DEBIAN:DLA-341-1:DA682", "DEBIAN:DSA-3358-1:5263D"]}, {"type": "amazon", "idList": ["ALAS-2017-788", "ALAS-2015-601", "ALAS-2015-602", "ALAS-2016-670"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6837", "UB:CVE-2015-6834", "UB:CVE-2015-6838", "UB:CVE-2015-6836", "UB:CVE-2015-6835"]}, {"type": "cve", "idList": ["CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6838", "CVE-2015-6835", "CVE-2015-6836"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1633-1", "SUSE-SU-2015:1701-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1638-1", "SUSE-SU-2015:1818-1"]}, {"type": "ubuntu", "idList": ["USN-2758-1"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "exploitdb", "idList": ["EDB-ID:38122", "EDB-ID:38123", "EDB-ID:38120"]}, {"type": "hackerone", "idList": ["H1:103996", "H1:104010", "H1:103997", "H1:103995", "H1:103998"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9936"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"]}, {"type": "kaspersky", "idList": ["KLA10746", "KLA10747"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1605798462"]}], "modified": "2019-05-29T18:36:59", "rev": 2}, "score": {"value": 7.2, "vector": "NONE", "modified": "2019-05-29T18:36:59", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310703358", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3358.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3358-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703358\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_name(\"Debian Security Advisory DSA 3358-1 (php5 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-13 00:00:00 +0200 (Sun, 13 Sep 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3358.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"php5 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 5.4.45-0+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.6.13+dfsg-0+deb8u1.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.45-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "naslFamily": "Debian Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310869939", "hash": "3fc58a4687e51ce87eebaac82cc15ff2", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php FEDORA-2015-14976", "description": "The remote host is missing an update for the ", "published": "2015-10-07T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869939", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015-14976", "https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166337.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2019-05-29T18:36:28", "history": [{"bulletin": {"id": "OPENVAS:1361412562310869939", "hash": "38943ed013d983095c6e9851ed0388337d0fcebb48ccd92a5aa63a8e20ff62ff", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php FEDORA-2015-14976", "description": "Check the version of php", "published": "2015-10-07T00:00:00", "modified": "2017-06-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869939", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015-14976", "https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166337.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2017-07-03T10:53:55", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310869939", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2015-14976\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869939\");\n script_version(\"$Revision: 6357 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-06-16 12:00:29 +0200 (Fri, 16 Jun 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-07 18:42:25 +0530 (Wed, 07 Oct 2015)\");\n script_cve_id(\"CVE-2015-6837\", \"CVE-2015-6838\", \"CVE-2015-6834\", \"CVE-2015-6836\",\n \"CVE-2015-6835\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2015-14976\");\n script_tag(name: \"summary\", value: \"Check the version of php\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"PHP is an HTML-embedded scripting language.\nPHP attempts to make it easy for developers to write dynamically generated web\npages. PHP also offers built-in database integration for several commercial and\nnon-commercial database management systems, so writing a database-enabled webpage\nwith PHP is fairly simple. The most common use of PHP coding is probably as a\nreplacement for CGI scripts.\n\nThe php package contains the module (often referred to as mod_php) which adds\nsupport for the PHP language to Apache HTTP Server.\n\");\n script_tag(name: \"affected\", value: \"php on Fedora 21\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-14976\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166337.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/release\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.6.13~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-07-03T10:53:55"}, {"bulletin": {"id": "OPENVAS:1361412562310869939", "hash": "448604ac24ed57237f6da1144ceb66c2f93beb36ce8870cc71bda44dce1b1099", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php FEDORA-2015-14976", "description": "Check the version of php", "published": "2015-10-07T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869939", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015-14976", "https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166337.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-08-30T19:22:25", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310869939", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2015-14976\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869939\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-07 18:42:25 +0530 (Wed, 07 Oct 2015)\");\n script_cve_id(\"CVE-2015-6837\", \"CVE-2015-6838\", \"CVE-2015-6834\", \"CVE-2015-6836\",\n \"CVE-2015-6835\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2015-14976\");\n script_tag(name: \"summary\", value: \"Check the version of php\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"PHP is an HTML-embedded scripting language.\nPHP attempts to make it easy for developers to write dynamically generated web\npages. PHP also offers built-in database integration for several commercial and\nnon-commercial database management systems, so writing a database-enabled webpage\nwith PHP is fairly simple. The most common use of PHP coding is probably as a\nreplacement for CGI scripts.\n\nThe php package contains the module (often referred to as mod_php) which adds\nsupport for the PHP language to Apache HTTP Server.\n\");\n script_tag(name: \"affected\", value: \"php on Fedora 21\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-14976\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166337.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.6.13~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:22:25"}, {"bulletin": {"id": "OPENVAS:1361412562310869939", "hash": "1893865d05f52812a4f2eedd6270929e84e8512f8b5ba77c47a9bcc09e0e299c", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php FEDORA-2015-14976", "description": "The remote host is missing an update for the ", "published": "2015-10-07T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869939", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015-14976", "https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166337.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2019-03-18T14:35:07", "history": [], "viewCount": 3, "enchantments": {"dependencies": {"modified": "2019-03-18T14:35:07", "references": [{"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}, {"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "type": "cve"}, {"idList": ["KLA10929", "KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["FEDORA_2015-14978.NASL", "FEDORA_2015-14976.NASL", "PHP_5_5_29.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "PHP_5_4_45.NASL", "FEDORA_2015-14977.NASL", "PHP_5_6_13.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2016-670.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["SOL17377", "F5:K17377"], "type": "f5"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:104010", "H1:103995"], "type": "hackerone"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120396"], "type": "openvas"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310869939", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2015-14976\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869939\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-07 18:42:25 +0530 (Wed, 07 Oct 2015)\");\n script_cve_id(\"CVE-2015-6837\", \"CVE-2015-6838\", \"CVE-2015-6834\", \"CVE-2015-6836\",\n \"CVE-2015-6835\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2015-14976\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"php on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-14976\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166337.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.6.13~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 6, "lastseen": "2019-03-18T14:35:07"}, {"bulletin": {"id": "OPENVAS:1361412562310869939", "hash": "26a2a967c9109815fc2eccf0630b3dcd1b953deeb10081f76013812cec56321d", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php FEDORA-2015-14976", "description": "Check the version of php", "published": "2015-10-07T00:00:00", "modified": "2016-05-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869939", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015-14976", "https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166337.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2017-07-02T21:11:47", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310869939", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2015-14976\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869939\");\n script_version(\"$Revision: 3374 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-05-24 09:01:05 +0200 (Tue, 24 May 2016) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-07 18:42:25 +0530 (Wed, 07 Oct 2015)\");\n script_cve_id(\"CVE-2015-6837\", \"CVE-2015-6838\", \"CVE-2015-6834\", \"CVE-2015-6836\",\n \"CVE-2015-6835\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2015-14976\");\n script_tag(name: \"summary\", value: \"Check the version of php\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"PHP is an HTML-embedded scripting language.\nPHP attempts to make it easy for developers to write dynamically generated web\npages. PHP also offers built-in database integration for several commercial and\nnon-commercial database management systems, so writing a database-enabled webpage\nwith PHP is fairly simple. The most common use of PHP coding is probably as a\nreplacement for CGI scripts.\n\nThe php package contains the module (often referred to as mod_php) which adds\nsupport for the PHP language to Apache HTTP Server.\n\");\n script_tag(name: \"affected\", value: \"php on Fedora 21\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-14976\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166337.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/release\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.6.13~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:11:47"}, {"bulletin": {"id": "OPENVAS:1361412562310869939", "hash": "60c17eda4d719c1ae6ca383941f4f6c3f56bdd2a3a98d30cb5d52b15385f0fef", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php FEDORA-2015-14976", "description": "Check the version of php", "published": "2015-10-07T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869939", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015-14976", "https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166337.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2017-07-25T10:52:47", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310869939", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2015-14976\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869939\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-07 18:42:25 +0530 (Wed, 07 Oct 2015)\");\n script_cve_id(\"CVE-2015-6837\", \"CVE-2015-6838\", \"CVE-2015-6834\", \"CVE-2015-6836\",\n \"CVE-2015-6835\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2015-14976\");\n script_tag(name: \"summary\", value: \"Check the version of php\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"PHP is an HTML-embedded scripting language.\nPHP attempts to make it easy for developers to write dynamically generated web\npages. PHP also offers built-in database integration for several commercial and\nnon-commercial database management systems, so writing a database-enabled webpage\nwith PHP is fairly simple. The most common use of PHP coding is probably as a\nreplacement for CGI scripts.\n\nThe php package contains the module (often referred to as mod_php) which adds\nsupport for the PHP language to Apache HTTP Server.\n\");\n script_tag(name: \"affected\", value: \"php on Fedora 21\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-14976\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166337.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.6.13~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2017-07-25T10:52:47"}], "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K17377", "SOL17377"]}, {"type": "nessus", "idList": ["8861.PRM", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "FEDORA_2015-14976.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "FEDORA_2015-14978.NASL", "F5_BIGIP_SOL17377.NASL", "FEDORA_2015-14977.NASL", "ALA_ALAS-2016-670.NASL", "PHP_5_5_29.NASL", "DEBIAN_DSA-3358.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310869941", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310120396", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310703358", "OPENVAS:1361412562310808617"]}, {"type": "slackware", "idList": ["SSA-2015-274-02"]}, {"type": "freebsd", "idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "fedora", "idList": ["FEDORA:02C1260F4011", "FEDORA:90BE461976AB", "FEDORA:F0C5861361B0"]}, {"type": "debian", "idList": ["DEBIAN:DLA-341-1:DA682", "DEBIAN:DSA-3358-1:5263D"]}, {"type": "amazon", "idList": ["ALAS-2016-670", "ALAS-2015-601", "ALAS-2015-602", "ALAS-2017-788"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32511", "SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:VULN:14702"]}, {"type": "cve", "idList": ["CVE-2015-6837", "CVE-2015-6836", "CVE-2015-6835", "CVE-2015-6834", "CVE-2015-6838"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6836", "UB:CVE-2015-6834", "UB:CVE-2015-6835", "UB:CVE-2015-6838", "UB:CVE-2015-6837"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1633-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1638-1", "SUSE-SU-2015:1701-1", "SUSE-SU-2015:1818-1"]}, {"type": "ubuntu", "idList": ["USN-2758-1"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "exploitdb", "idList": ["EDB-ID:38120", "EDB-ID:38122", "EDB-ID:38123"]}, {"type": "hackerone", "idList": ["H1:103996", "H1:103997", "H1:103998", "H1:104010", "H1:103995"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9936"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"]}, {"type": "kaspersky", "idList": ["KLA10746", "KLA10747"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1605798462"]}], "modified": "2019-05-29T18:36:28", "rev": 2}, "score": {"value": 6.6, "vector": "NONE", "modified": "2019-05-29T18:36:28", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310869939", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2015-14976\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869939\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-07 18:42:25 +0530 (Wed, 07 Oct 2015)\");\n script_cve_id(\"CVE-2015-6837\", \"CVE-2015-6838\", \"CVE-2015-6834\", \"CVE-2015-6836\",\n \"CVE-2015-6835\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2015-14976\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"php on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-14976\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166337.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.6.13~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:703358", "hash": "7b39e599cfd2aa93d73bbcbf4535f7a0", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 3358-1 (php5 - security update)", "description": "Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes. Please\nrefer to the upstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.4.45https://php.net/ChangeLog-5.php#5.6.13", "published": "2015-09-13T00:00:00", "modified": "2017-07-07T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=703358", "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "references": ["http://www.debian.org/security/2015/dsa-3358.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2017-07-24T12:53:54", "history": [{"lastseen": "2017-07-02T21:12:33", "differentElements": ["modified", "sourceData"], "edition": 1, "bulletin": {"id": "OPENVAS:703358", "hash": "018caf8fb056839bc2dae165826f3766a85c1a51a3cd538d699ba57a20dafd17", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 3358-1 (php5 - security update)", "description": "Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes. Please\nrefer to the upstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.4.45https://php.net/ChangeLog-5.php#5.6.13", "published": "2015-09-13T00:00:00", "modified": "2017-05-18T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=703358", "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "references": ["http://www.debian.org/security/2015/dsa-3358.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2017-07-02T21:12:33", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "703358", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3358.nasl 6159 2017-05-18 09:03:44Z teissa $\n# Auto-generated from advisory DSA 3358-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703358);\n script_version(\"$Revision: 6159 $\");\n script_cve_id(\"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_name(\"Debian Security Advisory DSA 3358-1 (php5 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-05-18 11:03:44 +0200 (Thu, 18 May 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-09-13 00:00:00 +0200 (Sun, 13 Sep 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3358.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:debian:debian_linux\", \"login/SSH/success\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"php5 on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package is a metapackage that,\nwhen installed, guarantees that you have at least one of the four server-side\nversions of the PHP5 interpreter installed. Removing this package won't remove\nPHP5 from your system, however it may remove other packages that depend on this\none.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 5.4.45-0+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.6.13+dfsg-0+deb8u1.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes. Please\nrefer to the upstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.4.45https://php.net/ChangeLog-5.php#5.6.13\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks"}}], "viewCount": 6, "enchantments": {"score": {"value": 7.8, "vector": "NONE", "modified": "2017-07-24T12:53:54", "rev": 2}, "dependencies": {"references": [{"type": "f5", "idList": ["F5:K17377", "SOL17377"]}, {"type": "nessus", "idList": ["8861.PRM", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "FEDORA_2015-14976.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "FEDORA_2015-14978.NASL", "F5_BIGIP_SOL17377.NASL", "FEDORA_2015-14977.NASL", "ALA_ALAS-2016-670.NASL", "PHP_5_5_29.NASL", "DEBIAN_DSA-3358.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310869941", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310120396", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310120660", "OPENVAS:1361412562310703358", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310808617"]}, {"type": "slackware", "idList": ["SSA-2015-274-02"]}, {"type": "freebsd", "idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "fedora", "idList": ["FEDORA:02C1260F4011", "FEDORA:90BE461976AB", "FEDORA:F0C5861361B0"]}, {"type": "debian", "idList": ["DEBIAN:DLA-341-1:DA682", "DEBIAN:DSA-3358-1:5263D"]}, {"type": "amazon", "idList": ["ALAS-2016-670", "ALAS-2015-601", "ALAS-2015-602", "ALAS-2017-788"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32511", "SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:VULN:14702"]}, {"type": "cve", "idList": ["CVE-2015-6837", "CVE-2015-6836", "CVE-2015-6835", "CVE-2015-6834", "CVE-2015-6838"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6836", "UB:CVE-2015-6834", "UB:CVE-2015-6835", "UB:CVE-2015-6838", "UB:CVE-2015-6837"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1633-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1638-1", "SUSE-SU-2015:1701-1", "SUSE-SU-2015:1818-1"]}, {"type": "ubuntu", "idList": ["USN-2758-1"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "exploitdb", "idList": ["EDB-ID:38120", "EDB-ID:38122", "EDB-ID:38123"]}, {"type": "hackerone", "idList": ["H1:103996", "H1:103997", "H1:103998", "H1:104010", "H1:103995"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9936"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"]}, {"type": "kaspersky", "idList": ["KLA10746", "KLA10747"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1605798462"]}], "modified": "2017-07-24T12:53:54", "rev": 2}}, "objectVersion": "1.5", "pluginID": "703358", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3358.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3358-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703358);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_name(\"Debian Security Advisory DSA 3358-1 (php5 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-09-13 00:00:00 +0200 (Sun, 13 Sep 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3358.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"php5 on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package is a metapackage that,\nwhen installed, guarantees that you have at least one of the four server-side\nversions of the PHP5 interpreter installed. Removing this package won't remove\nPHP5 from your system, however it may remove other packages that depend on this\none.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 5.4.45-0+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.6.13+dfsg-0+deb8u1.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were found in\nPHP, a general-purpose scripting language commonly used for web application\ndevelopment.\n\nThe vulnerabilities are addressed by upgrading PHP to new upstream\nversions (5.4.45 and 5.6.13), which include additional bug fixes. Please\nrefer to the upstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.4.45https://php.net/ChangeLog-5.php#5.6.13\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.45-0+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310869941", "hash": "4ff8cc2ba710f763c7577464b4099a91", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php FEDORA-2015-14977", "description": "The remote host is missing an update for the ", "published": "2015-10-07T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869941", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015-14977", "https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166357.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2019-05-29T18:36:15", "history": [{"bulletin": {"id": "OPENVAS:1361412562310869941", "hash": "d6dad02060be8a03fa111efa4685db134bbd303b408fe50f560c5b67a5a97bc1", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php FEDORA-2015-14977", "description": "The remote host is missing an update for the ", "published": "2015-10-07T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869941", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015-14977", "https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166357.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2019-03-18T14:34:31", "history": [], "viewCount": 8, "enchantments": {"dependencies": {"modified": "2019-03-18T14:34:31", "references": [{"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}, {"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "type": "cve"}, {"idList": ["KLA10929", "KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120396"], "type": "openvas"}, {"idList": ["SOL17377", "F5:K17377"], "type": "f5"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["FEDORA_2015-14978.NASL", "FEDORA_2015-14976.NASL", "PHP_5_5_29.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "PHP_5_4_45.NASL", "FEDORA_2015-14977.NASL", "DEBIAN_DSA-3358.NASL", "PHP_5_6_13.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2016-670.NASL"], "type": "nessus"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:104010", "H1:103995"], "type": "hackerone"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310869941", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2015-14977\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869941\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-07 18:40:12 +0530 (Wed, 07 Oct 2015)\");\n script_cve_id(\"CVE-2015-6834\", \"CVE-2015-6836\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2015-14977\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"php on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-14977\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166357.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.6.13~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 6, "lastseen": "2019-03-18T14:34:31"}, {"bulletin": {"id": "OPENVAS:1361412562310869941", "hash": "b6d8bd5f451efb2ea4639419093c24253a7493be6524b29339186b755e567a03", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php FEDORA-2015-14977", "description": "Check the version of php", "published": "2015-10-07T00:00:00", "modified": "2017-06-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869941", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015-14977", "https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166357.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2017-07-11T10:52:38", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310869941", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2015-14977\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869941\");\n script_version(\"$Revision: 6431 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-06-26 11:59:24 +0200 (Mon, 26 Jun 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-07 18:40:12 +0530 (Wed, 07 Oct 2015)\");\n script_cve_id(\"CVE-2015-6834\", \"CVE-2015-6836\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2015-14977\");\n script_tag(name: \"summary\", value: \"Check the version of php\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"PHP is an HTML-embedded scripting language.\nPHP attempts to make it easy for developers to write dynamically generated web\npages. PHP also offers built-in database integration for several commercial and\nnon-commercial database management systems, so writing a database-enabled webpage\nwith PHP is fairly simple. The most common use of PHP coding is probably as a\nreplacement for CGI scripts.\n\nThe php package contains the module (often referred to as mod_php) which adds\nsupport for the PHP language to Apache HTTP Server.\n\");\n script_tag(name: \"affected\", value: \"php on Fedora 22\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-14977\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166357.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/release\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.6.13~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-07-11T10:52:38"}, {"bulletin": {"id": "OPENVAS:1361412562310869941", "hash": "a1b12d05ea254f53fbc58b4464d49618cc994fc2b2f3277a483a4ee32a4e7f68", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php FEDORA-2015-14977", "description": "Check the version of php", "published": "2015-10-07T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869941", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015-14977", "https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166357.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2017-07-25T10:53:46", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310869941", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2015-14977\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869941\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-07 18:40:12 +0530 (Wed, 07 Oct 2015)\");\n script_cve_id(\"CVE-2015-6834\", \"CVE-2015-6836\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2015-14977\");\n script_tag(name: \"summary\", value: \"Check the version of php\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"PHP is an HTML-embedded scripting language.\nPHP attempts to make it easy for developers to write dynamically generated web\npages. PHP also offers built-in database integration for several commercial and\nnon-commercial database management systems, so writing a database-enabled webpage\nwith PHP is fairly simple. The most common use of PHP coding is probably as a\nreplacement for CGI scripts.\n\nThe php package contains the module (often referred to as mod_php) which adds\nsupport for the PHP language to Apache HTTP Server.\n\");\n script_tag(name: \"affected\", value: \"php on Fedora 22\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-14977\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166357.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.6.13~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2017-07-25T10:53:46"}, {"bulletin": {"id": "OPENVAS:1361412562310869941", "hash": "fada07d48a3c9e52695efc7e64466af6e2866a586ee4685dbb444496b27965dc", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php FEDORA-2015-14977", "description": "Check the version of php", "published": "2015-10-07T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869941", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015-14977", "https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166357.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-08-30T19:22:09", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310869941", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2015-14977\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869941\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-07 18:40:12 +0530 (Wed, 07 Oct 2015)\");\n script_cve_id(\"CVE-2015-6834\", \"CVE-2015-6836\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2015-14977\");\n script_tag(name: \"summary\", value: \"Check the version of php\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"PHP is an HTML-embedded scripting language.\nPHP attempts to make it easy for developers to write dynamically generated web\npages. PHP also offers built-in database integration for several commercial and\nnon-commercial database management systems, so writing a database-enabled webpage\nwith PHP is fairly simple. The most common use of PHP coding is probably as a\nreplacement for CGI scripts.\n\nThe php package contains the module (often referred to as mod_php) which adds\nsupport for the PHP language to Apache HTTP Server.\n\");\n script_tag(name: \"affected\", value: \"php on Fedora 22\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-14977\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166357.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.6.13~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:22:09"}, {"bulletin": {"id": "OPENVAS:1361412562310869941", "hash": "d80941e9e0bca779102335a4252d0e156761f8c07bcae65a3f274eeeedddba8d", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for php FEDORA-2015-14977", "description": "Check the version of php", "published": "2015-10-07T00:00:00", "modified": "2016-05-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869941", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015-14977", "https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166357.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2017-07-02T21:12:30", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310869941", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2015-14977\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869941\");\n script_version(\"$Revision: 3374 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-05-24 09:01:05 +0200 (Tue, 24 May 2016) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-07 18:40:12 +0530 (Wed, 07 Oct 2015)\");\n script_cve_id(\"CVE-2015-6834\", \"CVE-2015-6836\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2015-14977\");\n script_tag(name: \"summary\", value: \"Check the version of php\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"PHP is an HTML-embedded scripting language.\nPHP attempts to make it easy for developers to write dynamically generated web\npages. PHP also offers built-in database integration for several commercial and\nnon-commercial database management systems, so writing a database-enabled webpage\nwith PHP is fairly simple. The most common use of PHP coding is probably as a\nreplacement for CGI scripts.\n\nThe php package contains the module (often referred to as mod_php) which adds\nsupport for the PHP language to Apache HTTP Server.\n\");\n script_tag(name: \"affected\", value: \"php on Fedora 22\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-14977\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166357.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/release\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.6.13~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:12:30"}], "viewCount": 12, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K17377", "SOL17377"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310808617", "OPENVAS:1361412562311220191543", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869939", "OPENVAS:703358", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310807505", "OPENVAS:1361412562310120396", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310120660", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310813191", "OPENVAS:1361412562310807091"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14702", "SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32511", "SECURITYVULNS:DOC:32566"]}, {"type": "nessus", "idList": ["FEDORA_2015-14978.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2015-601.NASL", "GENTOO_GLSA-201606-10.NASL", "WEB_APPLICATION_SCANNING_98805", "SUSE_SU-2015-1633-1.NASL", "PHP_5_6_13.NASL", "DEBIAN_DSA-3358.NASL", "SUSE_SU-2015-1818-1.NASL", "EULEROS_SA-2019-1543.NASL", "PHP_5_5_28.NASL", "FEDORA_2015-14977.NASL", "SUSE_SU-2015-1701-1.NASL", "ALA_ALAS-2016-670.NASL", "PHP_5_5_29.NASL", "UBUNTU_USN-2758-1.NASL", "OPENSUSE-2015-609.NASL", "9324.PRM", "F5_BIGIP_SOL17377.NASL", "PHP_5_4_45.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "FEDORA_2015-14976.NASL", "DEBIAN_DLA-341.NASL", "SUSE_SU-2016-1638-1.NASL", "ALA_ALAS-2015-602.NASL", "8861.PRM", "MACOSX_10_11_1.NASL", "MACOSX_SECUPD2015-007.NASL"]}, {"type": "fedora", "idList": ["FEDORA:F0C5861361B0", "FEDORA:90BE461976AB", "FEDORA:02C1260F4011"]}, {"type": "debian", "idList": ["DEBIAN:DLA-341-1:DA682", "DEBIAN:DSA-3358-1:5263D"]}, {"type": "amazon", "idList": ["ALAS-2015-601", "ALAS-2015-602", "ALAS-2017-788", "ALAS-2016-670"]}, {"type": "slackware", "idList": ["SSA-2015-274-02"]}, {"type": "freebsd", "idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6834", "UB:CVE-2015-6837", "UB:CVE-2015-6835", "UB:CVE-2015-6838", "UB:CVE-2015-6836"]}, {"type": "cve", "idList": ["CVE-2015-6837", "CVE-2015-6838", "CVE-2015-6834", "CVE-2015-6835", "CVE-2015-6836"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1701-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1"]}, {"type": "ubuntu", "idList": ["USN-2758-1"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "hackerone", "idList": ["H1:103996", "H1:104010", "H1:103997", "H1:103998", "H1:103995"]}, {"type": "exploitdb", "idList": ["EDB-ID:38122", "EDB-ID:38123", "EDB-ID:38120"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9936"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:138812", "PACKETSTORM:134949"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"]}, {"type": "kaspersky", "idList": ["KLA10746", "KLA10747"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1605798462"]}], "modified": "2019-05-29T18:36:15", "rev": 2}, "score": {"value": 6.6, "vector": "NONE", "modified": "2019-05-29T18:36:15", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310869941", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2015-14977\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869941\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-07 18:40:12 +0530 (Wed, 07 Oct 2015)\");\n script_cve_id(\"CVE-2015-6834\", \"CVE-2015-6836\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2015-14977\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"php on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-14977\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166357.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.6.13~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310808616", "hash": "49f06b00c20c4f00a460cfb6bb177db9", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP Directory Traversal Vulnerability - Jul16 (Windows)", "description": "This host is installed with PHP and is prone\n to Directory traversal vulnerability.", "published": "2016-07-14T00:00:00", "modified": "2018-10-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808616", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://www.openwall.com/lists/oss-security/2016/03/16/20", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2019-05-29T18:35:35", "history": [{"bulletin": {"id": "OPENVAS:1361412562310808616", "hash": "758fc13eeb55d46d59dccd869cff9b29bc4e3d391ed09bdfa30f093b4fa8fb00", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP Directory Traversal Vulnerability - Jul16 (Windows)", "description": "This host is installed with PHP and is prone\n to Directory traversal vulnerability.", "published": "2016-07-14T00:00:00", "modified": "2018-09-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808616", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://www.openwall.com/lists/oss-security/2016/03/16/20", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-09-21T16:10:00", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310808616", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_dir_traversal_vuln_win.nasl 11516 2018-09-21 11:15:17Z asteins $\n#\n# PHP Directory Traversal Vulnerability - Jul16 (Windows)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808616\");\n script_version(\"$Revision: 11516 $\");\n script_cve_id(\"CVE-2014-9767\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_bugtraq_id(76652, 76649, 76733, 76734, 76738);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-21 13:15:17 +0200 (Fri, 21 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-14 12:14:00 +0530 (Thu, 14 Jul 2016)\");\n script_name(\"PHP Directory Traversal Vulnerability - Jul16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to Directory traversal vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n\n - An error in the 'ZipArchive::extractTo' function in\n 'ext/zip/php_zip.c' script.\n\n - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2\n is used, does not consider the possibility of a NULL valuePop return value\n before proceeding with a free operation after the principal argument loop.\n\n - Improper handling of multiple php_var_unserialize calls.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow remote\n attackers to read arbitrary empty directories, also to cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29,\n or 5.6.13, or later. For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/03/16/20\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.28\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.12\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses"}, "differentElements": ["modified", "sourceData"], "edition": 6, "lastseen": "2018-09-21T16:10:00"}, {"bulletin": {"id": "OPENVAS:1361412562310808616", "hash": "2703aa66f0f48cf61e9e73fd84997611df2b1dd8f192b083b74818d0c6520583", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP Directory Traversal Vulnerability - Jul16 (Windows)", "description": "This host is installed with PHP and is prone\n to Directory traversal vulnerability.", "published": "2016-07-14T00:00:00", "modified": "2017-01-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808616", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://www.openwall.com/lists/oss-security/2016/03/16/20", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2017-07-02T21:13:08", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310808616", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_dir_traversal_vuln_win.nasl 5083 2017-01-24 11:21:46Z cfi $\n#\n# PHP Directory Traversal Vulnerability - Jul16 (Windows)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808616\");\n script_version(\"$Revision: 5083 $\");\n script_cve_id(\"CVE-2014-9767\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_bugtraq_id(76652, 76649, 76733, 76734, 76738);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-24 12:21:46 +0100 (Tue, 24 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-14 12:14:00 +0530 (Thu, 14 Jul 2016)\");\n script_name(\"PHP Directory Traversal Vulnerability - Jul16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to Directory traversal vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n - An error in the 'ZipArchive::extractTo' function in\n 'ext/zip/php_zip.c' script.\n - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2\n is used, does not consider the possibility of a NULL valuePop return value\n before proceeding with a free operation after the principal argument loop.\n - Improper handling of multiple php_var_unserialize calls.\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow remote\n attackers to read arbitrary empty directories, also to cause a denial of service.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29, \n or 5.6.13, or later. For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/03/16/20\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\",\"Host/runs_windows\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n## Variable Initialization\nphpPort = \"\";\nphpVer = \"\";\n\n## exit, if its not Windows\nif(host_runs(\"Windows\") != \"yes\") exit(0);\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\n## Check for version before 5.5.34\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\n## Check for version 5.5.x before 5.5.29\nelse if(phpVer =~ \"^(5\\.5)\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.28\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\n## Check for version 5.6.x before 5.6.13\nelse if(phpVer =~ \"^(5\\.6)\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.12\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses"}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:13:08"}, {"bulletin": {"id": "OPENVAS:1361412562310808616", "hash": "fd36adef01db1e6c0ca7144c8cd9f585d1cd3950c1094daef055cfcef9c159a7", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP Directory Traversal Vulnerability - Jul16 (Windows)", "description": "This host is installed with PHP and is prone\n to Directory traversal vulnerability.", "published": "2016-07-14T00:00:00", "modified": "2018-07-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808616", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://www.openwall.com/lists/oss-security/2016/03/16/20", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-07-10T17:51:54", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310808616", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_dir_traversal_vuln_win.nasl 10457 2018-07-09 06:23:47Z cfischer $\n#\n# PHP Directory Traversal Vulnerability - Jul16 (Windows)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808616\");\n script_version(\"$Revision: 10457 $\");\n script_cve_id(\"CVE-2014-9767\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_bugtraq_id(76652, 76649, 76733, 76734, 76738);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 08:23:47 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-14 12:14:00 +0530 (Thu, 14 Jul 2016)\");\n script_name(\"PHP Directory Traversal Vulnerability - Jul16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to Directory traversal vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n\n - An error in the 'ZipArchive::extractTo' function in\n 'ext/zip/php_zip.c' script.\n\n - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2\n is used, does not consider the possibility of a NULL valuePop return value\n before proceeding with a free operation after the principal argument loop.\n\n - Improper handling of multiple php_var_unserialize calls.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow remote\n attackers to read arbitrary empty directories, also to cause a denial of service.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29,\n or 5.6.13, or later. For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/03/16/20\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.28\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.12\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-07-10T17:51:54"}, {"bulletin": {"id": "OPENVAS:1361412562310808616", "hash": "a61a878a4def3dbc1566c9395b52c0ffd3088dab75fdb016fe8420f5a185b5e3", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP Directory Traversal Vulnerability - Jul16 (Windows)", "description": "This host is installed with PHP and is prone\n to Directory traversal vulnerability.", "published": "2016-07-14T00:00:00", "modified": "2018-07-09T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808616", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://www.openwall.com/lists/oss-security/2016/03/16/20", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-08-30T19:21:20", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310808616", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_dir_traversal_vuln_win.nasl 10457 2018-07-09 06:23:47Z cfischer $\n#\n# PHP Directory Traversal Vulnerability - Jul16 (Windows)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808616\");\n script_version(\"$Revision: 10457 $\");\n script_cve_id(\"CVE-2014-9767\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_bugtraq_id(76652, 76649, 76733, 76734, 76738);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 08:23:47 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-14 12:14:00 +0530 (Thu, 14 Jul 2016)\");\n script_name(\"PHP Directory Traversal Vulnerability - Jul16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to Directory traversal vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n\n - An error in the 'ZipArchive::extractTo' function in\n 'ext/zip/php_zip.c' script.\n\n - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2\n is used, does not consider the possibility of a NULL valuePop return value\n before proceeding with a free operation after the principal argument loop.\n\n - Improper handling of multiple php_var_unserialize calls.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow remote\n attackers to read arbitrary empty directories, also to cause a denial of service.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29,\n or 5.6.13, or later. For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/03/16/20\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.28\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.12\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:21:20"}, {"bulletin": {"id": "OPENVAS:1361412562310808616", "hash": "786ab42470dccd58ca5e95ea66c251bfba46e03f69c3cc9a8672771c59c43b84", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP Directory Traversal Vulnerability - Jul16 (Windows)", "description": "This host is installed with PHP and is prone\n to Directory traversal vulnerability.", "published": "2016-07-14T00:00:00", "modified": "2018-10-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808616", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://www.openwall.com/lists/oss-security/2016/03/16/20", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-10-22T16:37:35", "history": [], "viewCount": 2, "enchantments": {"dependencies": {"modified": "2018-10-22T16:37:35", "references": [{"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["KLA10929"], "type": "kaspersky"}, {"idList": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "type": "cve"}, {"idList": ["SOL17377", "F5:K17377"], "type": "f5"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:103995"], "type": "hackerone"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["FEDORA_2015-14978.NASL", "FEDORA_2015-14976.NASL", "PHP_5_5_29.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "PHP_5_4_45.NASL", "DEBIAN_DSA-3358.NASL", "PHP_5_6_13.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2016-670.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120396"], "type": "openvas"}, {"idList": ["RHSA-2016:0457", "RHSA-2016:2750"], "type": "redhat"}, {"idList": ["USN-2952-2", "USN-2952-1", "USN-2758-1"], "type": "ubuntu"}, {"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2016:1145-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1581-1", "OPENSUSE-SU-2016:1173-1", "SUSE-SU-2016:1166-1", "SUSE-SU-2015:1701-1", "OPENSUSE-SU-2016:1167-1"], "type": "suse"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310808616", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_dir_traversal_vuln_win.nasl 11938 2018-10-17 10:08:39Z asteins $\n#\n# PHP Directory Traversal Vulnerability - Jul16 (Windows)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808616\");\n script_version(\"$Revision: 11938 $\");\n script_cve_id(\"CVE-2014-9767\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_bugtraq_id(76652, 76649, 76733, 76734, 76738);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-17 12:08:39 +0200 (Wed, 17 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-14 12:14:00 +0530 (Thu, 14 Jul 2016)\");\n script_name(\"PHP Directory Traversal Vulnerability - Jul16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to Directory traversal vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n\n - An error in the 'ZipArchive::extractTo' function in\n 'ext/zip/php_zip.c' script.\n\n - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2\n is used, does not consider the possibility of a NULL valuePop return value\n before proceeding with a free operation after the principal argument loop.\n\n - Improper handling of multiple php_var_unserialize calls.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow remote\n attackers to read arbitrary empty directories, also to cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29,\n or 5.6.13, or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/03/16/20\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.28\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.12\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 7, "lastseen": "2018-10-22T16:37:35"}], "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K17377", "SOL17377"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120660", "OPENVAS:1361412562310842722", "OPENVAS:1361412562310869941", "OPENVAS:703358", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310120396", "OPENVAS:1361412562311220191543", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310813191", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310842720", "OPENVAS:1361412562310851285", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310703358", "OPENVAS:1361412562310851286"]}, {"type": "nessus", "idList": ["PHP_5_5_29.NASL", "SUSE_SU-2015-1633-1.NASL", "UBUNTU_USN-2952-2.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "OPENSUSE-2015-609.NASL", "MACOSX_10_11_1.NASL", "WEB_APPLICATION_SCANNING_98805", "FEDORA_2015-14977.NASL", "MACOSX_SECUPD2015-007.NASL", "OPENSUSE-2016-517.NASL", "FEDORA_2015-14978.NASL", "PHP_5_6_13.NASL", "UBUNTU_USN-2952-1.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "UBUNTU_USN-2758-1.NASL", "F5_BIGIP_SOL17377.NASL", "SUSE_SU-2016-1166-1.NASL", "PHP_5_4_45.NASL", "EULEROS_SA-2019-1543.NASL", "DEBIAN_DLA-341.NASL", "GENTOO_GLSA-201606-10.NASL", "SUSE_SU-2015-1818-1.NASL", "ALA_ALAS-2016-670.NASL", "8861.PRM", "ALA_ALAS-2015-601.NASL", "ALA_ALAS-2015-602.NASL", "DEBIAN_DSA-3358.NASL", "SUSE_SU-2016-1145-1.NASL", "PHP_7_0_0.NASL", "SUSE_SU-2015-1701-1.NASL", "9324.PRM", "FEDORA_2015-14976.NASL", "OPENSUSE-2016-516.NASL"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6835", "UB:CVE-2014-9767", "UB:CVE-2015-6834", "UB:CVE-2015-6837", "UB:CVE-2015-6838"]}, {"type": "cve", "idList": ["CVE-2015-6838", "CVE-2014-9767", "CVE-2015-6835", "CVE-2015-6834", "CVE-2015-6837"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32566", "SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32511"]}, {"type": "fedora", "idList": ["FEDORA:F0C5861361B0", "FEDORA:02C1260F4011", "FEDORA:90BE461976AB"]}, {"type": "debian", "idList": ["DEBIAN:DLA-341-1:DA682", "DEBIAN:DSA-3358-1:5263D"]}, {"type": "amazon", "idList": ["ALAS-2015-601", "ALAS-2017-788", "ALAS-2016-670", "ALAS-2015-602"]}, {"type": "slackware", "idList": ["SSA-2015-274-02"]}, {"type": "freebsd", "idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1701-1", "SUSE-SU-2016:1145-1", "OPENSUSE-SU-2015:1628-1", "OPENSUSE-SU-2016:1167-1", "SUSE-SU-2016:1166-1", "OPENSUSE-SU-2016:1173-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2015:1818-1"]}, {"type": "ubuntu", "idList": ["USN-2758-1", "USN-2952-2", "USN-2952-1"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "hackerone", "idList": ["H1:103998", "H1:103997", "H1:103996", "H1:103995"]}, {"type": "exploitdb", "idList": ["EDB-ID:38123", "EDB-ID:38122", "EDB-ID:38120"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9936"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"]}], "modified": "2019-05-29T18:35:35", "rev": 2}, "score": {"value": 6.8, "vector": "NONE", "modified": "2019-05-29T18:35:35", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310808616", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_dir_traversal_vuln_win.nasl 11938 2018-10-17 10:08:39Z asteins $\n#\n# PHP Directory Traversal Vulnerability - Jul16 (Windows)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808616\");\n script_version(\"$Revision: 11938 $\");\n script_cve_id(\"CVE-2014-9767\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_bugtraq_id(76652, 76649, 76733, 76734, 76738);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-17 12:08:39 +0200 (Wed, 17 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-14 12:14:00 +0530 (Thu, 14 Jul 2016)\");\n script_name(\"PHP Directory Traversal Vulnerability - Jul16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to Directory traversal vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n\n - An error in the 'ZipArchive::extractTo' function in\n 'ext/zip/php_zip.c' script.\n\n - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2\n is used, does not consider the possibility of a NULL valuePop return value\n before proceeding with a free operation after the principal argument loop.\n\n - Improper handling of multiple php_var_unserialize calls.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow remote\n attackers to read arbitrary empty directories, also to cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29,\n or 5.6.13, or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/03/16/20\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.28\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.12\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310808617", "hash": "aa65c8505dc13274fc502e007bd002ec", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP Directory Traversal Vulnerability - Jul16 (Linux)", "description": "This host is installed with PHP and is prone\n to Directory traversal vulnerability.", "published": "2016-07-14T00:00:00", "modified": "2019-03-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808617", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://www.openwall.com/lists/oss-security/2016/03/16/20", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2019-05-29T18:34:56", "history": [{"bulletin": {"id": "OPENVAS:1361412562310808617", "hash": "add98b9ab45d10b282faa4c140cf47578c87f1a5c6d579f0403d158fa9786d8c", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP Directory Traversal Vulnerability - Jul16 (Linux)", "description": "This host is installed with PHP and is prone\n to Directory traversal vulnerability.", "published": "2016-07-14T00:00:00", "modified": "2019-03-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808617", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://www.openwall.com/lists/oss-security/2016/03/16/20", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2019-03-15T12:26:44", "history": [], "viewCount": 6, "enchantments": {"dependencies": {"modified": "2019-03-15T12:26:44", "references": [{"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["KLA10929"], "type": "kaspersky"}, {"idList": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "type": "cve"}, {"idList": ["SOL17377", "F5:K17377"], "type": "f5"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310120396"], "type": "openvas"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:103995"], "type": "hackerone"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["FEDORA_2015-14978.NASL", "FEDORA_2015-14976.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "PHP_5_4_45.NASL", "FEDORA_2015-14977.NASL", "DEBIAN_DSA-3358.NASL", "PHP_5_6_13.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2016-670.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["RHSA-2016:0457", "RHSA-2016:2750"], "type": "redhat"}, {"idList": ["USN-2952-2", "USN-2952-1", "USN-2758-1"], "type": "ubuntu"}, {"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2016:1145-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1581-1", "OPENSUSE-SU-2016:1173-1", "SUSE-SU-2016:1166-1", "SUSE-SU-2015:1701-1", "OPENSUSE-SU-2016:1167-1"], "type": "suse"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310808617", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_dir_traversal_vuln_lin.nasl 14181 2019-03-14 12:59:41Z cfischer $\n#\n# PHP Directory Traversal Vulnerability - Jul16 (Linux)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808617\");\n script_version(\"$Revision: 14181 $\");\n script_cve_id(\"CVE-2014-9767\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_bugtraq_id(76652, 76649, 76733, 76734, 76738);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:59:41 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-14 12:14:00 +0530 (Thu, 14 Jul 2016)\");\n script_name(\"PHP Directory Traversal Vulnerability - Jul16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to Directory traversal vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n\n - An error in the 'ZipArchive::extractTo' function in\n 'ext/zip/php_zip.c' script.\n\n - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2\n is used, does not consider the possibility of a NULL valuePop return value\n before proceeding with a free operation after the principal argument loop.\n\n - Improper handling of multiple php_var_unserialize calls.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow remote\n attackers to read arbitrary empty directories, also to cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29,\n or 5.6.13, or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/03/16/20\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_unixoide\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.28\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.12\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 8, "lastseen": "2019-03-15T12:26:44"}, {"bulletin": {"id": "OPENVAS:1361412562310808617", "hash": "a45ba1983dd6d812677a6e39dc6185b15125402c34fd555c06bd0f11b8a71870", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP Directory Traversal Vulnerability - Jul16 (Linux)", "description": "This host is installed with PHP and is prone\n to Directory traversal vulnerability.", "published": "2016-07-14T00:00:00", "modified": "2018-07-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808617", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://www.openwall.com/lists/oss-security/2016/03/16/20", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-07-10T17:49:00", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310808617", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_dir_traversal_vuln_lin.nasl 10457 2018-07-09 06:23:47Z cfischer $\n#\n# PHP Directory Traversal Vulnerability - Jul16 (Linux)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808617\");\n script_version(\"$Revision: 10457 $\");\n script_cve_id(\"CVE-2014-9767\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_bugtraq_id(76652, 76649, 76733, 76734, 76738);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 08:23:47 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-14 12:14:00 +0530 (Thu, 14 Jul 2016)\");\n script_name(\"PHP Directory Traversal Vulnerability - Jul16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to Directory traversal vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n\n - An error in the 'ZipArchive::extractTo' function in\n 'ext/zip/php_zip.c' script.\n\n - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2\n is used, does not consider the possibility of a NULL valuePop return value\n before proceeding with a free operation after the principal argument loop.\n\n - Improper handling of multiple php_var_unserialize calls.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow remote\n attackers to read arbitrary empty directories, also to cause a denial of service.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29,\n or 5.6.13, or later. For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/03/16/20\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_unixoide\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.28\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.12\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);\n", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-07-10T17:49:00"}, {"bulletin": {"id": "OPENVAS:1361412562310808617", "hash": "549046597c1df0cb191b22f6949558650329be28d1e58e11c081325fed6a5fad", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP Directory Traversal Vulnerability - Jul16 (Linux)", "description": "This host is installed with PHP and is prone\n to Directory traversal vulnerability.", "published": "2016-07-14T00:00:00", "modified": "2018-07-09T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808617", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://www.openwall.com/lists/oss-security/2016/03/16/20", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-08-30T19:20:41", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310808617", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_dir_traversal_vuln_lin.nasl 10457 2018-07-09 06:23:47Z cfischer $\n#\n# PHP Directory Traversal Vulnerability - Jul16 (Linux)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808617\");\n script_version(\"$Revision: 10457 $\");\n script_cve_id(\"CVE-2014-9767\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_bugtraq_id(76652, 76649, 76733, 76734, 76738);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 08:23:47 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-14 12:14:00 +0530 (Thu, 14 Jul 2016)\");\n script_name(\"PHP Directory Traversal Vulnerability - Jul16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to Directory traversal vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n\n - An error in the 'ZipArchive::extractTo' function in\n 'ext/zip/php_zip.c' script.\n\n - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2\n is used, does not consider the possibility of a NULL valuePop return value\n before proceeding with a free operation after the principal argument loop.\n\n - Improper handling of multiple php_var_unserialize calls.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow remote\n attackers to read arbitrary empty directories, also to cause a denial of service.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29,\n or 5.6.13, or later. For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/03/16/20\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_unixoide\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.28\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.12\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);\n", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:20:41"}, {"bulletin": {"id": "OPENVAS:1361412562310808617", "hash": "f44ad17c801b1b907cb2e321e0fb0868bd1e15123a106d65a3ce859fd9893831", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP Directory Traversal Vulnerability - Jul16 (Linux)", "description": "This host is installed with PHP and is prone\n to Directory traversal vulnerability.", "published": "2016-07-14T00:00:00", "modified": "2017-10-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808617", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://www.openwall.com/lists/oss-security/2016/03/16/20", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2017-10-25T14:41:34", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310808617", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_dir_traversal_vuln_lin.nasl 7545 2017-10-24 11:45:30Z cfischer $\n#\n# PHP Directory Traversal Vulnerability - Jul16 (Linux)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808617\");\n script_version(\"$Revision: 7545 $\");\n script_cve_id(\"CVE-2014-9767\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_bugtraq_id(76652, 76649, 76733, 76734, 76738);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-10-24 13:45:30 +0200 (Tue, 24 Oct 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-14 12:14:00 +0530 (Thu, 14 Jul 2016)\");\n script_name(\"PHP Directory Traversal Vulnerability - Jul16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to Directory traversal vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n - An error in the 'ZipArchive::extractTo' function in\n 'ext/zip/php_zip.c' script.\n - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2\n is used, does not consider the possibility of a NULL valuePop return value\n before proceeding with a free operation after the principal argument loop.\n - Improper handling of multiple php_var_unserialize calls.\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow remote\n attackers to read arbitrary empty directories, also to cause a denial of service.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29, \n or 5.6.13, or later. For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/03/16/20\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\",\"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n## Variable Initialization\nphpPort = \"\";\nphpVer = \"\";\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\n## Check for version before 5.5.34\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\n## Check for version 5.5.x before 5.5.29\nelse if(phpVer =~ \"^(5\\.5)\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.28\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\n## Check for version 5.6.x before 5.6.13\nelse if(phpVer =~ \"^(5\\.6)\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.12\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);\n", "naslFamily": "Web application abuses"}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-25T14:41:34"}, {"bulletin": {"id": "OPENVAS:1361412562310808617", "hash": "a45ba1983dd6d812677a6e39dc6185b15125402c34fd555c06bd0f11b8a71870", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP Directory Traversal Vulnerability - Jul16 (Linux)", "description": "This host is installed with PHP and is prone\n to Directory traversal vulnerability.", "published": "2016-07-14T00:00:00", "modified": "2018-07-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808617", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://www.openwall.com/lists/oss-security/2016/03/16/20", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2014-9767", "CVE-2015-6834", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6838"], "lastseen": "2018-09-01T23:45:24", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310808617", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_dir_traversal_vuln_lin.nasl 10457 2018-07-09 06:23:47Z cfischer $\n#\n# PHP Directory Traversal Vulnerability - Jul16 (Linux)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808617\");\n script_version(\"$Revision: 10457 $\");\n script_cve_id(\"CVE-2014-9767\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_bugtraq_id(76652, 76649, 76733, 76734, 76738);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 08:23:47 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-14 12:14:00 +0530 (Thu, 14 Jul 2016)\");\n script_name(\"PHP Directory Traversal Vulnerability - Jul16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to Directory traversal vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n\n - An error in the 'ZipArchive::extractTo' function in\n 'ext/zip/php_zip.c' script.\n\n - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2\n is used, does not consider the possibility of a NULL valuePop return value\n before proceeding with a free operation after the principal argument loop.\n\n - Improper handling of multiple php_var_unserialize calls.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow remote\n attackers to read arbitrary empty directories, also to cause a denial of service.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29,\n or 5.6.13, or later. For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/03/16/20\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_unixoide\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.28\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.12\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);\n", "naslFamily": "Web application abuses"}, "differentElements": ["modified", "sourceData"], "edition": 5, "lastseen": "2018-09-01T23:45:24"}], "viewCount": 32, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K17377", "SOL17377"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120660", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869941", "OPENVAS:703358", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310120396", "OPENVAS:1361412562311220191543", "OPENVAS:1361412562310842722", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310813191", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310842720", "OPENVAS:1361412562310851285", "OPENVAS:1361412562310703358", "OPENVAS:1361412562310851286"]}, {"type": "nessus", "idList": ["PHP_5_5_29.NASL", "SUSE_SU-2015-1633-1.NASL", "UBUNTU_USN-2952-2.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "OPENSUSE-2015-609.NASL", "MACOSX_10_11_1.NASL", "WEB_APPLICATION_SCANNING_98805", "FEDORA_2015-14977.NASL", "MACOSX_SECUPD2015-007.NASL", "OPENSUSE-2016-517.NASL", "FEDORA_2015-14978.NASL", "PHP_5_6_13.NASL", "UBUNTU_USN-2952-1.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "UBUNTU_USN-2758-1.NASL", "F5_BIGIP_SOL17377.NASL", "SUSE_SU-2016-1166-1.NASL", "PHP_5_4_45.NASL", "EULEROS_SA-2019-1543.NASL", "DEBIAN_DLA-341.NASL", "GENTOO_GLSA-201606-10.NASL", "SUSE_SU-2015-1818-1.NASL", "ALA_ALAS-2016-670.NASL", "8861.PRM", "ALA_ALAS-2015-601.NASL", "ALA_ALAS-2015-602.NASL", "DEBIAN_DSA-3358.NASL", "SUSE_SU-2016-1145-1.NASL", "PHP_7_0_0.NASL", "SUSE_SU-2015-1701-1.NASL", "9324.PRM", "FEDORA_2015-14976.NASL", "OPENSUSE-2016-516.NASL"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6835", "UB:CVE-2014-9767", "UB:CVE-2015-6834", "UB:CVE-2015-6837", "UB:CVE-2015-6838"]}, {"type": "cve", "idList": ["CVE-2015-6838", "CVE-2014-9767", "CVE-2015-6835", "CVE-2015-6834", "CVE-2015-6837"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32566", "SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32511"]}, {"type": "fedora", "idList": ["FEDORA:F0C5861361B0", "FEDORA:02C1260F4011", "FEDORA:90BE461976AB"]}, {"type": "debian", "idList": ["DEBIAN:DLA-341-1:DA682", "DEBIAN:DSA-3358-1:5263D"]}, {"type": "amazon", "idList": ["ALAS-2015-601", "ALAS-2017-788", "ALAS-2016-670", "ALAS-2015-602"]}, {"type": "slackware", "idList": ["SSA-2015-274-02"]}, {"type": "freebsd", "idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1701-1", "SUSE-SU-2016:1145-1", "OPENSUSE-SU-2015:1628-1", "OPENSUSE-SU-2016:1167-1", "SUSE-SU-2016:1166-1", "OPENSUSE-SU-2016:1173-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2015:1818-1"]}, {"type": "ubuntu", "idList": ["USN-2758-1", "USN-2952-2", "USN-2952-1"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "hackerone", "idList": ["H1:103998", "H1:103997", "H1:103996", "H1:103995"]}, {"type": "exploitdb", "idList": ["EDB-ID:38123", "EDB-ID:38122", "EDB-ID:38120"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9936"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"]}], "modified": "2019-05-29T18:34:56", "rev": 2}, "score": {"value": 6.4, "vector": "NONE", "modified": "2019-05-29T18:34:56", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310808617", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_dir_traversal_vuln_lin.nasl 14181 2019-03-14 12:59:41Z cfischer $\n#\n# PHP Directory Traversal Vulnerability - Jul16 (Linux)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808617\");\n script_version(\"$Revision: 14181 $\");\n script_cve_id(\"CVE-2014-9767\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6837\",\n \"CVE-2015-6838\");\n script_bugtraq_id(76652, 76649, 76733, 76734, 76738);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:59:41 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-14 12:14:00 +0530 (Thu, 14 Jul 2016)\");\n script_name(\"PHP Directory Traversal Vulnerability - Jul16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to Directory traversal vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n\n - An error in the 'ZipArchive::extractTo' function in\n 'ext/zip/php_zip.c' script.\n\n - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2\n is used, does not consider the possibility of a NULL valuePop return value\n before proceeding with a free operation after the principal argument loop.\n\n - Improper handling of multiple php_var_unserialize calls.\n\n - Multiple use-after-free vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow remote\n attackers to read arbitrary empty directories, also to cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29,\n or 5.6.13, or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/03/16/20\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_unixoide\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.28\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.12\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310850689", "hash": "523a2ebc7c771156220a1391bb1c15a1", "type": "openvas", "bulletinFamily": "scanner", "title": "openSUSE: Security Advisory for php5 (openSUSE-SU-2015:1628-1)", "description": "The remote host is missing an update for the ", "published": "2015-09-26T00:00:00", "modified": "2020-01-31T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850689", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015:1628-1"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6832", "CVE-2015-6838"], "lastseen": "2020-01-31T18:37:15", "history": [{"bulletin": {"id": "OPENVAS:1361412562310850689", "hash": "fea9112e2f5ad00b0984bca9a82cb0e984b2a4e26b2b0413743435ce8d358765", "type": "openvas", "bulletinFamily": "scanner", "title": "SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)", "description": "The remote host is missing an update for the ", "published": "2015-09-26T00:00:00", "modified": "2018-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850689", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015:1628_1"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6832", "CVE-2015-6838"], "lastseen": "2019-05-29T18:36:08", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"modified": "2019-05-29T18:36:08", "references": [{"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["THN:ADC5E0B7C8DF1100E34C28AC74897A50"], "type": "thn"}, {"idList": ["KLA10929", "KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8", "787EF75E-44DA-11E5-93AD-002590263BF5"], "type": "freebsd"}, {"idList": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6832", "CVE-2015-6838"], "type": "cve"}, {"idList": ["SOL17377", "F5:K17377"], "type": "f5"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["ALAS-2017-788", "ALAS-2015-585", "ALAS-2015-602", "ALAS-2015-584", "ALAS-2015-601", "ALAS-2016-670", "ALAS-2015-583"], "type": "amazon"}, {"idList": ["FEDORA_2015-14978.NASL", "SUSE_SU-2015-1818-1.NASL", "FEDORA_2015-14976.NASL", "SUSE_SU-2015-1633-1.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "OPENSUSE-2015-609.NASL", "DEBIAN_DLA-341.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2016-670.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}, {"idList": ["H1:104016", "H1:103996", "H1:103998", "H1:103997", "H1:104010", "H1:104019", "H1:104018", "H1:103995"], "type": "hackerone"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310807088", "OPENVAS:1361412562310807503", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310842472"], "type": "openvas"}]}, "score": {"modified": "2019-05-29T18:36:08", "value": 7.4, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310850689", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2015_1628_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850689\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-26 07:59:56 +0200 (Sat, 26 Sep 2015)\");\n script_cve_id(\"CVE-2015-6831\", \"CVE-2015-6832\", \"CVE-2015-6833\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\", \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php5'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The PHP5 script interpreter was updated to fix various security issues:\n\n * CVE-2015-6831: A use after free vulnerability in unserialize() has been\n fixed which could be used to crash php or potentially execute code.\n [bnc#942291] [bnc#942294] [bnc#942295]\n\n * CVE-2015-6832: A dangling pointer in the unserialization of ArrayObject\n items could be used to crash php or potentially execute code.\n [bnc#942293]\n\n * CVE-2015-6833: A directory traversal when extracting ZIP files could be\n used to overwrite files outside of intended area. [bnc#942296]\n\n * CVE-2015-6834: A Use After Free Vulnerability in unserialize() has been\n fixed which could be used to crash php or potentially execute code.\n [bnc#945403]\n\n * CVE-2015-6835: A Use After Free Vulnerability in session unserialize()\n has been fixed which could be used to crash php or potentially execute\n code. [bnc#945402]\n\n * CVE-2015-6836: A SOAP serialize_function_call() type confusion leading\n to remote code execution problem was fixed. [bnc#945428]\n\n * CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the\n XSLTProcessor class were fixed. [bnc#945412]\");\n script_tag(name:\"affected\", value:\"php5 on openSUSE 13.2, openSUSE 13.1\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:1628_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE13\\.2|openSUSE13\\.1)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird\", rpm:\"php5-firebird~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird-debuginfo\", rpm:\"php5-firebird-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-opcache\", rpm:\"php5-opcache~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-opcache-debuginfo\", rpm:\"php5-opcache-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird\", rpm:\"php5-firebird~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird-debuginfo\", rpm:\"php5-firebird-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "SuSE Local Security Checks"}, "differentElements": ["references", "modified", "sourceData", "title"], "edition": 10, "lastseen": "2019-05-29T18:36:08"}, {"bulletin": {"id": "OPENVAS:1361412562310850689", "hash": "8ec8d530d0b090fbb3182c125df825918d84dc4f7f7b877353962b521caf3ef4", "type": "openvas", "bulletinFamily": "scanner", "title": "SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)", "description": "Check the version of php5", "published": "2015-09-26T00:00:00", "modified": "2018-11-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850689", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015:1628_1"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6832", "CVE-2015-6838"], "lastseen": "2018-11-12T12:45:27", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310850689", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2015_1628_1.nasl 12294 2018-11-09 15:31:55Z cfischer $\n#\n# SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850689\");\n script_version(\"$Revision: 12294 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-09 16:31:55 +0100 (Fri, 09 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-26 07:59:56 +0200 (Sat, 26 Sep 2015)\");\n script_cve_id(\"CVE-2015-6831\", \"CVE-2015-6832\", \"CVE-2015-6833\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\", \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)\");\n script_tag(name:\"summary\", value:\"Check the version of php5\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The PHP5 script interpreter was updated to fix various security issues:\n\n * CVE-2015-6831: A use after free vulnerability in unserialize() has been\n fixed which could be used to crash php or potentially execute code.\n [bnc#942291] [bnc#942294] [bnc#942295]\n\n * CVE-2015-6832: A dangling pointer in the unserialization of ArrayObject\n items could be used to crash php or potentially execute code.\n [bnc#942293]\n\n * CVE-2015-6833: A directory traversal when extracting ZIP files could be\n used to overwrite files outside of intended area. [bnc#942296]\n\n * CVE-2015-6834: A Use After Free Vulnerability in unserialize() has been\n fixed which could be used to crash php or potentially execute code.\n [bnc#945403]\n\n * CVE-2015-6835: A Use After Free Vulnerability in session unserialize()\n has been fixed which could be used to crash php or potentially execute\n code. [bnc#945402]\n\n * CVE-2015-6836: A SOAP serialize_function_call() type confusion leading\n to remote code execution problem was fixed. [bnc#945428]\n\n * CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the\n XSLTProcessor class were fixed. [bnc#945412]\");\n script_tag(name:\"affected\", value:\"php5 on openSUSE 13.2, openSUSE 13.1\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:1628_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE13\\.2|openSUSE13\\.1)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird\", rpm:\"php5-firebird~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird-debuginfo\", rpm:\"php5-firebird-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-opcache\", rpm:\"php5-opcache~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-opcache-debuginfo\", rpm:\"php5-opcache-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird\", rpm:\"php5-firebird~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird-debuginfo\", rpm:\"php5-firebird-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "SuSE Local Security Checks"}, "differentElements": ["description", "modified", "sourceData"], "edition": 8, "lastseen": "2018-11-12T12:45:27"}, {"bulletin": {"id": "OPENVAS:1361412562310850689", "hash": "16f861140c8c991245749cb9383985d3b870d3938916b4470c3713dac3f16fed", "type": "openvas", "bulletinFamily": "scanner", "title": "SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)", "description": "Check the version of php5", "published": "2015-09-26T00:00:00", "modified": "2017-12-08T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850689", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015:1628_1"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6832", "CVE-2015-6838"], "lastseen": "2018-09-01T23:49:58", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310850689", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2015_1628_1.nasl 8046 2017-12-08 08:48:56Z santu $\n#\n# SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850689\");\n script_version(\"$Revision: 8046 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 09:48:56 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-26 07:59:56 +0200 (Sat, 26 Sep 2015)\");\n script_cve_id(\"CVE-2015-6831\", \"CVE-2015-6832\", \"CVE-2015-6833\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\", \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)\");\n script_tag(name: \"summary\", value: \"Check the version of php5\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"\n The PHP5 script interpreter was updated to fix various security issues:\n\n * CVE-2015-6831: A use after free vulnerability in unserialize() has been\n fixed which could be used to crash php or potentially execute code.\n [bnc#942291] [bnc#942294] [bnc#942295]\n * CVE-2015-6832: A dangling pointer in the unserialization of ArrayObject\n items could be used to crash php or potentially execute code.\n [bnc#942293]\n * CVE-2015-6833: A directory traversal when extracting ZIP files could be\n used to overwrite files outside of intended area. [bnc#942296]\n * CVE-2015-6834: A Use After Free Vulnerability in unserialize() has been\n fixed which could be used to crash php or potentially execute code.\n [bnc#945403]\n * CVE-2015-6835: A Use After Free Vulnerability in session unserialize()\n has been fixed which could be used to crash php or potentially execute\n code. [bnc#945402]\n * CVE-2015-6836: A SOAP serialize_function_call() type confusion leading\n to remote code execution problem was fixed. [bnc#945428]\n * CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the\n XSLTProcessor class were fixed. [bnc#945412]\");\n script_tag(name: \"affected\", value: \"php5 on openSUSE 13.2, openSUSE 13.1\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"openSUSE-SU\", value: \"2015:1628_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE13.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird\", rpm:\"php5-firebird~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird-debuginfo\", rpm:\"php5-firebird-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-opcache\", rpm:\"php5-opcache~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-opcache-debuginfo\", rpm:\"php5-opcache-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird\", rpm:\"php5-firebird~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird-debuginfo\", rpm:\"php5-firebird-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "SuSE Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 6, "lastseen": "2018-09-01T23:49:58"}, {"bulletin": {"id": "OPENVAS:1361412562310850689", "hash": "04808066fdb32e9d6289e2f65739caa73c9dca0df32844067d0df951538aa81c", "type": "openvas", "bulletinFamily": "scanner", "title": "SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)", "description": "Check the version of php5", "published": "2015-09-26T00:00:00", "modified": "2017-06-29T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850689", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015:1628_1", "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00025.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6832", "CVE-2015-6838"], "lastseen": "2017-07-14T10:52:21", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310850689", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850689\");\n script_version(\"$Revision: 6486 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-06-29 11:59:06 +0200 (Thu, 29 Jun 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-26 07:59:56 +0200 (Sat, 26 Sep 2015)\");\n script_cve_id(\"CVE-2015-6831\", \"CVE-2015-6832\", \"CVE-2015-6833\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\", \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)\");\n script_tag(name: \"summary\", value: \"Check the version of php5\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"\n The PHP5 script interpreter was updated to fix various security issues:\n\n * CVE-2015-6831: A use after free vulnerability in unserialize() has been\n fixed which could be used to crash php or potentially execute code.\n [bnc#942291] [bnc#942294] [bnc#942295]\n * CVE-2015-6832: A dangling pointer in the unserialization of ArrayObject\n items could be used to crash php or potentially execute code.\n [bnc#942293]\n * CVE-2015-6833: A directory traversal when extracting ZIP files could be\n used to overwrite files outside of intended area. [bnc#942296]\n * CVE-2015-6834: A Use After Free Vulnerability in unserialize() has been\n fixed which could be used to crash php or potentially execute code.\n [bnc#945403]\n * CVE-2015-6835: A Use After Free Vulnerability in session unserialize()\n has been fixed which could be used to crash php or potentially execute\n code. [bnc#945402]\n * CVE-2015-6836: A SOAP serialize_function_call() type confusion leading\n to remote code execution problem was fixed. [bnc#945428]\n * CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the\n XSLTProcessor class were fixed. [bnc#945412]\");\n script_tag(name: \"affected\", value: \"php5 on openSUSE 13.2, openSUSE 13.1\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"openSUSE-SU\", value: \"2015:1628_1\");\n script_xref(name: \"URL\" , value: \"http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00025.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:novell:opensuse\", \"login/SSH/success\", \"ssh/login/release\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE13.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird\", rpm:\"php5-firebird~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird-debuginfo\", rpm:\"php5-firebird-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-opcache\", rpm:\"php5-opcache~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-opcache-debuginfo\", rpm:\"php5-opcache-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird\", rpm:\"php5-firebird~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird-debuginfo\", rpm:\"php5-firebird-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "SuSE Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-07-14T10:52:21"}, {"bulletin": {"id": "OPENVAS:1361412562310850689", "hash": "576d1b338f3ad91bb521ad42725b375ae2dab41629fcf654e3a9b25f4d31b284", "type": "openvas", "bulletinFamily": "scanner", "title": "SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)", "description": "The remote host is missing an update for the ", "published": "2015-09-26T00:00:00", "modified": "2018-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850689", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2015:1628_1"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6832", "CVE-2015-6838"], "lastseen": "2018-11-19T13:01:22", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"modified": "2018-11-19T13:01:22", "references": [{"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["THN:ADC5E0B7C8DF1100E34C28AC74897A50"], "type": "thn"}, {"idList": ["KLA10929", "KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8", "787EF75E-44DA-11E5-93AD-002590263BF5"], "type": "freebsd"}, {"idList": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-6832", "CVE-2015-6838"], "type": "cve"}, {"idList": ["SOL17377", "F5:K17377"], "type": "f5"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["ALAS-2017-788", "ALAS-2015-585", "ALAS-2015-602", "ALAS-2015-584", "ALAS-2015-601", "ALAS-2016-670", "ALAS-2015-583"], "type": "amazon"}, {"idList": ["H1:104016", "H1:103996", "H1:103998", "H1:103997", "H1:104010", "H1:104019", "H1:104018", "H1:103995"], "type": "hackerone"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["FEDORA_2015-14978.NASL", "SUSE_SU-2015-1818-1.NASL", "FEDORA_2015-14976.NASL", "SUSE_SU-2015-1633-1.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "OPENSUSE-2015-609.NASL", "PHP_5_6_13.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2016-670.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310807088", "OPENVAS:1361412562310807503", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310842472"], "type": "openvas"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310850689", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2015_1628_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850689\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-26 07:59:56 +0200 (Sat, 26 Sep 2015)\");\n script_cve_id(\"CVE-2015-6831\", \"CVE-2015-6832\", \"CVE-2015-6833\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\", \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for php5 openSUSE-SU-2015:1628-1 (php5)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php5'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The PHP5 script interpreter was updated to fix various security issues:\n\n * CVE-2015-6831: A use after free vulnerability in unserialize() has been\n fixed which could be used to crash php or potentially execute code.\n [bnc#942291] [bnc#942294] [bnc#942295]\n\n * CVE-2015-6832: A dangling pointer in the unserialization of ArrayObject\n items could be used to crash php or potentially execute code.\n [bnc#942293]\n\n * CVE-2015-6833: A directory traversal when extracting ZIP files could be\n used to overwrite files outside of intended area. [bnc#942296]\n\n * CVE-2015-6834: A Use After Free Vulnerability in unserialize() has been\n fixed which could be used to crash php or potentially execute code.\n [bnc#945403]\n\n * CVE-2015-6835: A Use After Free Vulnerability in session unserialize()\n has been fixed which could be used to crash php or potentially execute\n code. [bnc#945402]\n\n * CVE-2015-6836: A SOAP serialize_function_call() type confusion leading\n to remote code execution problem was fixed. [bnc#945428]\n\n * CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the\n XSLTProcessor class were fixed. [bnc#945412]\");\n script_tag(name:\"affected\", value:\"php5 on openSUSE 13.2, openSUSE 13.1\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:1628_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE13\\.2|openSUSE13\\.1)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird\", rpm:\"php5-firebird~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird-debuginfo\", rpm:\"php5-firebird-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-opcache\", rpm:\"php5-opcache~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-opcache-debuginfo\", rpm:\"php5-opcache-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.6.1~36.1\", rls:\"openSUSE13.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird\", rpm:\"php5-firebird~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-firebird-debuginfo\", rpm:\"php5-firebird-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.4.20~67.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "SuSE Local Security Checks"}, "differentElements": ["cvss"], "edition": 9, "lastseen": "2018-11-19T13:01:22"}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K17377", "SOL17377"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1633-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1818-1", "SUSE-SU-2015:1701-1"]}, {"type": "nessus", "idList": ["FEDORA_2015-14978.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2015-601.NASL", "WEB_APPLICATION_SCANNING_98804", "ALA_ALAS-2015-585.NASL", "GENTOO_GLSA-201606-10.NASL", "WEB_APPLICATION_SCANNING_98805", "ALA_ALAS-2015-584.NASL", "SUSE_SU-2015-1633-1.NASL", "PHP_5_6_13.NASL", "DEBIAN_DSA-3358.NASL", "SUSE_SU-2015-1818-1.NASL", "PHP_5_5_28.NASL", "FEDORA_2015-14977.NASL", "SUSE_SU-2015-1701-1.NASL", "ALA_ALAS-2016-670.NASL", "PHP_5_5_29.NASL", "ALA_ALAS-2015-583.NASL", "UBUNTU_USN-2758-1.NASL", "8959.PRM", "OPENSUSE-2015-609.NASL", "8960.PRM", "F5_BIGIP_SOL17377.NASL", "PHP_5_4_45.NASL", "PHP_5_6_12.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "FEDORA_2015-14976.NASL", "DEBIAN_DLA-341.NASL", "FREEBSD_PKG_787EF75E44DA11E593AD002590263BF5.NASL", "ALA_ALAS-2015-602.NASL", "8861.PRM", "PHP_5_4_44.NASL", "DEBIAN_DSA-3344.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310807503", "OPENVAS:703358", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310807088", "OPENVAS:1361412562310807505", "OPENVAS:1361412562310120396", "OPENVAS:1361412562310120660", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310807091"]}, {"type": "ubuntu", "idList": ["USN-2758-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32511"]}, {"type": "fedora", "idList": ["FEDORA:F0C5861361B0", "FEDORA:90BE461976AB", "FEDORA:02C1260F4011"]}, {"type": "debian", "idList": ["DEBIAN:DLA-341-1:DA682", "DEBIAN:DSA-3358-1:5263D"]}, {"type": "amazon", "idList": ["ALAS-2015-584", "ALAS-2015-601", "ALAS-2016-670", "ALAS-2015-585", "ALAS-2015-602", "ALAS-2015-583"]}, {"type": "slackware", "idList": ["SSA-2015-274-02"]}, {"type": "freebsd", "idList": ["787EF75E-44DA-11E5-93AD-002590263BF5", "3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6834", "UB:CVE-2015-6837", "UB:CVE-2015-6831", "UB:CVE-2015-6835", "UB:CVE-2015-6833", "UB:CVE-2015-6838", "UB:CVE-2015-6832", "UB:CVE-2015-6836"]}, {"type": "cve", "idList": ["CVE-2015-6837", "CVE-2015-6831", "CVE-2015-6833", "CVE-2015-6832", "CVE-2015-6838", "CVE-2015-6834", "CVE-2015-6835", "CVE-2015-6836"]}, {"type": "kaspersky", "idList": ["KLA10746", "KLA10747"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "hackerone", "idList": ["H1:103996", "H1:104019", "H1:104016", "H1:103997", "H1:103998", "H1:103995"]}, {"type": "exploitdb", "idList": ["EDB-ID:38122", "EDB-ID:38123", "EDB-ID:38120"]}], "modified": "2020-01-31T18:37:15", "rev": 2}, "score": {"value": 7.6, "vector": "NONE", "modified": "2020-01-31T18:37:15", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310850689", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850689\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-09-26 07:59:56 +0200 (Sat, 26 Sep 2015)\");\n script_cve_id(\"CVE-2015-6831\", \"CVE-2015-6832\", \"CVE-2015-6833\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\", \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for php5 (openSUSE-SU-2015:1628-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php5'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The PHP5 script interpreter was updated to fix various security issues:\n\n * CVE-2015-6831: A use after free vulnerability in unserialize() has been\n fixed which could be used to crash php or potentially execute code.\n [bnc#942291] [bnc#942294] [bnc#942295]\n\n * CVE-2015-6832: A dangling pointer in the unserialization of ArrayObject\n items could be used to crash php or potentially execute code.\n [bnc#942293]\n\n * CVE-2015-6833: A directory traversal when extracting ZIP files could be\n used to overwrite files outside of intended area. [bnc#942296]\n\n * CVE-2015-6834: A Use After Free Vulnerability in unserialize() has been\n fixed which could be used to crash php or potentially execute code.\n [bnc#945403]\n\n * CVE-2015-6835: A Use After Free Vulnerability in session unserialize()\n has been fixed which could be used to crash php or potentially execute\n code. [bnc#945402]\n\n * CVE-2015-6836: A SOAP serialize_function_call() type confusion leading\n to remote code execution problem was fixed. [bnc#945428]\n\n * CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the\n XSLTProcessor class were fixed. [bnc#945412]\");\n\n script_tag(name:\"affected\", value:\"php5 on openSUSE 13.2, openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:1628-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE13\\.2|openSUSE13\\.1)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-firebird\", rpm:\"php5-firebird~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-firebird-debuginfo\", rpm:\"php5-firebird-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-opcache\", rpm:\"php5-opcache~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-opcache-debuginfo\", rpm:\"php5-opcache-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.6.1~36.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSE13.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-firebird\", rpm:\"php5-firebird~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-firebird-debuginfo\", rpm:\"php5-firebird-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.4.20~67.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "SuSE Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310842472", "hash": "ee19bc1252436cebab7f270488e9f9ff", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for php5 USN-2758-1", "description": "The remote host is missing an update for the ", "published": "2015-10-01T00:00:00", "modified": "2019-03-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842472", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2758-1", "http://www.ubuntu.com/usn/usn-2758-1/"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-5590", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-5589", "CVE-2015-6832", "CVE-2015-6838"], "lastseen": "2019-05-29T18:36:12", "history": [{"bulletin": {"id": "OPENVAS:1361412562310842472", "hash": "56a834e2e6b3be361f2587714f9b1e29635323255015968ef61ab4393c7d040a", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for php5 USN-2758-1", "description": "The remote host is missing an update for the ", "published": "2015-10-01T00:00:00", "modified": "2019-03-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842472", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2758-1", "http://www.ubuntu.com/usn/usn-2758-1/"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-5590", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-5589", "CVE-2015-6832", "CVE-2015-6838"], "lastseen": "2019-03-14T14:26:58", "history": [], "viewCount": 2, "enchantments": {"dependencies": {"modified": "2019-03-14T14:26:58", "references": [{"idList": ["H1:104016", "H1:103996", "H1:103998", "H1:104010", "H1:104019", "H1:104018", "H1:103995"], "type": "hackerone"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DSA-3344-1:6EFDB", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32480", "SECURITYVULNS:DOC:32511", "SECURITYVULNS:VULN:14667"], "type": "securityvulns"}, {"idList": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-5590", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-5589", "CVE-2015-6832", "CVE-2015-6838"], "type": "cve"}, {"idList": ["KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["SOL17377", "F5:K17377"], "type": "f5"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310807088", "OPENVAS:1361412562310807503", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310850689"], "type": "openvas"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8", "8B1F53F3-2DA5-11E5-86FF-14DAE9D210B8", "787EF75E-44DA-11E5-93AD-002590263BF5"], "type": "freebsd"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123"], "type": "exploitdb"}, {"idList": ["FEDORA_2015-14978.NASL", "SUSE_SU-2015-1818-1.NASL", "FEDORA_2015-14976.NASL", "SUSE_SU-2015-1633-1.NASL", "PHP_5_5_29.NASL", "OPENSUSE-2015-609.NASL", "DEBIAN_DLA-341.NASL", "DEBIAN_DSA-3358.NASL", "UBUNTU_USN-2758-1.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}, {"idList": ["ALAS-2015-585", "ALAS-2015-602", "ALAS-2015-584", "ALAS-2015-601", "ALAS-2016-670", "ALAS-2015-583"], "type": "amazon"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}, {"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310842472", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for php5 USN-2758-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842472\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-01 07:12:58 +0200 (Thu, 01 Oct 2015)\");\n script_cve_id(\"CVE-2015-5589\", \"CVE-2015-5590\", \"CVE-2015-6831\", \"CVE-2015-6834\",\n \"CVE-2015-6835\", \"CVE-2015-6832\", \"CVE-2015-6833\", \"CVE-2015-6836\",\n \"CVE-2015-6837\", \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for php5 USN-2758-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php5'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that the PHP phar extension\nincorrectly handled certain files. A remote attacker could use this issue to cause\nPHP to crash, resulting in a denial of service. (CVE-2015-5589)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\nfilepaths. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-5590)\n\nTaoguang Chen discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6831, CVE-2015-6834, CVE-2015-6835\n\nSean Heelan discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6832)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\narchives. A remote attacker could use this issue to cause files to be\nplaced outside of the destination directory. (CVE-2015-6833)\n\nAndrea Palazzo discovered that the PHP Soap client incorrectly validated\ndata types. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6836)\n\nIt was discovered that the PHP XSLTProcessor class incorrectly handled\ncertain data. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service. (CVE-2015-6837)\");\n script_tag(name:\"affected\", value:\"php5 on Ubuntu 15.04,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2758-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2758-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(15\\.04|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Ubuntu Local Security Checks"}, "differentElements": ["cvss"], "edition": 10, "lastseen": "2019-03-14T14:26:58"}, {"bulletin": {"id": "OPENVAS:1361412562310842472", "hash": "926efb1c6c04f826e31d2cfae860a6bb581a727e8e2a5f9809d8a12e4619aea0", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for php5 USN-2758-1", "description": "Check the version of php5", "published": "2015-10-01T00:00:00", "modified": "2016-02-26T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842472", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2758-1", "https://lists.ubuntu.com/archives/ubuntu-security-announce/2015-September/003132.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-5590", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-5589", "CVE-2015-6832", "CVE-2015-6838"], "lastseen": "2017-07-02T21:12:20", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310842472", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for php5 USN-2758-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842472\");\n script_version(\"$Revision: 2740 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-02-26 14:42:49 +0100 (Fri, 26 Feb 2016) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-01 07:12:58 +0200 (Thu, 01 Oct 2015)\");\n script_cve_id(\"CVE-2015-5589\", \"CVE-2015-5590\", \"CVE-2015-6831\", \"CVE-2015-6834\",\n \"CVE-2015-6835\", \"CVE-2015-6832\", \"CVE-2015-6833\", \"CVE-2015-6836\",\n \"CVE-2015-6837\", \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for php5 USN-2758-1\");\n script_tag(name: \"summary\", value: \"Check the version of php5\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of\ndetect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"It was discovered that the PHP phar extension\nincorrectly handled certain files. A remote attacker could use this issue to cause\nPHP to crash, resulting in a denial of service. (CVE-2015-5589)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\nfilepaths. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-5590)\n\nTaoguang Chen discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6831, CVE-2015-6834, CVE-2015-6835\n\nSean Heelan discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6832)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\narchives. A remote attacker could use this issue to cause files to be\nplaced outside of the destination directory. (CVE-2015-6833)\n\nAndrea Palazzo discovered that the PHP Soap client incorrectly validated\ndata types. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6836)\n\nIt was discovered that the PHP XSLTProcessor class incorrectly handled\ncertain data. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service. (CVE-2015-6837)\");\n script_tag(name: \"affected\", value: \"php5 on Ubuntu 15.04 ,\n Ubuntu 14.04 LTS ,\n Ubuntu 12.04 LTS\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"USN\", value: \"2758-1\");\n script_xref(name: \"URL\" , value: \"https://lists.ubuntu.com/archives/ubuntu-security-announce/2015-September/003132.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_summary(\"Check for the Version of php5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"login/SSH/success\", \"HostDetails/OS/cpe:/o:canonical:ubuntu_linux\", \"ssh/login/release\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Ubuntu Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:12:20"}, {"bulletin": {"id": "OPENVAS:1361412562310842472", "hash": "936e03f16bf04836b00e5454f942dd820b44f1239a1253c2efe4dc06c2cb6699", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for php5 USN-2758-1", "description": "Check the version of php5", "published": "2015-10-01T00:00:00", "modified": "2018-04-27T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842472", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2758-1", "http://www.ubuntu.com/usn/usn-2758-1/"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-5590", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-5589", "CVE-2015-6832", "CVE-2015-6838"], "lastseen": "2018-04-30T14:05:49", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310842472", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for php5 USN-2758-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842472\");\n script_version(\"$Revision: 9652 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-27 11:09:48 +0200 (Fri, 27 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-01 07:12:58 +0200 (Thu, 01 Oct 2015)\");\n script_cve_id(\"CVE-2015-5589\", \"CVE-2015-5590\", \"CVE-2015-6831\", \"CVE-2015-6834\",\n \"CVE-2015-6835\", \"CVE-2015-6832\", \"CVE-2015-6833\", \"CVE-2015-6836\",\n \"CVE-2015-6837\", \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for php5 USN-2758-1\");\n script_tag(name: \"summary\", value: \"Check the version of php5\");\n script_tag(name: \"vuldetect\", value: \"Checks if a vulnerable version is present on the target host.\");\n script_tag(name: \"insight\", value: \"It was discovered that the PHP phar extension\nincorrectly handled certain files. A remote attacker could use this issue to cause\nPHP to crash, resulting in a denial of service. (CVE-2015-5589)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\nfilepaths. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-5590)\n\nTaoguang Chen discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6831, CVE-2015-6834, CVE-2015-6835\n\nSean Heelan discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6832)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\narchives. A remote attacker could use this issue to cause files to be\nplaced outside of the destination directory. (CVE-2015-6833)\n\nAndrea Palazzo discovered that the PHP Soap client incorrectly validated\ndata types. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6836)\n\nIt was discovered that the PHP XSLTProcessor class incorrectly handled\ncertain data. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service. (CVE-2015-6837)\");\n script_tag(name: \"affected\", value: \"php5 on Ubuntu 15.04 ,\n Ubuntu 14.04 LTS ,\n Ubuntu 12.04 LTS\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"USN\", value: \"2758-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2758-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(15\\.04|14\\.04 LTS|12\\.04 LTS)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Ubuntu Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 5, "lastseen": "2018-04-30T14:05:49"}, {"bulletin": {"id": "OPENVAS:1361412562310842472", "hash": "011c73f677c2161c5f6d162b784eb0afd9cadacca8102bd2438fec247bc9b8dd", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for php5 USN-2758-1", "description": "Check the version of php5", "published": "2015-10-01T00:00:00", "modified": "2018-08-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842472", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2758-1", "http://www.ubuntu.com/usn/usn-2758-1/"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-5590", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-5589", "CVE-2015-6832", "CVE-2015-6838"], "lastseen": "2018-09-01T23:50:16", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310842472", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for php5 USN-2758-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842472\");\n script_version(\"$Revision: 11037 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-17 13:51:16 +0200 (Fri, 17 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-01 07:12:58 +0200 (Thu, 01 Oct 2015)\");\n script_cve_id(\"CVE-2015-5589\", \"CVE-2015-5590\", \"CVE-2015-6831\", \"CVE-2015-6834\",\n \"CVE-2015-6835\", \"CVE-2015-6832\", \"CVE-2015-6833\", \"CVE-2015-6836\",\n \"CVE-2015-6837\", \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for php5 USN-2758-1\");\n script_tag(name:\"summary\", value:\"Check the version of php5\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that the PHP phar extension\nincorrectly handled certain files. A remote attacker could use this issue to cause\nPHP to crash, resulting in a denial of service. (CVE-2015-5589)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\nfilepaths. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-5590)\n\nTaoguang Chen discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6831, CVE-2015-6834, CVE-2015-6835\n\nSean Heelan discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6832)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\narchives. A remote attacker could use this issue to cause files to be\nplaced outside of the destination directory. (CVE-2015-6833)\n\nAndrea Palazzo discovered that the PHP Soap client incorrectly validated\ndata types. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6836)\n\nIt was discovered that the PHP XSLTProcessor class incorrectly handled\ncertain data. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service. (CVE-2015-6837)\");\n script_tag(name:\"affected\", value:\"php5 on Ubuntu 15.04,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2758-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2758-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(15\\.04|14\\.04 LTS|12\\.04 LTS)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Ubuntu Local Security Checks"}, "differentElements": ["description", "modified", "sourceData"], "edition": 8, "lastseen": "2018-09-01T23:50:16"}, {"bulletin": {"id": "OPENVAS:1361412562310842472", "hash": "099ca6830495b55547387e09ca5ef087755b0f71eeeeaf08673734fea7e9b962", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for php5 USN-2758-1", "description": "The remote host is missing an update for the ", "published": "2015-10-01T00:00:00", "modified": "2018-11-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842472", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["2758-1", "http://www.ubuntu.com/usn/usn-2758-1/"], "cvelist": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-5590", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-5589", "CVE-2015-6832", "CVE-2015-6838"], "lastseen": "2018-11-19T13:01:30", "history": [], "viewCount": 2, "enchantments": {"dependencies": {"modified": "2018-11-19T13:01:30", "references": [{"idList": ["H1:104016", "H1:103996", "H1:103998", "H1:104010", "H1:104019", "H1:104018", "H1:103995"], "type": "hackerone"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DSA-3344-1:6EFDB", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["SUSE_SU-2015-1818-1.NASL", "SUSE_SU-2015-1633-1.NASL", "PHP_5_5_29.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "PHP_5_4_45.NASL", "OPENSUSE-2015-609.NASL", "DEBIAN_DLA-341.NASL", "UBUNTU_USN-2758-1.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32480", "SECURITYVULNS:DOC:32511", "SECURITYVULNS:VULN:14667"], "type": "securityvulns"}, {"idList": ["CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6833", "CVE-2015-6831", "CVE-2015-5590", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-5589", "CVE-2015-6832", "CVE-2015-6838"], "type": "cve"}, {"idList": ["KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["SOL17377", "F5:K17377"], "type": "f5"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310807088", "OPENVAS:1361412562310807503", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310850689"], "type": "openvas"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8", "8B1F53F3-2DA5-11E5-86FF-14DAE9D210B8", "787EF75E-44DA-11E5-93AD-002590263BF5"], "type": "freebsd"}, {"idList": ["ALAS-2015-585", "ALAS-2015-602", "ALAS-2015-584", "ALAS-2015-601", "ALAS-2016-670", "ALAS-2015-583"], "type": "amazon"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}, {"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310842472", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for php5 USN-2758-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842472\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-01 07:12:58 +0200 (Thu, 01 Oct 2015)\");\n script_cve_id(\"CVE-2015-5589\", \"CVE-2015-5590\", \"CVE-2015-6831\", \"CVE-2015-6834\",\n \"CVE-2015-6835\", \"CVE-2015-6832\", \"CVE-2015-6833\", \"CVE-2015-6836\",\n \"CVE-2015-6837\", \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for php5 USN-2758-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php5'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that the PHP phar extension\nincorrectly handled certain files. A remote attacker could use this issue to cause\nPHP to crash, resulting in a denial of service. (CVE-2015-5589)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\nfilepaths. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-5590)\n\nTaoguang Chen discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6831, CVE-2015-6834, CVE-2015-6835\n\nSean Heelan discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6832)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\narchives. A remote attacker could use this issue to cause files to be\nplaced outside of the destination directory. (CVE-2015-6833)\n\nAndrea Palazzo discovered that the PHP Soap client incorrectly validated\ndata types. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6836)\n\nIt was discovered that the PHP XSLTProcessor class incorrectly handled\ncertain data. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service. (CVE-2015-6837)\");\n script_tag(name:\"affected\", value:\"php5 on Ubuntu 15.04,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2758-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2758-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(15\\.04|14\\.04 LTS|12\\.04 LTS)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Ubuntu Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 9, "lastseen": "2018-11-19T13:01:30"}], "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K17377", "SOL17377"]}, {"type": "nessus", "idList": ["FEDORA_2015-14978.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2015-601.NASL", "WEB_APPLICATION_SCANNING_98804", "ALA_ALAS-2015-585.NASL", "FREEBSD_PKG_8B1F53F32DA511E586FF14DAE9D210B8.NASL", "8953.PRM", "WEB_APPLICATION_SCANNING_98805", "SUSE_SU-2015-1466-1.NASL", "ALA_ALAS-2015-584.NASL", "SUSE_SU-2015-1633-1.NASL", "PHP_5_6_13.NASL", "DEBIAN_DSA-3358.NASL", "SUSE_SU-2015-1818-1.NASL", "PHP_5_5_28.NASL", "SUSE_SU-2015-1425-1.NASL", "FEDORA_2015-14977.NASL", "SUSE_SU-2015-1701-1.NASL", "ALA_ALAS-2016-670.NASL", "FEDORA_2015-11581.NASL", "PHP_5_5_29.NASL", "ALA_ALAS-2015-583.NASL", "UBUNTU_USN-2758-1.NASL", "8959.PRM", "OPENSUSE-2015-609.NASL", "8960.PRM", "OPENSUSE-2015-536.NASL", "F5_BIGIP_SOL17377.NASL", "PHP_5_4_45.NASL", "PHP_5_6_12.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "FEDORA_2015-14976.NASL", "DEBIAN_DLA-341.NASL", "FREEBSD_PKG_787EF75E44DA11E593AD002590263BF5.NASL", "ALA_ALAS-2015-602.NASL", "8861.PRM", "PHP_5_4_44.NASL", "DEBIAN_DSA-3344.NASL"]}, {"type": "ubuntu", "idList": ["USN-2758-1"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1633-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1818-1", "SUSE-SU-2015:1701-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310869807", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310807503", "OPENVAS:703358", "OPENVAS:1361412562310807088", "OPENVAS:1361412562310120502", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310120660"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14667", "SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32511"]}, {"type": "fedora", "idList": ["FEDORA:F0C5861361B0", "FEDORA:6B1186204982", "FEDORA:90BE461976AB", "FEDORA:02C1260F4011"]}, {"type": "debian", "idList": ["DEBIAN:DLA-341-1:DA682", "DEBIAN:DSA-3358-1:5263D"]}, {"type": "amazon", "idList": ["ALAS-2015-584", "ALAS-2015-601", "ALAS-2016-670", "ALAS-2015-585", "ALAS-2015-602", "ALAS-2015-583"]}, {"type": "slackware", "idList": ["SSA-2015-274-02"]}, {"type": "freebsd", "idList": ["8B1F53F3-2DA5-11E5-86FF-14DAE9D210B8", "787EF75E-44DA-11E5-93AD-002590263BF5", "3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6834", "UB:CVE-2015-6837", "UB:CVE-2015-6831", "UB:CVE-2015-6835", "UB:CVE-2015-5589", "UB:CVE-2015-6833", "UB:CVE-2015-6838", "UB:CVE-2015-6832", "UB:CVE-2015-5590", "UB:CVE-2015-6836"]}, {"type": "cve", "idList": ["CVE-2015-5590", "CVE-2015-6837", "CVE-2015-6831", "CVE-2015-5589", "CVE-2015-6833", "CVE-2015-6832", "CVE-2015-6838", "CVE-2015-6834", "CVE-2015-6835", "CVE-2015-6836"]}, {"type": "kaspersky", "idList": ["KLA10746", "KLA10747"]}], "modified": "2019-05-29T18:36:12", "rev": 2}, "score": {"value": 8.0, "vector": "NONE", "modified": "2019-05-29T18:36:12", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310842472", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for php5 USN-2758-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842472\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-01 07:12:58 +0200 (Thu, 01 Oct 2015)\");\n script_cve_id(\"CVE-2015-5589\", \"CVE-2015-5590\", \"CVE-2015-6831\", \"CVE-2015-6834\",\n \"CVE-2015-6835\", \"CVE-2015-6832\", \"CVE-2015-6833\", \"CVE-2015-6836\",\n \"CVE-2015-6837\", \"CVE-2015-6838\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for php5 USN-2758-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php5'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that the PHP phar extension\nincorrectly handled certain files. A remote attacker could use this issue to cause\nPHP to crash, resulting in a denial of service. (CVE-2015-5589)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\nfilepaths. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-5590)\n\nTaoguang Chen discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6831, CVE-2015-6834, CVE-2015-6835\n\nSean Heelan discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6832)\n\nIt was discovered that the PHP phar extension incorrectly handled certain\narchives. A remote attacker could use this issue to cause files to be\nplaced outside of the destination directory. (CVE-2015-6833)\n\nAndrea Palazzo discovered that the PHP Soap client incorrectly validated\ndata types. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2015-6836)\n\nIt was discovered that the PHP XSLTProcessor class incorrectly handled\ncertain data. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service. (CVE-2015-6837)\");\n script_tag(name:\"affected\", value:\"php5 on Ubuntu 15.04,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2758-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2758-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(15\\.04|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.6.4+dfsg-4ubuntu6.3\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.5.9+dfsg-1ubuntu4.13\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.10-1ubuntu3.20\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Ubuntu Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310120520", "hash": "d43417e7ce711ed46fef4b268b204cd1", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux: Security Advisory (ALAS-2015-601)", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "published": "2015-10-22T00:00:00", "modified": "2020-03-13T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120520", "reporter": "Copyright (C) 2015 Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2015-601.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "lastseen": "2020-03-17T22:59:50", "history": [{"bulletin": {"id": "OPENVAS:1361412562310120520", "hash": "db4442fc4e6c78668929b673339b6565f3168ae795bffcd8c096350327510dce", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux: Security Advisory (ALAS-2015-601)", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "published": "2015-10-22T00:00:00", "modified": "2020-03-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120520", "reporter": "Copyright (C) 2015 Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2015-601.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "lastseen": "2020-03-14T19:00:07", "history": [], "viewCount": 4, "enchantments": {"dependencies": {"modified": "2020-03-14T19:00:07", "references": [{"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["KLA10929"], "type": "kaspersky"}, {"idList": ["SUSE-SU-2016:1145-1", "SUSE-SU-2015:1633-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1581-1"], "type": "suse"}, {"idList": ["DEBIAN:DSA-3380-1:F94D6", "DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511", "SECURITYVULNS:DOC:32651", "SECURITYVULNS:VULN:14753"], "type": "securityvulns"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["OPENVAS:1361412562310806649", "OPENVAS:1361412562310806648", "OPENVAS:703380", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310842508", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310703380", "OPENVAS:1361412562310120396"], "type": "openvas"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:103990", "H1:103995", "H1:104008"], "type": "hackerone"}, {"idList": ["SSA-2015-274-02", "SSA-2016-034-04"], "type": "slackware"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["USN-2786-1", "USN-2758-1"], "type": "ubuntu"}, {"idList": ["ALA_ALAS-2015-602.NASL", "FREEBSD_PKG_C1DA8B756AEF11E59909002590263BF5.NASL", "UBUNTU_USN-2786-1.NASL", "PHP_5_6_14.NASL", "PHP_5_5_30.NASL", "DEBIAN_DLA-341.NASL", "SLACKWARE_SSA_2016-034-04.NASL", "OPENSUSE-2016-100.NASL", "ALA_ALAS-2015-601.NASL", "DEBIAN_DSA-3380.NASL"], "type": "nessus"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["C1DA8B75-6AEF-11E5-9909-002590263BF5", "3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "type": "cve"}, {"idList": ["SOL17377", "F5:K17503", "F5:K17377", "SOL17503"], "type": "f5"}]}, "score": {"modified": "2020-03-14T19:00:07", "value": 8.0, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310120520", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120520\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-10-22 08:25:44 +0300 (Thu, 22 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-14 11:59:40 +0000 (Sat, 14 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-601)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in PHP. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update php56 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-601.html\");\n script_cve_id(\"CVE-2015-7803\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-7804\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php56-xmlrpc\", rpm:\"php56-xmlrpc~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-xml\", rpm:\"php56-xml~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-odbc\", rpm:\"php56-odbc~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-imap\", rpm:\"php56-imap~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-pdo\", rpm:\"php56-pdo~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-debuginfo\", rpm:\"php56-debuginfo~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-gmp\", rpm:\"php56-gmp~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mcrypt\", rpm:\"php56-mcrypt~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-dba\", rpm:\"php56-dba~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-tidy\", rpm:\"php56-tidy~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-enchant\", rpm:\"php56-enchant~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-opcache\", rpm:\"php56-opcache~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-common\", rpm:\"php56-common~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-devel\", rpm:\"php56-devel~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-fpm\", rpm:\"php56-fpm~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mssql\", rpm:\"php56-mssql~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-pspell\", rpm:\"php56-pspell~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-snmp\", rpm:\"php56-snmp~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-process\", rpm:\"php56-process~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-cli\", rpm:\"php56-cli~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mysqlnd\", rpm:\"php56-mysqlnd~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-ldap\", rpm:\"php56-ldap~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-gd\", rpm:\"php56-gd~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-intl\", rpm:\"php56-intl~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-embedded\", rpm:\"php56-embedded~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-dbg\", rpm:\"php56-dbg~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56\", rpm:\"php56~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-bcmath\", rpm:\"php56-bcmath~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-soap\", rpm:\"php56-soap~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-pgsql\", rpm:\"php56-pgsql~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-recode\", rpm:\"php56-recode~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mbstring\", rpm:\"php56-mbstring~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 7, "lastseen": "2020-03-14T19:00:07"}, {"bulletin": {"id": "OPENVAS:1361412562310120520", "hash": "fce5b7b8b578d7849ac74b602c46fd9b16069c2aae39dbb2f184d906e43d698f", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux Local Check: alas-2015-601", "description": "Amazon Linux Local Security Checks", "published": "2015-10-22T00:00:00", "modified": "2017-05-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120520", "reporter": "Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2015-601.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "lastseen": "2017-07-02T21:11:38", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310120520", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Amazon Linux security check \n# $Id: alas-2015-601.nasl 6214 2017-05-26 09:04:01Z teissa $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@iki.fi> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org \n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.120520\");\nscript_version(\"$Revision: 6214 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-22 08:25:44 +0300 (Thu, 22 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-05-26 11:04:01 +0200 (Fri, 26 May 2017) $\");\nscript_name(\"Amazon Linux Local Check: alas-2015-601\");\nscript_tag(name: \"insight\", value: \"As reported upstream, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. (CVE-2015-7803 )Use after free vulnerability was found in unserialize() function. We can create ZVAL and free it via Serializable::unserialize. However the unserialize() will still allow to use R: or r: to set references to that already freed memory. It is possible to use-after-free attack and execute arbitrary code remotely. (CVE-2015-6834 )A use-after-free vulnerability was found in session deserializer. When session deserializer (php/php_binary) is deserializing multiple data, it will call php_var_unserialize() multiple times. We can create ZVAL and free it via the php_var_unserialize() with a crafted serialized string. Then the next call php_var_unserialize() will still allow to use R: or r: to set references to that already freed memory. It is possible to use-after-free attack and execute arbitrary code remotely. (CVE-2015-6835 )As reported upstream, an uninitialized pointer use flaw was found in the phar_make_dirstream() function of PHP's Phar extension. A specially crafted phar file in the ZIP format with a directory entry with a file name /ZIP could cause a PHP application function to crash. (CVE-2015-7804 )\"); \nscript_tag(name : \"solution\", value : \"Run yum update php56 to update your system.\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://alas.aws.amazon.com/ALAS-2015-601.html\");\nscript_cve_id(\"CVE-2015-7803\",\"CVE-2015-6834\",\"CVE-2015-6835\",\"CVE-2015-7804\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"HostDetails/OS/cpe:/o:amazon:linux\", \"login/SSH/success\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Amazon Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"php56-xmlrpc\", rpm:\"php56-xmlrpc~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-xml\", rpm:\"php56-xml~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-odbc\", rpm:\"php56-odbc~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-imap\", rpm:\"php56-imap~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-pdo\", rpm:\"php56-pdo~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-debuginfo\", rpm:\"php56-debuginfo~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-gmp\", rpm:\"php56-gmp~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mcrypt\", rpm:\"php56-mcrypt~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-dba\", rpm:\"php56-dba~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-tidy\", rpm:\"php56-tidy~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-enchant\", rpm:\"php56-enchant~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-opcache\", rpm:\"php56-opcache~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-common\", rpm:\"php56-common~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-devel\", rpm:\"php56-devel~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-fpm\", rpm:\"php56-fpm~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mssql\", rpm:\"php56-mssql~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-pspell\", rpm:\"php56-pspell~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-snmp\", rpm:\"php56-snmp~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-process\", rpm:\"php56-process~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-cli\", rpm:\"php56-cli~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mysqlnd\", rpm:\"php56-mysqlnd~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-ldap\", rpm:\"php56-ldap~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-gd\", rpm:\"php56-gd~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-intl\", rpm:\"php56-intl~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-embedded\", rpm:\"php56-embedded~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-dbg\", rpm:\"php56-dbg~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56\", rpm:\"php56~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-bcmath\", rpm:\"php56-bcmath~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-soap\", rpm:\"php56-soap~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-pgsql\", rpm:\"php56-pgsql~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-recode\", rpm:\"php56-recode~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mbstring\", rpm:\"php56-mbstring~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:11:38"}, {"bulletin": {"id": "OPENVAS:1361412562310120520", "hash": "137bfd01a8606904fd2d8644d6a4a72be86322f3d1b05563f312499395c79416", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux Local Check: alas-2015-601", "description": "Amazon Linux Local Security Checks", "published": "2015-10-22T00:00:00", "modified": "2017-07-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120520", "reporter": "Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2015-601.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "lastseen": "2018-09-01T23:51:51", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310120520", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Amazon Linux security check \n# $Id: alas-2015-601.nasl 6575 2017-07-06 13:42:08Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@iki.fi> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org \n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.120520\");\nscript_version(\"$Revision: 6575 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-22 08:25:44 +0300 (Thu, 22 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:42:08 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Amazon Linux Local Check: alas-2015-601\");\nscript_tag(name: \"insight\", value: \"As reported upstream, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. (CVE-2015-7803 )Use after free vulnerability was found in unserialize() function. We can create ZVAL and free it via Serializable::unserialize. However the unserialize() will still allow to use R: or r: to set references to that already freed memory. It is possible to use-after-free attack and execute arbitrary code remotely. (CVE-2015-6834 )A use-after-free vulnerability was found in session deserializer. When session deserializer (php/php_binary) is deserializing multiple data, it will call php_var_unserialize() multiple times. We can create ZVAL and free it via the php_var_unserialize() with a crafted serialized string. Then the next call php_var_unserialize() will still allow to use R: or r: to set references to that already freed memory. It is possible to use-after-free attack and execute arbitrary code remotely. (CVE-2015-6835 )As reported upstream, an uninitialized pointer use flaw was found in the phar_make_dirstream() function of PHP's Phar extension. A specially crafted phar file in the ZIP format with a directory entry with a file name /ZIP could cause a PHP application function to crash. (CVE-2015-7804 )\"); \nscript_tag(name : \"solution\", value : \"Run yum update php56 to update your system.\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://alas.aws.amazon.com/ALAS-2015-601.html\");\nscript_cve_id(\"CVE-2015-7803\",\"CVE-2015-6834\",\"CVE-2015-6835\",\"CVE-2015-7804\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Amazon Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"php56-xmlrpc\", rpm:\"php56-xmlrpc~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-xml\", rpm:\"php56-xml~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-odbc\", rpm:\"php56-odbc~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-imap\", rpm:\"php56-imap~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-pdo\", rpm:\"php56-pdo~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-debuginfo\", rpm:\"php56-debuginfo~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-gmp\", rpm:\"php56-gmp~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mcrypt\", rpm:\"php56-mcrypt~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-dba\", rpm:\"php56-dba~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-tidy\", rpm:\"php56-tidy~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-enchant\", rpm:\"php56-enchant~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-opcache\", rpm:\"php56-opcache~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-common\", rpm:\"php56-common~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-devel\", rpm:\"php56-devel~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-fpm\", rpm:\"php56-fpm~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mssql\", rpm:\"php56-mssql~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-pspell\", rpm:\"php56-pspell~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-snmp\", rpm:\"php56-snmp~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-process\", rpm:\"php56-process~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-cli\", rpm:\"php56-cli~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mysqlnd\", rpm:\"php56-mysqlnd~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-ldap\", rpm:\"php56-ldap~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-gd\", rpm:\"php56-gd~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-intl\", rpm:\"php56-intl~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-embedded\", rpm:\"php56-embedded~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-dbg\", rpm:\"php56-dbg~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56\", rpm:\"php56~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-bcmath\", rpm:\"php56-bcmath~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-soap\", rpm:\"php56-soap~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-pgsql\", rpm:\"php56-pgsql~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-recode\", rpm:\"php56-recode~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mbstring\", rpm:\"php56-mbstring~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2018-09-01T23:51:51"}, {"bulletin": {"id": "OPENVAS:1361412562310120520", "hash": "0cc0740582e8ba413dd91d1dfb9e9edfc40453e42ccb3e404ae3cc8a1b3579c8", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux Local Check: alas-2015-601", "description": "Amazon Linux Local Security Checks", "published": "2015-10-22T00:00:00", "modified": "2018-10-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120520", "reporter": "Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2015-601.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "lastseen": "2019-05-29T18:36:46", "history": [], "viewCount": 4, "enchantments": {"dependencies": {"modified": "2019-05-29T18:36:46", "references": [{"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["KLA10929"], "type": "kaspersky"}, {"idList": ["SUSE-SU-2016:1145-1", "SUSE-SU-2015:1633-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1581-1"], "type": "suse"}, {"idList": ["DEBIAN:DSA-3380-1:F94D6", "DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511", "SECURITYVULNS:DOC:32651", "SECURITYVULNS:VULN:14753"], "type": "securityvulns"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:103990", "H1:103995", "H1:104008"], "type": "hackerone"}, {"idList": ["SSA-2015-274-02", "SSA-2016-034-04"], "type": "slackware"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["USN-2786-1", "USN-2758-1"], "type": "ubuntu"}, {"idList": ["ALA_ALAS-2015-602.NASL", "FREEBSD_PKG_C1DA8B756AEF11E59909002590263BF5.NASL", "UBUNTU_USN-2786-1.NASL", "PHP_5_6_14.NASL", "PHP_5_5_30.NASL", "DEBIAN_DLA-341.NASL", "SLACKWARE_SSA_2016-034-04.NASL", "OPENSUSE-2016-100.NASL", "ALA_ALAS-2015-601.NASL", "DEBIAN_DSA-3380.NASL"], "type": "nessus"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["OPENVAS:1361412562310806649", "OPENVAS:1361412562310806648", "OPENVAS:703380", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310842508", "OPENVAS:1361412562310808617", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310703380", "OPENVAS:1361412562310120396"], "type": "openvas"}, {"idList": ["C1DA8B75-6AEF-11E5-9909-002590263BF5", "3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "type": "cve"}, {"idList": ["SOL17377", "F5:K17503", "F5:K17377", "SOL17503"], "type": "f5"}]}, "score": {"modified": "2019-05-29T18:36:46", "value": 6.8, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310120520", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2015-601.nasl 6575 2017-07-06 13:42:08Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120520\");\n script_version(\"$Revision: 11711 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-22 08:25:44 +0300 (Thu, 22 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 14:30:57 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: alas-2015-601\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in PHP. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update php56 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-601.html\");\n script_cve_id(\"CVE-2015-7803\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-7804\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"php56-xmlrpc\", rpm:\"php56-xmlrpc~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-xml\", rpm:\"php56-xml~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-odbc\", rpm:\"php56-odbc~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-imap\", rpm:\"php56-imap~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-pdo\", rpm:\"php56-pdo~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-debuginfo\", rpm:\"php56-debuginfo~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-gmp\", rpm:\"php56-gmp~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mcrypt\", rpm:\"php56-mcrypt~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-dba\", rpm:\"php56-dba~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-tidy\", rpm:\"php56-tidy~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-enchant\", rpm:\"php56-enchant~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-opcache\", rpm:\"php56-opcache~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-common\", rpm:\"php56-common~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-devel\", rpm:\"php56-devel~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-fpm\", rpm:\"php56-fpm~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mssql\", rpm:\"php56-mssql~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-pspell\", rpm:\"php56-pspell~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-snmp\", rpm:\"php56-snmp~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-process\", rpm:\"php56-process~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-cli\", rpm:\"php56-cli~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mysqlnd\", rpm:\"php56-mysqlnd~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-ldap\", rpm:\"php56-ldap~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-gd\", rpm:\"php56-gd~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-intl\", rpm:\"php56-intl~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-embedded\", rpm:\"php56-embedded~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-dbg\", rpm:\"php56-dbg~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56\", rpm:\"php56~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-bcmath\", rpm:\"php56-bcmath~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-soap\", rpm:\"php56-soap~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-pgsql\", rpm:\"php56-pgsql~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-recode\", rpm:\"php56-recode~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mbstring\", rpm:\"php56-mbstring~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["description", "reporter", "modified", "sourceData", "title"], "edition": 6, "lastseen": "2019-05-29T18:36:46"}, {"bulletin": {"id": "OPENVAS:1361412562310120520", "hash": "b60588bd3e484563f844d1bc360aa0dfabdb52b24709044e4ca2117c2cdcab8a", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux Local Check: alas-2015-601", "description": "Amazon Linux Local Security Checks", "published": "2015-10-22T00:00:00", "modified": "2018-10-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120520", "reporter": "Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2015-601.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "lastseen": "2018-10-02T14:31:38", "history": [], "viewCount": 2, "enchantments": {"dependencies": {"modified": "2018-10-02T14:31:38", "references": [{"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511", "SECURITYVULNS:DOC:32651", "SECURITYVULNS:VULN:14753"], "type": "securityvulns"}, {"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["SUSE-SU-2016:1145-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1581-1"], "type": "suse"}, {"idList": ["KLA10929"], "type": "kaspersky"}, {"idList": ["DEBIAN:DSA-3380-1:F94D6", "DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["OPENVAS:1361412562310806649", "OPENVAS:1361412562310806648", "OPENVAS:703380", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310842508", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310120660", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310703380", "OPENVAS:1361412562310120396"], "type": "openvas"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:103990", "H1:103995", "H1:104008"], "type": "hackerone"}, {"idList": ["SSA-2015-274-02", "SSA-2016-034-04"], "type": "slackware"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["ALA_ALAS-2015-602.NASL", "FREEBSD_PKG_C1DA8B756AEF11E59909002590263BF5.NASL", "UBUNTU_USN-2786-1.NASL", "PHP_5_5_30.NASL", "DEBIAN_DLA-341.NASL", "SLACKWARE_SSA_2016-034-04.NASL", "OPENSUSE-2016-100.NASL", "PHP_5_6_13.NASL", "ALA_ALAS-2015-601.NASL", "DEBIAN_DSA-3380.NASL"], "type": "nessus"}, {"idList": ["USN-2786-1", "USN-2758-1"], "type": "ubuntu"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["C1DA8B75-6AEF-11E5-9909-002590263BF5", "3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "type": "cve"}, {"idList": ["SOL17377", "F5:K17503", "F5:K17377", "SOL17503"], "type": "f5"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310120520", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2015-601.nasl 6575 2017-07-06 13:42:08Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120520\");\n script_version(\"$Revision: 11711 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-22 08:25:44 +0300 (Thu, 22 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 14:30:57 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: alas-2015-601\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in PHP. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update php56 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-601.html\");\n script_cve_id(\"CVE-2015-7803\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-7804\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"php56-xmlrpc\", rpm:\"php56-xmlrpc~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-xml\", rpm:\"php56-xml~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-odbc\", rpm:\"php56-odbc~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-imap\", rpm:\"php56-imap~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-pdo\", rpm:\"php56-pdo~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-debuginfo\", rpm:\"php56-debuginfo~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-gmp\", rpm:\"php56-gmp~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mcrypt\", rpm:\"php56-mcrypt~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-dba\", rpm:\"php56-dba~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-tidy\", rpm:\"php56-tidy~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-enchant\", rpm:\"php56-enchant~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-opcache\", rpm:\"php56-opcache~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-common\", rpm:\"php56-common~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-devel\", rpm:\"php56-devel~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-fpm\", rpm:\"php56-fpm~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mssql\", rpm:\"php56-mssql~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-pspell\", rpm:\"php56-pspell~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-snmp\", rpm:\"php56-snmp~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-process\", rpm:\"php56-process~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-cli\", rpm:\"php56-cli~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mysqlnd\", rpm:\"php56-mysqlnd~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-ldap\", rpm:\"php56-ldap~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-gd\", rpm:\"php56-gd~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-intl\", rpm:\"php56-intl~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-embedded\", rpm:\"php56-embedded~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-dbg\", rpm:\"php56-dbg~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56\", rpm:\"php56~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-bcmath\", rpm:\"php56-bcmath~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-soap\", rpm:\"php56-soap~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-pgsql\", rpm:\"php56-pgsql~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-recode\", rpm:\"php56-recode~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php56-mbstring\", rpm:\"php56-mbstring~5.6.14~1.119.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2018-10-02T14:31:38"}], "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["SOL17503", "F5:K17377", "F5:K17503", "SOL17377"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310806649", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310808617", "OPENVAS:703380", "OPENVAS:1361412562311220191543", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869939", "OPENVAS:703358", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310842508", "OPENVAS:1361412562310120396", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310120660", "OPENVAS:1361412562310806648", "OPENVAS:1361412562310703380"]}, {"type": "cve", "idList": ["CVE-2015-6835", "CVE-2015-6834", "CVE-2015-7803", "CVE-2015-7804"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6834", "UB:CVE-2015-7804", "UB:CVE-2015-7803", "UB:CVE-2015-6835"]}, {"type": "nessus", "idList": ["FEDORA_2015-14978.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2015-601.NASL", "WEB_APPLICATION_SCANNING_98806", "FREEBSD_PKG_C1DA8B756AEF11E59909002590263BF5.NASL", "GENTOO_GLSA-201606-10.NASL", "SLACKWARE_SSA_2016-034-04.NASL", "OPENSUSE-2016-100.NASL", "WEB_APPLICATION_SCANNING_98805", "SUSE_SU-2015-1633-1.NASL", "PHP_5_6_13.NASL", "DEBIAN_DSA-3358.NASL", "DEBIAN_DSA-3380.NASL", "EULEROS_SA-2019-1543.NASL", "8956.PRM", "UBUNTU_USN-2786-1.NASL", "FEDORA_2015-14977.NASL", "SUSE_SU-2016-1145-1.NASL", "ALA_ALAS-2016-670.NASL", "PHP_5_5_29.NASL", "UBUNTU_USN-2758-1.NASL", "PHP_5_6_14.NASL", "OPENSUSE-2015-609.NASL", "F5_BIGIP_SOL17377.NASL", "PHP_5_4_45.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "DEBIAN_DLA-341.NASL", "FEDORA_2015-14976.NASL", "OPENSUSE-2016-157.NASL", "ALA_ALAS-2015-602.NASL", "PHP_5_5_30.NASL", "SUSE_SU-2016-0284-1.NASL", "8861.PRM"]}, {"type": "amazon", "idList": ["ALAS-2015-601", "ALAS-2015-602", "ALAS-2017-788", "ALAS-2016-670"]}, {"type": "freebsd", "idList": ["C1DA8B75-6AEF-11E5-9909-002590263BF5", "3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32651", "SECURITYVULNS:DOC:32511", "SECURITYVULNS:VULN:14753"]}, {"type": "ubuntu", "idList": ["USN-2758-1", "USN-2786-1"]}, {"type": "debian", "idList": ["DEBIAN:DLA-341-1:DA682", "DEBIAN:DSA-3380-1:F94D6", "DEBIAN:DSA-3358-1:5263D"]}, {"type": "slackware", "idList": ["SSA-2015-274-02", "SSA-2016-034-04"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "fedora", "idList": ["FEDORA:F0C5861361B0", "FEDORA:90BE461976AB", "FEDORA:02C1260F4011"]}, {"type": "hackerone", "idList": ["H1:103996", "H1:103990", "H1:104008", "H1:103997", "H1:103998", "H1:103995"]}, {"type": "exploitdb", "idList": ["EDB-ID:38122", "EDB-ID:38123", "EDB-ID:38120"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1633-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1145-1"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9936"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:138812", "PACKETSTORM:134949"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"]}], "modified": "2020-03-17T22:59:50", "rev": 2}, "score": {"value": 7.7, "vector": "NONE", "modified": "2020-03-17T22:59:50", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310120520", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120520\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-10-22 08:25:44 +0300 (Thu, 22 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-601)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in PHP. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update php56 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-601.html\");\n script_cve_id(\"CVE-2015-7803\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-7804\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php56-xmlrpc\", rpm:\"php56-xmlrpc~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-xml\", rpm:\"php56-xml~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-odbc\", rpm:\"php56-odbc~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-imap\", rpm:\"php56-imap~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-pdo\", rpm:\"php56-pdo~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-debuginfo\", rpm:\"php56-debuginfo~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-gmp\", rpm:\"php56-gmp~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mcrypt\", rpm:\"php56-mcrypt~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-dba\", rpm:\"php56-dba~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-tidy\", rpm:\"php56-tidy~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-enchant\", rpm:\"php56-enchant~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-opcache\", rpm:\"php56-opcache~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-common\", rpm:\"php56-common~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-devel\", rpm:\"php56-devel~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-fpm\", rpm:\"php56-fpm~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mssql\", rpm:\"php56-mssql~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-pspell\", rpm:\"php56-pspell~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-snmp\", rpm:\"php56-snmp~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-process\", rpm:\"php56-process~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-cli\", rpm:\"php56-cli~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mysqlnd\", rpm:\"php56-mysqlnd~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-ldap\", rpm:\"php56-ldap~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-gd\", rpm:\"php56-gd~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-intl\", rpm:\"php56-intl~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-embedded\", rpm:\"php56-embedded~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-dbg\", rpm:\"php56-dbg~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56\", rpm:\"php56~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-bcmath\", rpm:\"php56-bcmath~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-soap\", rpm:\"php56-soap~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-pgsql\", rpm:\"php56-pgsql~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-recode\", rpm:\"php56-recode~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php56-mbstring\", rpm:\"php56-mbstring~5.6.14~1.119.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Amazon Linux Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310120396", "hash": "81e99e28f19e664ca0529886400eefe5", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux: Security Advisory (ALAS-2015-602)", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "published": "2015-10-22T00:00:00", "modified": "2020-03-13T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120396", "reporter": "Copyright (C) 2015 Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2015-602.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "lastseen": "2020-03-17T22:59:14", "history": [{"bulletin": {"id": "OPENVAS:1361412562310120396", "hash": "3cb972be5065c048133e094f9de2180ca75eb1374d9462dd4a3dc7bbda379d8c", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux: Security Advisory (ALAS-2015-602)", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "published": "2015-10-22T00:00:00", "modified": "2020-03-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120396", "reporter": "Copyright (C) 2015 Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2015-602.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "lastseen": "2020-03-14T18:59:34", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2020-03-14T18:59:34", "references": [{"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["OPENVAS:1361412562310806649", "OPENVAS:1361412562310806648", "OPENVAS:703380", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310842508", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310703380"], "type": "openvas"}, {"idList": ["KLA10929"], "type": "kaspersky"}, {"idList": ["SUSE-SU-2016:1145-1", "SUSE-SU-2015:1633-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1581-1"], "type": "suse"}, {"idList": ["DEBIAN:DSA-3380-1:F94D6", "DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511", "SECURITYVULNS:DOC:32651", "SECURITYVULNS:VULN:14753"], "type": "securityvulns"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:103990", "H1:103995", "H1:104008"], "type": "hackerone"}, {"idList": ["SSA-2015-274-02", "SSA-2016-034-04"], "type": "slackware"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["USN-2786-1", "USN-2758-1"], "type": "ubuntu"}, {"idList": ["ALA_ALAS-2015-602.NASL", "FREEBSD_PKG_C1DA8B756AEF11E59909002590263BF5.NASL", "UBUNTU_USN-2786-1.NASL", "PHP_5_6_14.NASL", "PHP_5_5_30.NASL", "DEBIAN_DLA-341.NASL", "SLACKWARE_SSA_2016-034-04.NASL", "OPENSUSE-2016-100.NASL", "ALA_ALAS-2015-601.NASL", "DEBIAN_DSA-3380.NASL"], "type": "nessus"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["C1DA8B75-6AEF-11E5-9909-002590263BF5", "3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "type": "cve"}, {"idList": ["SOL17377", "F5:K17503", "F5:K17377", "SOL17503"], "type": "f5"}]}, "score": {"modified": "2020-03-14T18:59:34", "value": 8.0, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310120396", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120396\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-10-22 08:25:44 +0300 (Thu, 22 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-14 11:59:40 +0000 (Sat, 14 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-602)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in PHP. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update php55 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-602.html\");\n script_cve_id(\"CVE-2015-7803\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-7804\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php55-embedded\", rpm:\"php55-embedded~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-bcmath\", rpm:\"php55-bcmath~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-snmp\", rpm:\"php55-snmp~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-cli\", rpm:\"php55-cli~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mbstring\", rpm:\"php55-mbstring~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-ldap\", rpm:\"php55-ldap~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pgsql\", rpm:\"php55-pgsql~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pdo\", rpm:\"php55-pdo~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pspell\", rpm:\"php55-pspell~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-dba\", rpm:\"php55-dba~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-common\", rpm:\"php55-common~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-odbc\", rpm:\"php55-odbc~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-enchant\", rpm:\"php55-enchant~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-xml\", rpm:\"php55-xml~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-soap\", rpm:\"php55-soap~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-fpm\", rpm:\"php55-fpm~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-gmp\", rpm:\"php55-gmp~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-xmlrpc\", rpm:\"php55-xmlrpc~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-opcache\", rpm:\"php55-opcache~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-process\", rpm:\"php55-process~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-debuginfo\", rpm:\"php55-debuginfo~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mcrypt\", rpm:\"php55-mcrypt~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55\", rpm:\"php55~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-devel\", rpm:\"php55-devel~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-imap\", rpm:\"php55-imap~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mssql\", rpm:\"php55-mssql~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mysqlnd\", rpm:\"php55-mysqlnd~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-recode\", rpm:\"php55-recode~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-tidy\", rpm:\"php55-tidy~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-intl\", rpm:\"php55-intl~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-gd\", rpm:\"php55-gd~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 8, "lastseen": "2020-03-14T18:59:34"}, {"bulletin": {"id": "OPENVAS:1361412562310120396", "hash": "6b3a77ce24f7a40386ebaa67d5c8a1b8650edecc3d3ef8162e741c2fb7bb4d5c", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux Local Check: alas-2015-602", "description": "Amazon Linux Local Security Checks", "published": "2015-10-22T00:00:00", "modified": "2017-07-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120396", "reporter": "Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2015-602.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "lastseen": "2018-09-01T23:50:54", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310120396", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Amazon Linux security check \n# $Id: alas-2015-602.nasl 6575 2017-07-06 13:42:08Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@iki.fi> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org \n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.120396\");\nscript_version(\"$Revision: 6575 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-22 08:25:44 +0300 (Thu, 22 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:42:08 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Amazon Linux Local Check: alas-2015-602\");\nscript_tag(name: \"insight\", value: \"As reported upstream, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. (CVE-2015-7803 )Use after free vulnerability was found in unserialize() function. We can create ZVAL and free it via Serializable::unserialize. However the unserialize() will still allow to use R: or r: to set references to that already freed memory. It is possible to use-after-free attack and execute arbitrary code remotely. (CVE-2015-6834 )A use-after-free vulnerability was found in session deserializer. When session deserializer (php/php_binary) is deserializing multiple data, it will call php_var_unserialize() multiple times. We can create ZVAL and free it via the php_var_unserialize() with a crafted serialized string. Then the next call php_var_unserialize() will still allow to use R: or r: to set references to that already freed memory. It is possible to use-after-free attack and execute arbitrary code remotely. (CVE-2015-6835 )As reported upstream, an uninitialized pointer use flaw was found in the phar_make_dirstream() function of PHP's Phar extension. A specially crafted phar file in the ZIP format with a directory entry with a file name /ZIP could cause a PHP application function to crash. (CVE-2015-7804 )\"); \nscript_tag(name : \"solution\", value : \"Run yum update php55 to update your system.\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://alas.aws.amazon.com/ALAS-2015-602.html\");\nscript_cve_id(\"CVE-2015-7803\",\"CVE-2015-6834\",\"CVE-2015-6835\",\"CVE-2015-7804\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Amazon Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"php55-embedded\", rpm:\"php55-embedded~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-bcmath\", rpm:\"php55-bcmath~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-snmp\", rpm:\"php55-snmp~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-cli\", rpm:\"php55-cli~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mbstring\", rpm:\"php55-mbstring~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-ldap\", rpm:\"php55-ldap~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-pgsql\", rpm:\"php55-pgsql~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-pdo\", rpm:\"php55-pdo~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-pspell\", rpm:\"php55-pspell~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-dba\", rpm:\"php55-dba~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-common\", rpm:\"php55-common~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-odbc\", rpm:\"php55-odbc~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-enchant\", rpm:\"php55-enchant~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-xml\", rpm:\"php55-xml~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-soap\", rpm:\"php55-soap~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-fpm\", rpm:\"php55-fpm~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-gmp\", rpm:\"php55-gmp~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-xmlrpc\", rpm:\"php55-xmlrpc~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-opcache\", rpm:\"php55-opcache~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-process\", rpm:\"php55-process~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-debuginfo\", rpm:\"php55-debuginfo~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mcrypt\", rpm:\"php55-mcrypt~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55\", rpm:\"php55~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-devel\", rpm:\"php55-devel~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-imap\", rpm:\"php55-imap~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mssql\", rpm:\"php55-mssql~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mysqlnd\", rpm:\"php55-mysqlnd~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-recode\", rpm:\"php55-recode~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-tidy\", rpm:\"php55-tidy~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-intl\", rpm:\"php55-intl~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-gd\", rpm:\"php55-gd~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 5, "lastseen": "2018-09-01T23:50:54"}, {"bulletin": {"id": "OPENVAS:1361412562310120396", "hash": "ebf75d3df28c5eb5c81dee57afa6fabd4a1277f88649edd68a3c0c3f13e7a860", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux Local Check: alas-2015-602", "description": "Amazon Linux Local Security Checks", "published": "2015-10-22T00:00:00", "modified": "2017-06-20T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120396", "reporter": "Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2015-602.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "lastseen": "2017-07-05T10:51:18", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310120396", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Amazon Linux security check \n# $Id: alas-2015-602.nasl 6376 2017-06-20 10:00:24Z teissa $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@iki.fi> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org \n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.120396\");\nscript_version(\"$Revision: 6376 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-22 08:25:44 +0300 (Thu, 22 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-06-20 12:00:24 +0200 (Tue, 20 Jun 2017) $\");\nscript_name(\"Amazon Linux Local Check: alas-2015-602\");\nscript_tag(name: \"insight\", value: \"As reported upstream, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. (CVE-2015-7803 )Use after free vulnerability was found in unserialize() function. We can create ZVAL and free it via Serializable::unserialize. However the unserialize() will still allow to use R: or r: to set references to that already freed memory. It is possible to use-after-free attack and execute arbitrary code remotely. (CVE-2015-6834 )A use-after-free vulnerability was found in session deserializer. When session deserializer (php/php_binary) is deserializing multiple data, it will call php_var_unserialize() multiple times. We can create ZVAL and free it via the php_var_unserialize() with a crafted serialized string. Then the next call php_var_unserialize() will still allow to use R: or r: to set references to that already freed memory. It is possible to use-after-free attack and execute arbitrary code remotely. (CVE-2015-6835 )As reported upstream, an uninitialized pointer use flaw was found in the phar_make_dirstream() function of PHP's Phar extension. A specially crafted phar file in the ZIP format with a directory entry with a file name /ZIP could cause a PHP application function to crash. (CVE-2015-7804 )\"); \nscript_tag(name : \"solution\", value : \"Run yum update php55 to update your system.\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://alas.aws.amazon.com/ALAS-2015-602.html\");\nscript_cve_id(\"CVE-2015-7803\",\"CVE-2015-6834\",\"CVE-2015-6835\",\"CVE-2015-7804\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"HostDetails/OS/cpe:/o:amazon:linux\", \"login/SSH/success\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Amazon Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"php55-embedded\", rpm:\"php55-embedded~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-bcmath\", rpm:\"php55-bcmath~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-snmp\", rpm:\"php55-snmp~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-cli\", rpm:\"php55-cli~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mbstring\", rpm:\"php55-mbstring~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-ldap\", rpm:\"php55-ldap~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-pgsql\", rpm:\"php55-pgsql~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-pdo\", rpm:\"php55-pdo~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-pspell\", rpm:\"php55-pspell~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-dba\", rpm:\"php55-dba~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-common\", rpm:\"php55-common~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-odbc\", rpm:\"php55-odbc~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-enchant\", rpm:\"php55-enchant~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-xml\", rpm:\"php55-xml~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-soap\", rpm:\"php55-soap~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-fpm\", rpm:\"php55-fpm~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-gmp\", rpm:\"php55-gmp~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-xmlrpc\", rpm:\"php55-xmlrpc~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-opcache\", rpm:\"php55-opcache~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-process\", rpm:\"php55-process~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-debuginfo\", rpm:\"php55-debuginfo~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mcrypt\", rpm:\"php55-mcrypt~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55\", rpm:\"php55~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-devel\", rpm:\"php55-devel~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-imap\", rpm:\"php55-imap~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mssql\", rpm:\"php55-mssql~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mysqlnd\", rpm:\"php55-mysqlnd~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-recode\", rpm:\"php55-recode~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-tidy\", rpm:\"php55-tidy~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-intl\", rpm:\"php55-intl~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-gd\", rpm:\"php55-gd~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-07-05T10:51:18"}, {"bulletin": {"id": "OPENVAS:1361412562310120396", "hash": "6b3a77ce24f7a40386ebaa67d5c8a1b8650edecc3d3ef8162e741c2fb7bb4d5c", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux Local Check: alas-2015-602", "description": "Amazon Linux Local Security Checks", "published": "2015-10-22T00:00:00", "modified": "2017-07-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120396", "reporter": "Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2015-602.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "lastseen": "2017-07-24T12:52:31", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310120396", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Amazon Linux security check \n# $Id: alas-2015-602.nasl 6575 2017-07-06 13:42:08Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@iki.fi> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org \n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.120396\");\nscript_version(\"$Revision: 6575 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-22 08:25:44 +0300 (Thu, 22 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:42:08 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Amazon Linux Local Check: alas-2015-602\");\nscript_tag(name: \"insight\", value: \"As reported upstream, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. (CVE-2015-7803 )Use after free vulnerability was found in unserialize() function. We can create ZVAL and free it via Serializable::unserialize. However the unserialize() will still allow to use R: or r: to set references to that already freed memory. It is possible to use-after-free attack and execute arbitrary code remotely. (CVE-2015-6834 )A use-after-free vulnerability was found in session deserializer. When session deserializer (php/php_binary) is deserializing multiple data, it will call php_var_unserialize() multiple times. We can create ZVAL and free it via the php_var_unserialize() with a crafted serialized string. Then the next call php_var_unserialize() will still allow to use R: or r: to set references to that already freed memory. It is possible to use-after-free attack and execute arbitrary code remotely. (CVE-2015-6835 )As reported upstream, an uninitialized pointer use flaw was found in the phar_make_dirstream() function of PHP's Phar extension. A specially crafted phar file in the ZIP format with a directory entry with a file name /ZIP could cause a PHP application function to crash. (CVE-2015-7804 )\"); \nscript_tag(name : \"solution\", value : \"Run yum update php55 to update your system.\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://alas.aws.amazon.com/ALAS-2015-602.html\");\nscript_cve_id(\"CVE-2015-7803\",\"CVE-2015-6834\",\"CVE-2015-6835\",\"CVE-2015-7804\");\nscript_tag(name:\"cvss_base\", value:\"7.5\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Amazon Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"php55-embedded\", rpm:\"php55-embedded~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-bcmath\", rpm:\"php55-bcmath~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-snmp\", rpm:\"php55-snmp~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-cli\", rpm:\"php55-cli~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mbstring\", rpm:\"php55-mbstring~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-ldap\", rpm:\"php55-ldap~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-pgsql\", rpm:\"php55-pgsql~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-pdo\", rpm:\"php55-pdo~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-pspell\", rpm:\"php55-pspell~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-dba\", rpm:\"php55-dba~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-common\", rpm:\"php55-common~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-odbc\", rpm:\"php55-odbc~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-enchant\", rpm:\"php55-enchant~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-xml\", rpm:\"php55-xml~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-soap\", rpm:\"php55-soap~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-fpm\", rpm:\"php55-fpm~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-gmp\", rpm:\"php55-gmp~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-xmlrpc\", rpm:\"php55-xmlrpc~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-opcache\", rpm:\"php55-opcache~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-process\", rpm:\"php55-process~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-debuginfo\", rpm:\"php55-debuginfo~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mcrypt\", rpm:\"php55-mcrypt~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55\", rpm:\"php55~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-devel\", rpm:\"php55-devel~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-imap\", rpm:\"php55-imap~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mssql\", rpm:\"php55-mssql~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mysqlnd\", rpm:\"php55-mysqlnd~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-recode\", rpm:\"php55-recode~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-tidy\", rpm:\"php55-tidy~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-intl\", rpm:\"php55-intl~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-gd\", rpm:\"php55-gd~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2017-07-24T12:52:31"}, {"bulletin": {"id": "OPENVAS:1361412562310120396", "hash": "df2d4e523072e2ad425863724009d9bc89b0ae828bd50648410a41cccb9e4a04", "type": "openvas", "bulletinFamily": "scanner", "title": "Amazon Linux Local Check: alas-2015-602", "description": "Amazon Linux Local Security Checks", "published": "2015-10-22T00:00:00", "modified": "2018-10-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120396", "reporter": "Eero Volotinen", "references": ["https://alas.aws.amazon.com/ALAS-2015-602.html"], "cvelist": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "lastseen": "2018-10-02T14:31:01", "history": [], "viewCount": 2, "enchantments": {"dependencies": {"modified": "2018-10-02T14:31:01", "references": [{"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511", "SECURITYVULNS:DOC:32651", "SECURITYVULNS:VULN:14753"], "type": "securityvulns"}, {"idList": ["ALAS-2017-788", "ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["SUSE-SU-2016:1145-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1581-1"], "type": "suse"}, {"idList": ["KLA10929"], "type": "kaspersky"}, {"idList": ["DEBIAN:DSA-3380-1:F94D6", "DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["H1:103996", "H1:103998", "H1:103997", "H1:103990", "H1:103995", "H1:104008"], "type": "hackerone"}, {"idList": ["SSA-2015-274-02", "SSA-2016-034-04"], "type": "slackware"}, {"idList": ["EDB-ID:38120", "EDB-ID:38123", "EDB-ID:38122"], "type": "exploitdb"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["USN-2786-1", "USN-2758-1"], "type": "ubuntu"}, {"idList": ["ALA_ALAS-2015-602.NASL", "FREEBSD_PKG_C1DA8B756AEF11E59909002590263BF5.NASL", "UBUNTU_USN-2786-1.NASL", "PHP_5_5_30.NASL", "SLACKWARE_SSA_2016-034-04.NASL", "OPENSUSE-2016-100.NASL", "PHP_5_6_13.NASL", "ALA_ALAS-2015-601.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "DEBIAN_DSA-3380.NASL"], "type": "nessus"}, {"idList": ["PACKETSTORM:134949", "PACKETSTORM:138812"], "type": "packetstorm"}, {"idList": ["C1DA8B75-6AEF-11E5-9909-002590263BF5", "3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["OPENVAS:1361412562310806649", "OPENVAS:1361412562310703358", "OPENVAS:1361412562310806648", "OPENVAS:703380", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310842508", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310703380"], "type": "openvas"}, {"idList": ["CVE-2015-6834", "CVE-2015-7803", "CVE-2015-6835", "CVE-2015-7804"], "type": "cve"}, {"idList": ["SOL17377", "F5:K17503", "F5:K17377", "SOL17503"], "type": "f5"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310120396", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2015-602.nasl 6575 2017-07-06 13:42:08Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120396\");\n script_version(\"$Revision: 11711 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-22 08:25:44 +0300 (Thu, 22 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 14:30:57 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: alas-2015-602\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in PHP. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update php55 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-602.html\");\n script_cve_id(\"CVE-2015-7803\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-7804\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"php55-embedded\", rpm:\"php55-embedded~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-bcmath\", rpm:\"php55-bcmath~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-snmp\", rpm:\"php55-snmp~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-cli\", rpm:\"php55-cli~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mbstring\", rpm:\"php55-mbstring~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-ldap\", rpm:\"php55-ldap~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-pgsql\", rpm:\"php55-pgsql~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-pdo\", rpm:\"php55-pdo~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-pspell\", rpm:\"php55-pspell~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-dba\", rpm:\"php55-dba~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-common\", rpm:\"php55-common~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-odbc\", rpm:\"php55-odbc~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-enchant\", rpm:\"php55-enchant~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-xml\", rpm:\"php55-xml~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-soap\", rpm:\"php55-soap~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-fpm\", rpm:\"php55-fpm~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-gmp\", rpm:\"php55-gmp~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-xmlrpc\", rpm:\"php55-xmlrpc~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-opcache\", rpm:\"php55-opcache~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-process\", rpm:\"php55-process~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-debuginfo\", rpm:\"php55-debuginfo~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mcrypt\", rpm:\"php55-mcrypt~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55\", rpm:\"php55~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-devel\", rpm:\"php55-devel~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-imap\", rpm:\"php55-imap~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mssql\", rpm:\"php55-mssql~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-mysqlnd\", rpm:\"php55-mysqlnd~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-recode\", rpm:\"php55-recode~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-tidy\", rpm:\"php55-tidy~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-intl\", rpm:\"php55-intl~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"php55-gd\", rpm:\"php55-gd~5.5.30~1.110.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Amazon Linux Local Security Checks"}, "differentElements": ["cvss"], "edition": 6, "lastseen": "2018-10-02T14:31:01"}], "viewCount": 8, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["SOL17503", "F5:K17377", "F5:K17503", "SOL17377"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310806649", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310808617", "OPENVAS:703380", "OPENVAS:1361412562311220191543", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310869939", "OPENVAS:703358", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310842508", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310120660", "OPENVAS:1361412562310806648", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310703380"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-6834", "UB:CVE-2015-7804", "UB:CVE-2015-7803", "UB:CVE-2015-6835"]}, {"type": "cve", "idList": ["CVE-2015-6835", "CVE-2015-6834", "CVE-2015-7803", "CVE-2015-7804"]}, {"type": "nessus", "idList": ["FEDORA_2015-14978.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2015-601.NASL", "WEB_APPLICATION_SCANNING_98806", "FREEBSD_PKG_C1DA8B756AEF11E59909002590263BF5.NASL", "GENTOO_GLSA-201606-10.NASL", "SLACKWARE_SSA_2016-034-04.NASL", "OPENSUSE-2016-100.NASL", "WEB_APPLICATION_SCANNING_98805", "SUSE_SU-2015-1633-1.NASL", "PHP_5_6_13.NASL", "DEBIAN_DSA-3358.NASL", "DEBIAN_DSA-3380.NASL", "EULEROS_SA-2019-1543.NASL", "8956.PRM", "UBUNTU_USN-2786-1.NASL", "FEDORA_2015-14977.NASL", "SUSE_SU-2016-1145-1.NASL", "ALA_ALAS-2016-670.NASL", "PHP_5_5_29.NASL", "UBUNTU_USN-2758-1.NASL", "PHP_5_6_14.NASL", "OPENSUSE-2015-609.NASL", "F5_BIGIP_SOL17377.NASL", "PHP_5_4_45.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "DEBIAN_DLA-341.NASL", "FEDORA_2015-14976.NASL", "OPENSUSE-2016-157.NASL", "ALA_ALAS-2015-602.NASL", "PHP_5_5_30.NASL", "SUSE_SU-2016-0284-1.NASL", "8861.PRM"]}, {"type": "amazon", "idList": ["ALAS-2015-601", "ALAS-2015-602", "ALAS-2017-788", "ALAS-2016-670"]}, {"type": "freebsd", "idList": ["C1DA8B75-6AEF-11E5-9909-002590263BF5", "3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32651", "SECURITYVULNS:DOC:32511", "SECURITYVULNS:VULN:14753"]}, {"type": "debian", "idList": ["DEBIAN:DLA-341-1:DA682", "DEBIAN:DSA-3380-1:F94D6", "DEBIAN:DSA-3358-1:5263D"]}, {"type": "ubuntu", "idList": ["USN-2758-1", "USN-2786-1"]}, {"type": "slackware", "idList": ["SSA-2015-274-02", "SSA-2016-034-04"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "fedora", "idList": ["FEDORA:F0C5861361B0", "FEDORA:90BE461976AB", "FEDORA:02C1260F4011"]}, {"type": "hackerone", "idList": ["H1:103996", "H1:103990", "H1:104008", "H1:103997", "H1:103998", "H1:103995"]}, {"type": "exploitdb", "idList": ["EDB-ID:38122", "EDB-ID:38123", "EDB-ID:38120"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1633-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2016:1145-1"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-9936"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:138812", "PACKETSTORM:134949"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6B7BF45056E8E056621094C0740275CB"]}], "modified": "2020-03-17T22:59:14", "rev": 2}, "score": {"value": 7.8, "vector": "NONE", "modified": "2020-03-17T22:59:14", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310120396", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120396\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-10-22 08:25:44 +0300 (Thu, 22 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-602)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in PHP. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update php55 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-602.html\");\n script_cve_id(\"CVE-2015-7803\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-7804\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php55-embedded\", rpm:\"php55-embedded~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-bcmath\", rpm:\"php55-bcmath~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-snmp\", rpm:\"php55-snmp~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-cli\", rpm:\"php55-cli~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mbstring\", rpm:\"php55-mbstring~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-ldap\", rpm:\"php55-ldap~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pgsql\", rpm:\"php55-pgsql~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pdo\", rpm:\"php55-pdo~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pspell\", rpm:\"php55-pspell~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-dba\", rpm:\"php55-dba~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-common\", rpm:\"php55-common~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-odbc\", rpm:\"php55-odbc~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-enchant\", rpm:\"php55-enchant~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-xml\", rpm:\"php55-xml~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-soap\", rpm:\"php55-soap~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-fpm\", rpm:\"php55-fpm~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-gmp\", rpm:\"php55-gmp~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-xmlrpc\", rpm:\"php55-xmlrpc~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-opcache\", rpm:\"php55-opcache~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-process\", rpm:\"php55-process~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-debuginfo\", rpm:\"php55-debuginfo~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mcrypt\", rpm:\"php55-mcrypt~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55\", rpm:\"php55~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-devel\", rpm:\"php55-devel~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-imap\", rpm:\"php55-imap~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mssql\", rpm:\"php55-mssql~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mysqlnd\", rpm:\"php55-mysqlnd~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-recode\", rpm:\"php55-recode~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-tidy\", rpm:\"php55-tidy~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-intl\", rpm:\"php55-intl~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-gd\", rpm:\"php55-gd~5.5.30~1.110.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Amazon Linux Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310807091", "hash": "ae6f5ed7fb1f2f24454165d25d439079", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)", "description": "This host is installed with PHP and is prone\n to remote code execution vulnerability.", "published": "2016-03-01T00:00:00", "modified": "2018-11-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807091", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["https://bugs.php.net/bug.php?id=70388", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2015-6836"], "lastseen": "2019-05-29T18:35:34", "history": [{"bulletin": {"id": "OPENVAS:1361412562310807091", "hash": "46dcee2b3d6233e26ab8dda38f49b5dae69ed5621aefd74840bcc8f3efe60d21", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)", "description": "This host is installed with PHP and is prone\n to remote code execution vulnerability.", "published": "2016-03-01T00:00:00", "modified": "2018-07-09T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807091", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["https://bugs.php.net/bug.php?id=70388", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2015-6836"], "lastseen": "2018-08-30T19:21:20", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310807091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_type_confusion_rce_vuln_mar16_win.nasl 2016-03-01 16:56:54Z March$\n#\n# PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807091\");\n script_version(\"$Revision: 10457 $\");\n script_cve_id(\"CVE-2015-6836\");\n script_bugtraq_id(76644);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 08:23:47 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-01 16:56:54 +0530 (Tue, 01 Mar 2016)\");\n script_name(\"PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to remote code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to 'SoapClient __call'\n method in 'ext/soap/soap.c' scripr does not properly manage headers.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow\n remote attackers to execute arbitrary code in the context of the user\n running the affected application. Failed exploit attempts will likely cause\n a denial-of-service condition.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP versions before 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29, or\n 5.6.13 or later.\n For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"https://bugs.php.net/bug.php?id=70388\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.6.13\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.5.29\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:21:20"}, {"bulletin": {"id": "OPENVAS:1361412562310807091", "hash": "bf0f066c8fffd8b9c45bc76d7d565c83daa26debf922f25d7f7228dfb911f0b9", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)", "description": "This host is installed with PHP and is prone\n to remote code execution vulnerability.", "published": "2016-03-01T00:00:00", "modified": "2018-11-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807091", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["https://bugs.php.net/bug.php?id=70388", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2015-6836"], "lastseen": "2018-11-16T12:55:18", "history": [], "viewCount": 2, "enchantments": {"dependencies": {"modified": "2018-11-16T12:55:18", "references": [{"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["CVE-2015-6836"], "type": "cve"}, {"idList": ["KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["SOL17377", "F5:K17377"], "type": "f5"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["H1:104010"], "type": "hackerone"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["FEDORA_2015-14978.NASL", "SUSE_SU-2015-1818-1.NASL", "FEDORA_2015-14976.NASL", "PHP_5_5_29.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "PHP_5_4_45.NASL", "FEDORA_2015-14977.NASL", "SUSE_SU-2015-1701-1.NASL", "DEBIAN_DSA-3358.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310813191", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310807505", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310842472"], "type": "openvas"}, {"idList": ["ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310807091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_type_confusion_rce_vuln_mar16_win.nasl 2016-03-01 16:56:54Z March$\n#\n# PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807091\");\n script_version(\"$Revision: 12363 $\");\n script_cve_id(\"CVE-2015-6836\");\n script_bugtraq_id(76644);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-15 10:51:15 +0100 (Thu, 15 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-01 16:56:54 +0530 (Tue, 01 Mar 2016)\");\n script_name(\"PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to remote code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to 'SoapClient __call'\n method in 'ext/soap/soap.c' scripr does not properly manage headers.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow\n remote attackers to execute arbitrary code in the context of the user\n running the affected application. Failed exploit attempts will likely cause\n a denial-of-service condition.\");\n\n script_tag(name:\"affected\", value:\"PHP versions before 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29, or\n 5.6.13 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"https://bugs.php.net/bug.php?id=70388\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.6.13\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.5.29\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 6, "lastseen": "2018-11-16T12:55:18"}, {"bulletin": {"id": "OPENVAS:1361412562310807091", "hash": "c703c4884ac4c92a46ec34355b7f13c6486742a20af569ebfa946e52db5f3044", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)", "description": "This host is installed with PHP and is prone\n to remote code execution vulnerability.", "published": "2016-03-01T00:00:00", "modified": "2018-07-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807091", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["https://bugs.php.net/bug.php?id=70388", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2015-6836"], "lastseen": "2018-09-01T23:47:44", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310807091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_type_confusion_rce_vuln_mar16_win.nasl 2016-03-01 16:56:54Z March$\n#\n# PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807091\");\n script_version(\"$Revision: 10457 $\");\n script_cve_id(\"CVE-2015-6836\");\n script_bugtraq_id(76644);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 08:23:47 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-01 16:56:54 +0530 (Tue, 01 Mar 2016)\");\n script_name(\"PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to remote code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to 'SoapClient __call'\n method in 'ext/soap/soap.c' scripr does not properly manage headers.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow\n remote attackers to execute arbitrary code in the context of the user\n running the affected application. Failed exploit attempts will likely cause\n a denial-of-service condition.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP versions before 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29, or\n 5.6.13 or later.\n For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"https://bugs.php.net/bug.php?id=70388\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.6.13\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.5.29\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses"}, "differentElements": ["modified", "sourceData"], "edition": 5, "lastseen": "2018-09-01T23:47:44"}, {"bulletin": {"id": "OPENVAS:1361412562310807091", "hash": "24c17a21fa3d90dfa9819057b3a52141a8c3a1c594167a2558752fea7a901513", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)", "description": "This host is installed with PHP and is prone\n to remote code execution vulnerability.", "published": "2016-03-01T00:00:00", "modified": "2017-01-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807091", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["https://bugs.php.net/bug.php?id=70388", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2015-6836"], "lastseen": "2017-07-02T21:13:12", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310807091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_type_confusion_rce_vuln_mar16_win.nasl 2016-03-01 16:56:54Z March$\n#\n# PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807091\");\n script_version(\"$Revision: 5083 $\");\n script_cve_id(\"CVE-2015-6836\");\n script_bugtraq_id(76644);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-24 12:21:46 +0100 (Tue, 24 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-01 16:56:54 +0530 (Tue, 01 Mar 2016)\");\n script_name(\"PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to remote code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to 'SoapClient __call' \n method in 'ext/soap/soap.c' scripr does not properly manage headers.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow\n remote attackers to execute arbitrary code in the context of the user \n running the affected application. Failed exploit attempts will likely cause \n a denial-of-service condition.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP versions before 5.4.45, 5.5.x before \n 5.5.29, and 5.6.x before 5.6.13 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29, or \n 5.6.13 or later.\n For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"https://bugs.php.net/bug.php?id=70388\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\",\"Host/runs_windows\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n## Variable Initialization\nphpPort = \"\";\nphpVer = \"\";\n\n## exit, if its not Windows\nif(host_runs(\"Windows\") != \"yes\") exit(0);\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\n## Check for version before 5.4.45\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\n## Check for version 5.6.x before 5.6.13\nelse if(phpVer =~ \"^(5\\.6)\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.6.13\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\n## Check for version 5.5.x before 5.5.29\nelse if(phpVer =~ \"^(5\\.5)\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.5.29\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses"}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:13:12"}, {"bulletin": {"id": "OPENVAS:1361412562310807091", "hash": "ef470eec7133cfe363e7a2e018ed2276dbf176868e08cc2620574bc09eae7915", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)", "description": "This host is installed with PHP and is prone\n to remote code execution vulnerability.", "published": "2016-03-01T00:00:00", "modified": "2017-10-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807091", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["https://bugs.php.net/bug.php?id=70388", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2015-6836"], "lastseen": "2017-10-25T14:43:01", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310807091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_type_confusion_rce_vuln_mar16_win.nasl 2016-03-01 16:56:54Z March$\n#\n# PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807091\");\n script_version(\"$Revision: 7545 $\");\n script_cve_id(\"CVE-2015-6836\");\n script_bugtraq_id(76644);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-10-24 13:45:30 +0200 (Tue, 24 Oct 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-01 16:56:54 +0530 (Tue, 01 Mar 2016)\");\n script_name(\"PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to remote code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to 'SoapClient __call' \n method in 'ext/soap/soap.c' scripr does not properly manage headers.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow\n remote attackers to execute arbitrary code in the context of the user \n running the affected application. Failed exploit attempts will likely cause \n a denial-of-service condition.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP versions before 5.4.45, 5.5.x before \n 5.5.29, and 5.6.x before 5.6.13 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29, or \n 5.6.13 or later.\n For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"https://bugs.php.net/bug.php?id=70388\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\",\"Host/runs_windows\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n## Variable Initialization\nphpPort = \"\";\nphpVer = \"\";\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\n## Check for version before 5.4.45\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\n## Check for version 5.6.x before 5.6.13\nelse if(phpVer =~ \"^(5\\.6)\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.6.13\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\n## Check for version 5.5.x before 5.5.29\nelse if(phpVer =~ \"^(5\\.5)\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.5.29\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses"}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-25T14:43:01"}], "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2015-6836"]}, {"type": "cve", "idList": ["CVE-2015-6836"]}, {"type": "f5", "idList": ["F5:K17377", "SOL17377"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120660", "OPENVAS:1361412562310869941", "OPENVAS:703358", "OPENVAS:1361412562311220191543", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310813191", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310807505", "OPENVAS:1361412562310703358"]}, {"type": "hackerone", "idList": ["H1:104010"]}, {"type": "nessus", "idList": ["PHP_5_5_29.NASL", "SUSE_SU-2015-1633-1.NASL", "PHP_5_5_28.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "OPENSUSE-2015-609.NASL", "MACOSX_10_11_1.NASL", "WEB_APPLICATION_SCANNING_98805", "FEDORA_2015-14977.NASL", "MACOSX_SECUPD2015-007.NASL", "FEDORA_2015-14978.NASL", "PHP_5_6_13.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "UBUNTU_USN-2758-1.NASL", "F5_BIGIP_SOL17377.NASL", "SUSE_SU-2016-1638-1.NASL", "PHP_5_4_45.NASL", "EULEROS_SA-2019-1543.NASL", "DEBIAN_DLA-341.NASL", "GENTOO_GLSA-201606-10.NASL", "SUSE_SU-2015-1818-1.NASL", "ALA_ALAS-2016-670.NASL", "8861.PRM", "ALA_ALAS-2015-601.NASL", "ALA_ALAS-2015-602.NASL", "DEBIAN_DSA-3358.NASL", "SUSE_SU-2015-1701-1.NASL", "9324.PRM", "FEDORA_2015-14976.NASL"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1701-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2015:1818-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32566", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:VULN:14694", "SECURITYVULNS:DOC:32511"]}, {"type": "fedora", "idList": ["FEDORA:F0C5861361B0", "FEDORA:02C1260F4011", "FEDORA:90BE461976AB"]}, {"type": "debian", "idList": ["DEBIAN:DLA-341-1:DA682", "DEBIAN:DSA-3358-1:5263D"]}, {"type": "amazon", "idList": ["ALAS-2015-601", "ALAS-2016-670", "ALAS-2015-602"]}, {"type": "slackware", "idList": ["SSA-2015-274-02"]}, {"type": "freebsd", "idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"]}, {"type": "kaspersky", "idList": ["KLA10747", "KLA10746"]}, {"type": "ubuntu", "idList": ["USN-2758-1"]}, {"type": "redhat", "idList": ["RHSA-2016:0457"]}, {"type": "gentoo", "idList": ["GLSA-201606-10"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1605798462"]}], "modified": "2019-05-29T18:35:34", "rev": 2}, "score": {"value": 7.6, "vector": "NONE", "modified": "2019-05-29T18:35:34", "rev": 2}}, "objectVersion": "1.5", "pluginID": "1361412562310807091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_type_confusion_rce_vuln_mar16_win.nasl 2016-03-01 16:56:54Z March$\n#\n# PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807091\");\n script_version(\"$Revision: 12363 $\");\n script_cve_id(\"CVE-2015-6836\");\n script_bugtraq_id(76644);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-15 10:51:15 +0100 (Thu, 15 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-01 16:56:54 +0530 (Tue, 01 Mar 2016)\");\n script_name(\"PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to remote code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to 'SoapClient __call'\n method in 'ext/soap/soap.c' scripr does not properly manage headers.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow\n remote attackers to execute arbitrary code in the context of the user\n running the affected application. Failed exploit attempts will likely cause\n a denial-of-service condition.\");\n\n script_tag(name:\"affected\", value:\"PHP versions before 5.4.45, 5.5.x before\n 5.5.29, and 5.6.x before 5.6.13 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29, or\n 5.6.13 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"https://bugs.php.net/bug.php?id=70388\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.6.13\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^5\\.5\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.5.29\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:1361412562310807505", "hash": "6a635e54d7caa5e8bf1bc9363d0d1498", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Linux)", "description": "This host is installed with PHP and is prone\n to remote code execution vulnerability.", "published": "2016-03-01T00:00:00", "modified": "2018-11-20T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807505", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["https://bugs.php.net/bug.php?id=70388", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2015-6836"], "lastseen": "2019-05-29T18:35:18", "history": [{"bulletin": {"id": "OPENVAS:1361412562310807505", "hash": "ad76eabae6832fc8caba2bdfe4c880deb2aa71addc868c3f4304feb365a8a687", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Linux)", "description": "This host is installed with PHP and is prone\n to remote code execution vulnerability.", "published": "2016-03-01T00:00:00", "modified": "2017-01-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807505", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["https://bugs.php.net/bug.php?id=70388", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2015-6836"], "lastseen": "2017-07-02T21:13:02", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310807505", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_type_confusion_rce_vuln_mar16_lin.nasl 2016-03-01 16:56:54Z March$\n#\n# PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807505\");\n script_version(\"$Revision: 5083 $\");\n script_cve_id(\"CVE-2015-6836\");\n script_bugtraq_id(76644);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-24 12:21:46 +0100 (Tue, 24 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-01 16:56:54 +0530 (Tue, 01 Mar 2016)\");\n script_name(\"PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to remote code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to 'SoapClient __call' \n method in 'ext/soap/soap.c' scripr does not properly manage headers.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow\n remote attackers to execute arbitrary code in the context of the user \n running the affected application. Failed exploit attempts will likely cause \n a denial-of-service condition.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP versions before 5.4.45, 5.5.x before \n 5.5.29, and 5.6.x before 5.6.13 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29, or \n 5.6.13 or later.\n For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"https://bugs.php.net/bug.php?id=70388\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\",\"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n## Variable Initialization\nphpPort = \"\";\nphpVer = \"\";\n\n## exit, if its Windows\nif(host_runs(\"Windows\") == \"yes\") exit(0);\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\n## Check for version before 5.4.45\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\n## Check for version 5.6.x before 5.6.13\nelse if(phpVer =~ \"^(5\\.6)\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.6.13\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\n## Check for version 5.5.x before 5.5.29\nelse if(phpVer =~ \"^(5\\.5)\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.5.29\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses"}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:13:02"}, {"bulletin": {"id": "OPENVAS:1361412562310807505", "hash": "7cfc4c4dc5580cf65e81da0a798c723f4519449e4e63c723296dea0fe67170f7", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Linux)", "description": "This host is installed with PHP and is prone\n to remote code execution vulnerability.", "published": "2016-03-01T00:00:00", "modified": "2017-10-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807505", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["https://bugs.php.net/bug.php?id=70388", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2015-6836"], "lastseen": "2017-10-25T14:42:36", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310807505", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_type_confusion_rce_vuln_mar16_lin.nasl 2016-03-01 16:56:54Z March$\n#\n# PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807505\");\n script_version(\"$Revision: 7545 $\");\n script_cve_id(\"CVE-2015-6836\");\n script_bugtraq_id(76644);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-10-24 13:45:30 +0200 (Tue, 24 Oct 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-01 16:56:54 +0530 (Tue, 01 Mar 2016)\");\n script_name(\"PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to remote code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Get the installed version with the help\n of detect NVT and check the version is vulnerable or not.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to 'SoapClient __call' \n method in 'ext/soap/soap.c' scripr does not properly manage headers.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow\n remote attackers to execute arbitrary code in the context of the user \n running the affected application. Failed exploit attempts will likely cause \n a denial-of-service condition.\n\n Impact Level: Application\");\n\n script_tag(name:\"affected\", value:\"PHP versions before 5.4.45, 5.5.x before \n 5.5.29, and 5.6.x before 5.6.13 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.45, or 5.5.29, or \n 5.6.13 or later.\n For updates refer to http://www.php.net\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"https://bugs.php.net/bug.php?id=70388\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\",\"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n## Variable Initialization\nphpPort = \"\";\nphpVer = \"\";\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\n## Check for version before 5.4.45\nif(version_is_less(version:phpVer, test_version:\"5.4.45\"))\n{\n fix = '5.4.45';\n VULN = TRUE;\n}\n\n## Check for version 5.6.x before 5.6.13\nelse if(phpVer =~ \"^(5\\.6)\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.6.13\"))\n {\n fix = '5.6.13';\n VULN = TRUE;\n }\n}\n\n## Check for version 5.5.x before 5.5.29\nelse if(phpVer =~ \"^(5\\.5)\")\n{\n if(version_is_less(version:phpVer, test_version:\"5.5.29\"))\n {\n fix = '5.5.29';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "naslFamily": "Web application abuses"}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-25T14:42:36"}, {"bulletin": {"id": "OPENVAS:1361412562310807505", "hash": "8bbaed7d7149ba338500b0dd08d6ceb2d7d43843f3bf35c4b7300a2ff00e29e8", "type": "openvas", "bulletinFamily": "scanner", "title": "PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Linux)", "description": "This host is installed with PHP and is prone\n to remote code execution vulnerability.", "published": "2016-03-01T00:00:00", "modified": "2018-11-20T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807505", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["https://bugs.php.net/bug.php?id=70388", "http://www.php.net/ChangeLog-5.php"], "cvelist": ["CVE-2015-6836"], "lastseen": "2018-11-21T13:04:55", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2018-11-21T13:04:55", "references": [{"idList": ["SUSE-SU-2015:1818-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2016:1638-1", "OPENSUSE-SU-2015:1628-1", "SUSE-SU-2015:1701-1"], "type": "suse"}, {"idList": ["DEBIAN:DSA-3358-1:5263D", "DEBIAN:DLA-341-1:DA682"], "type": "debian"}, {"idList": ["SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32511"], "type": "securityvulns"}, {"idList": ["CVE-2015-6836"], "type": "cve"}, {"idList": ["KLA10747", "KLA10746"], "type": "kaspersky"}, {"idList": ["SOL17377", "F5:K17377"], "type": "f5"}, {"idList": ["RHSA-2016:0457"], "type": "redhat"}, {"idList": ["OPENVAS:1361412562310703358", "OPENVAS:1361412562310807091", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310813191", "OPENVAS:1361412562310120660", "OPENVAS:703358", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310842472"], "type": "openvas"}, {"idList": ["H1:104010"], "type": "hackerone"}, {"idList": ["3D675519-5654-11E5-9AD8-14DAE9D210B8"], "type": "freebsd"}, {"idList": ["GLSA-201606-10"], "type": "gentoo"}, {"idList": ["FEDORA_2015-14978.NASL", "SUSE_SU-2015-1818-1.NASL", "FEDORA_2015-14976.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "FEDORA_2015-14977.NASL", "SUSE_SU-2015-1701-1.NASL", "PHP_5_6_13.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "ALA_ALAS-2016-670.NASL", "F5_BIGIP_SOL17377.NASL"], "type": "nessus"}, {"idList": ["SSA-2015-274-02"], "type": "slackware"}, {"idList": ["ALAS-2015-602", "ALAS-2015-601", "ALAS-2016-670"], "type": "amazon"}, {"idList": ["USN-2758-1"], "type": "ubuntu"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310807505", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_type_confusion_rce_vuln_mar16_lin.nasl 2016-03-01 16:56:54Z March$\n#\n# PHP 'serialize_function_call' Function Type Confusion Vulnerability - Mar16 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807505\");\n script_version(\"$Revision: 12431 $\");\n script_cve_id(\"CVE-2015-6836\");\n sc
