{"id": "SECURITYVULNS:VULN:13993", "bulletinFamily": "software", "title": "HP System Management Homepage multiple security vulnerabilities", "description": "DoS, XSS, CSRF, clickjacking, unauthorized access, information leakage.", "published": "2014-10-15T00:00:00", "modified": "2014-10-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13993", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:31138", "https://vulners.com/securityvulns/securityvulns:doc:31214"], "cvelist": ["CVE-2014-2641", "CVE-2013-6422", "CVE-2014-2640", "CVE-2014-2642", "CVE-2013-6420", "CVE-2014-7874", "CVE-2013-6712", "CVE-2013-4545"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:57", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "e68d45e659cbcb06068e493ea28dbb35"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "a47138bf85f35b780b0698b8d4c24a08"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "9beb809445a18acf25bb1f31097ad54b"}, {"key": "href", "hash": "9cf1419619f419fcc1016738b816872e"}, {"key": "modified", "hash": "5cb566ab587286cf523f4cd33a5ffa84"}, {"key": "published", "hash": "5cb566ab587286cf523f4cd33a5ffa84"}, {"key": "references", "hash": "eef38324e78847b96d9868e78a094e76"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "6d31949e0b45edeee3513269c99e6d37"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "03d2d0ed8f5041bc75f96a8e8193792f3b9a9879a7b621a50fbd19506c13a56e", "viewCount": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2018-08-31T11:09:57"}, "dependencies": {"references": [{"type": "nessus", "idList": ["HPSMH_7_4.NASL", "DEBIAN_DSA-2816.NASL", "UBUNTU_USN-2055-1.NASL", "OPENSUSE-2013-1032.NASL", "MANDRIVA_MDVSA-2014-014.NASL", "SUSE_SU-2014-0064-1.NASL", "SUSE_11_APACHE2-MOD_PHP53-131218.NASL", "SOLARIS11_PHP_20140522.NASL", "MANDRIVA_MDVSA-2013-276.NASL", "DEBIAN_DSA-2798.NASL"]}, {"type": "kaspersky", "idList": ["KLA10458"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31138", "SECURITYVULNS:VULN:13420", "SECURITYVULNS:DOC:30264", "SECURITYVULNS:DOC:31214", "SECURITYVULNS:DOC:30021", "SECURITYVULNS:VULN:13542", "SECURITYVULNS:DOC:30129"]}, {"type": "cve", "idList": ["CVE-2014-7874", "CVE-2013-4545", "CVE-2013-6422", "CVE-2013-6712", "CVE-2013-6420", "CVE-2014-2642", "CVE-2014-2641", "CVE-2014-2640"]}, {"type": "f5", "idList": ["SOL15110", "SOL15150"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310804858", "OPENVAS:841659", "OPENVAS:702816", "OPENVAS:1361412562310702816", "OPENVAS:1361412562310841659", "OPENVAS:841658", "OPENVAS:1361412562310892798", "OPENVAS:1361412562310867302", "OPENVAS:867097", "OPENVAS:1361412562310841658"]}, {"type": "ubuntu", "idList": ["USN-2055-1", "USN-2048-1", "USN-2058-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2816-1:9C993", "DEBIAN:DSA-2798-1:7716A", "DEBIAN:DSA-2798-2:B3298", "DEBIAN:DSA-2824-1:9EFF8"]}, {"type": "freebsd", "idList": ["4E1F4ABC-6837-11E3-9CDA-3C970E169BC2", "47B4E713-6513-11E3-868F-0025905A4771"]}, {"type": "centos", "idList": ["CESA-2013:1813"]}, {"type": "amazon", "idList": ["ALAS-2013-263", "ALAS-2013-262", "ALAS-2013-264"]}, {"type": "redhat", "idList": ["RHSA-2013:1813", "RHSA-2013:1826", "RHSA-2013:1815", "RHSA-2013:1825", "RHSA-2013:1824"]}, {"type": "slackware", "idList": ["SSA-2014-013-03"]}, {"type": "seebug", "idList": ["SSV:61173"]}, {"type": "cert", "idList": ["VU:125228"]}, {"type": "zdt", "idList": ["1337DAY-ID-21682"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:124436"]}], "modified": "2018-08-31T11:09:57"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "affectedSoftware": [{"name": "HP System Management Homepage", "operator": "eq", "version": "7.3"}]}

{"kaspersky": [{"lastseen": "2019-02-19T17:02:36", "bulletinFamily": "info", "description": "### *Detect date*:\n01/10/2014\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities was found in HP SMH. By exploiting these vulnerabilities malicious users can conduct XSS, CSRF and clicjacking attacks via unspecified vectors. These vulnerabilities can be exploited remotely.\n\n### *Affected products*:\nHP System Management Homepage (SMH) versions earlier than 7.4\n\n### *Solution*:\nUpdate to latest version \n[Get HP SMH](<http://www8.hp.com/us/en/products/server-software/product-detail.html?oid=344313>)\n\n### *Original advisories*:\n[HP bulletin](<https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04463322>) \n\n\n### *Impacts*:\nXSSCSS \n\n### *Related products*:\n[HP System Management Homepage](<https://threats.kaspersky.com/en/product/HP-System-Management-Homepage/>)\n\n### *CVE-IDS*:\n[CVE-2013-6712](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6712>) \n[CVE-2013-6422](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6422>) \n[CVE-2014-2641](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2641>) \n[CVE-2014-2640](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2640>) \n[CVE-2014-2642](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2642>) \n[CVE-2013-6420](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420>) \n[CVE-2013-4545](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4545>)", "modified": "2019-02-15T00:00:00", "published": "2014-01-10T00:00:00", "id": "KLA10458", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10458", "title": "\r KLA10458Multiple vulnerabilities in HP SMH ", "type": "kaspersky", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:22:29", "bulletinFamily": "scanner", "description": "According to the web server's banner, the version of HP System Management Homepage (SMH) hosted on the remote web server is affected by the following vulnerabilities :\n\n - A flaw exists within the included cURL that disables the 'CURLOPT_SSLVERIFYHOST' check when the setting on 'CURLOPT_SSL_VERIFYPEER' is disabled. This can allow a remote attacker to disable SSL certificate host name checks. (CVE-2013-4545)\n\n - A flaw exists in the included PHP 'openssl_x509_parse' function due to user input not being properly sanitized.\n Using a specially crafted certificate, a remote attacker can exploit this to cause a denial of service or execute arbitrary code. (CVE-2013-6420)\n\n - A flaw exists within the included cURL where the verification check for the CN and SAN name fields is skipped due to the digital signature verification being disabled. A remote attacker can exploit this to spoof servers or conduct a man-in-the-middle attack.\n (CVE-2013-6422)\n\n - A flaw exists in the scan function within the included PHP 'ext/date/lib/parse_iso_intervals.c' script where user input is not properly sanitized. This can allow a remote attacker to cause a denial of service using a heap-based buffer overflow. (CVE-2013-6712)\n\n - An unspecified cross-site scripting flaw exists which can allow a remote attacker, using a specially crafted request, to execute arbitrary code within the browser / server trust relationship. (CVE-2014-2640)\n\n - An unspecified cross-site request forgery vulnerability exists. (CVE-2014-2641)\n\n - An unspecified vulnerability exists that can allow a remote attacker to conduct clickjacking attacks.\n (CVE-2014-2642)", "modified": "2018-11-15T00:00:00", "id": "HPSMH_7_4.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=78090", "published": "2014-10-08T00:00:00", "title": "HP System Management Homepage < 7.4 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78090);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/15 20:50:25\");\n\n script_cve_id(\n \"CVE-2013-4545\",\n \"CVE-2013-6420\",\n \"CVE-2013-6422\",\n \"CVE-2013-6712\",\n \"CVE-2014-2640\",\n \"CVE-2014-2641\",\n \"CVE-2014-2642\"\n );\n script_bugtraq_id(63776, 64018, 64225, 64431, 70206, 70208);\n script_xref(name:\"HP\", value:\"emr_na-c04463322\");\n script_xref(name:\"CERT\", value:\"125228\");\n\n script_name(english:\"HP System Management Homepage < 7.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the banner.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the web server's banner, the version of HP System\nManagement Homepage (SMH) hosted on the remote web server is affected\nby the following vulnerabilities :\n\n - A flaw exists within the included cURL that disables the\n 'CURLOPT_SSLVERIFYHOST' check when the setting on\n 'CURLOPT_SSL_VERIFYPEER' is disabled. This can allow a\n remote attacker to disable SSL certificate host name\n checks. (CVE-2013-4545)\n\n - A flaw exists in the included PHP 'openssl_x509_parse'\n function due to user input not being properly sanitized.\n Using a specially crafted certificate, a remote attacker\n can exploit this to cause a denial of service or execute\n arbitrary code. (CVE-2013-6420)\n\n - A flaw exists within the included cURL where the\n verification check for the CN and SAN name fields is\n skipped due to the digital signature verification being\n disabled. A remote attacker can exploit this to spoof\n servers or conduct a man-in-the-middle attack.\n (CVE-2013-6422)\n\n - A flaw exists in the scan function within the included\n PHP 'ext/date/lib/parse_iso_intervals.c' script where\n user input is not properly sanitized. This can allow a\n remote attacker to cause a denial of service using a\n heap-based buffer overflow. (CVE-2013-6712)\n\n - An unspecified cross-site scripting flaw exists which\n can allow a remote attacker, using a specially crafted\n request, to execute arbitrary code within the\n browser / server trust relationship. (CVE-2014-2640)\n\n - An unspecified cross-site request forgery vulnerability\n exists. (CVE-2014-2641)\n\n - An unspecified vulnerability exists that can allow\n a remote attacker to conduct clickjacking attacks.\n (CVE-2014-2642)\");\n # https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c04463322\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?864fedac\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/533589/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to HP System Management Homepage 7.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/08\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:system_management_homepage\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"compaq_wbem_detect.nasl\", \"os_fingerprint.nasl\");\n script_require_keys(\"www/hp_smh\");\n script_require_ports(\"Services/www\", 2301, 2381);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nget_kb_item_or_exit(\"www/hp_smh\");\n\nport = get_http_port(default:2381, embedded:TRUE);\n\ninstall = get_install_from_kb(appname:'hp_smh', port:port, exit_on_fail:TRUE);\ndir = install['dir'];\nversion = install['ver'];\nprod = get_kb_item_or_exit(\"www/\"+port+\"/hp_smh/variant\");\n\nif (version == UNKNOWN_VER) exit(1, 'The version of '+prod+' installed at '+build_url(port:port, qs:dir+\"/\")+' is unknown.');\n\n# Only Linux and Windows are affected -- HP-UX is not mentioned\nif (report_paranoia < 2)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Windows\" >!< os && \"Linux\" >!< os) audit(AUDIT_OS_NOT, \"Windows or Linux\", os);\n}\n\n# nb: 'version' can have non-numeric characters in it so we'll create\n# an alternate form and make sure that's safe for use in 'ver_compare()'.\nversion_alt = ereg_replace(pattern:\"[_-]\", replace:\".\", string:version);\nif (!ereg(pattern:\"^[0-9][0-9.]+$\", string:version_alt)) exit(1, 'The version of '+prod+' installed at '+build_url(port:port, qs:dir+\"/\")+' does not look valid ('+version+').');\n\nfixed_version = '7.4';\nif (\n version_alt =~ \"^7\\.[34]([^0-9]|$)\" &&\n ver_compare(ver:version_alt, fix:fixed_version, strict:FALSE) == -1)\n{\n source_line = get_kb_item(\"www/\"+port+\"/hp_smh/source\");\n\n report = '\\n Product : ' + prod;\n if (!isnull(source_line))\n report += '\\n Version source : ' + source_line;\n report +=\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + \n '\\n';\n\n security_report_v4(severity:SECURITY_HOLE, port:port, extra:report, xss:TRUE, xsrf:TRUE);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, prod, port, version);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:20:31", "bulletinFamily": "scanner", "description": "Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The Common Vulnerabilities and Exposures project identifies the following issues :\n\n - CVE-2013-6420 Stefan Esser reported possible memory corruption in openssl_x509_parse().\n\n - CVE-2013-6712 Creating DateInterval objects from parsed ISO dates was not properly restricted, which allowed to cause a denial of service.\n\nIn addition, the update for Debian 7 'Wheezy' contains several bugfixes originally targeted for the upcoming Wheezy point release.", "modified": "2018-11-10T00:00:00", "id": "DEBIAN_DSA-2816.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=71402", "published": "2013-12-14T00:00:00", "title": "Debian DSA-2816-1 : php5 - several vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2816. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71402);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:36\");\n\n script_cve_id(\"CVE-2013-6420\", \"CVE-2013-6712\");\n script_bugtraq_id(64018, 64225);\n script_xref(name:\"DSA\", value:\"2816\");\n\n script_name(english:\"Debian DSA-2816-1 : php5 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. The Common\nVulnerabilities and Exposures project identifies the following issues\n:\n\n - CVE-2013-6420\n Stefan Esser reported possible memory corruption in\n openssl_x509_parse().\n\n - CVE-2013-6712\n Creating DateInterval objects from parsed ISO dates was\n not properly restricted, which allowed to cause a denial\n of service.\n\nIn addition, the update for Debian 7 'Wheezy' contains several\nbugfixes originally targeted for the upcoming Wheezy point release.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731895\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6420\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-6712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/php5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/php5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2816\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the php5 packages.\n\nFor the oldstable distribution (squeeze), these problems have been\nfixed in version 5.3.3-7+squeeze18.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 5.4.4-14+deb7u7.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php-pear\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cgi\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cli\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-common\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-curl\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dbg\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dev\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-enchant\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gd\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gmp\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-imap\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-interbase\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-intl\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-ldap\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mcrypt\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mysql\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-odbc\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pgsql\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pspell\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-recode\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-snmp\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sqlite\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sybase\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-tidy\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xmlrpc\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xsl\", reference:\"5.3.3-7+squeeze18\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-mod-php5\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libphp5-embed\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php-pear\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-cgi\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-cli\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-common\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-curl\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-dbg\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-dev\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-enchant\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-fpm\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-gd\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-gmp\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-imap\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-interbase\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-intl\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-ldap\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mcrypt\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mysql\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mysqlnd\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-odbc\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-pgsql\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-pspell\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-recode\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-snmp\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-sqlite\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-sybase\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-tidy\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-xmlrpc\", reference:\"5.4.4-14+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-xsl\", reference:\"5.4.4-14+deb7u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:20:31", "bulletinFamily": "scanner", "description": "Stefan Esser discovered that PHP incorrectly parsed certificates. An attacker could use a malformed certificate to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2013-6420)\n\nIt was discovered that PHP incorrectly handled DateInterval objects.\nAn attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2013-6712).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-2055-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=71394", "published": "2013-12-13T00:00:00", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 / 13.10 : php5 vulnerabilities (USN-2055-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2055-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71394);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/12/01 13:19:08\");\n\n script_cve_id(\"CVE-2013-6420\", \"CVE-2013-6712\");\n script_bugtraq_id(64018, 64225);\n script_xref(name:\"USN\", value:\"2055-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 / 13.10 : php5 vulnerabilities (USN-2055-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stefan Esser discovered that PHP incorrectly parsed certificates. An\nattacker could use a malformed certificate to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2013-6420)\n\nIt was discovered that PHP incorrectly handled DateInterval objects.\nAn attacker could use this issue to cause PHP to crash, resulting in a\ndenial of service. (CVE-2013-6712).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2055-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libapache2-mod-php5, php5-cgi and / or php5-cli\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|12\\.04|12\\.10|13\\.04|13\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 12.10 / 13.04 / 13.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.3.2-1ubuntu4.22\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.2-1ubuntu4.22\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-cli\", pkgver:\"5.3.2-1ubuntu4.22\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.3.10-1ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.10-1ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-cli\", pkgver:\"5.3.10-1ubuntu3.9\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.4.6-1ubuntu1.5\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"php5-cgi\", pkgver:\"5.4.6-1ubuntu1.5\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"php5-cli\", pkgver:\"5.4.6-1ubuntu1.5\")) flag++;\nif (ubuntu_check(osver:\"13.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.4.9-4ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"13.04\", pkgname:\"php5-cgi\", pkgver:\"5.4.9-4ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"13.04\", pkgname:\"php5-cli\", pkgver:\"5.4.9-4ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.5.3+dfsg-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"php5-cgi\", pkgver:\"5.5.3+dfsg-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"php5-cli\", pkgver:\"5.5.3+dfsg-1ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-mod-php5 / php5-cgi / php5-cli\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T17:00:44", "bulletinFamily": "scanner", "description": "- security update\n\n - CVE-2013-6420.patch [bnc#854880]\n\n - CVE-2013-6712.patch [bnc#853045]\n\n - CVE-2013-4248.patch [bnc#837746]", "modified": "2018-11-10T00:00:00", "published": "2014-06-13T00:00:00", "id": "OPENSUSE-2013-1032.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74876", "title": "openSUSE Security Update : php5 (openSUSE-SU-2013:1963-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-1032.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74876);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/10 11:50:00\");\n\n script_cve_id(\"CVE-2013-4248\", \"CVE-2013-6420\", \"CVE-2013-6712\");\n script_bugtraq_id(61776, 64018, 64225);\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-SU-2013:1963-1)\");\n script_summary(english:\"Check for the openSUSE-2013-1032 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - security update\n\n - CVE-2013-6420.patch [bnc#854880]\n\n - CVE-2013-6712.patch [bnc#853045]\n\n - CVE-2013-4248.patch [bnc#837746]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=837746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=853045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=854880\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2|SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2 / 12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-mod_php5-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-mod_php5-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-bcmath-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-bcmath-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-bz2-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-bz2-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-calendar-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-calendar-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-ctype-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-ctype-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-curl-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-curl-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-dba-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-dba-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-debugsource-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-devel-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-dom-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-dom-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-enchant-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-enchant-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-exif-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-exif-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-fastcgi-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-fastcgi-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-fileinfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-fileinfo-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-fpm-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-fpm-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-ftp-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-ftp-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-gd-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-gd-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-gettext-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-gettext-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-gmp-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-gmp-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-iconv-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-iconv-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-imap-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-imap-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-intl-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-intl-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-json-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-json-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-ldap-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-ldap-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-mbstring-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-mbstring-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-mcrypt-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-mcrypt-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-mssql-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-mssql-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-mysql-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-mysql-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-odbc-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-odbc-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-openssl-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-openssl-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-pcntl-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-pcntl-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-pdo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-pdo-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-pear-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-pgsql-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-pgsql-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-phar-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-phar-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-posix-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-posix-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-pspell-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-pspell-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-readline-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-readline-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-shmop-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-shmop-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-snmp-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-snmp-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-soap-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-soap-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-sockets-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-sockets-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-sqlite-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-sqlite-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-suhosin-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-suhosin-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-sysvmsg-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-sysvmsg-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-sysvsem-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-sysvsem-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-sysvshm-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-sysvshm-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-tidy-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-tidy-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-tokenizer-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-tokenizer-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-wddx-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-wddx-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-xmlreader-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-xmlreader-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-xmlrpc-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-xmlrpc-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-xmlwriter-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-xmlwriter-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-xsl-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-xsl-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-zip-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-zip-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-zlib-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"php5-zlib-debuginfo-5.3.15-1.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_php5-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_php5-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bcmath-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bcmath-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bz2-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bz2-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-calendar-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-calendar-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ctype-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ctype-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-curl-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-curl-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dba-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dba-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-debugsource-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-devel-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dom-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dom-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-enchant-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-enchant-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-exif-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-exif-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fastcgi-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fastcgi-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fileinfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fileinfo-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fpm-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fpm-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ftp-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ftp-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gd-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gd-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gettext-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gettext-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gmp-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gmp-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-iconv-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-iconv-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-imap-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-imap-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-intl-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-intl-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-json-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-json-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ldap-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ldap-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mbstring-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mbstring-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mcrypt-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mcrypt-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mssql-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mssql-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mysql-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mysql-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-odbc-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-odbc-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-openssl-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-openssl-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pcntl-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pcntl-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pdo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pdo-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pear-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pgsql-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pgsql-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-phar-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-phar-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-posix-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-posix-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pspell-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pspell-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-readline-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-readline-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-shmop-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-shmop-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-snmp-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-snmp-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-soap-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-soap-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sockets-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sockets-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sqlite-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sqlite-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-suhosin-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-suhosin-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvmsg-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvmsg-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvsem-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvsem-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvshm-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvshm-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tidy-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tidy-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tokenizer-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tokenizer-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-wddx-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-wddx-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlreader-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlreader-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlrpc-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlrpc-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlwriter-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlwriter-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xsl-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xsl-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zip-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zip-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zlib-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zlib-debuginfo-5.3.17-3.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debugsource-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-devel-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pear-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-debuginfo-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-5.4.20-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-debuginfo-5.4.20-4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:20:39", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities has been discovered and corrected in php :\n\nThe openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2013-4248).\n\nThe asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function (CVE-2013-6420).\n\nThe scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification (CVE-2013-6712).\n\nThe updated php packages have been upgraded to the 5.5.8 version which is not vulnerable to these issues.\n\nAdditionally, the PECL packages which requires so has been rebuilt for php-5.5.8 and some has been upgraded to their latest versions.", "modified": "2018-07-19T00:00:00", "id": "MANDRIVA_MDVSA-2014-014.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=72082", "published": "2014-01-22T00:00:00", "title": "Mandriva Linux Security Advisory : php (MDVSA-2014:014)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:014. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72082);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/19 20:59:18\");\n\n script_cve_id(\"CVE-2013-4248\", \"CVE-2013-6420\", \"CVE-2013-6712\");\n script_bugtraq_id(61776, 64018, 64225);\n script_xref(name:\"MDVSA\", value:\"2014:014\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php (MDVSA-2014:014)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in php :\n\nThe openssl_x509_parse function in openssl.c in the OpenSSL module in\nPHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a\n'\\0' character in a domain name in the Subject Alternative Name field\nof an X.509 certificate, which allows man-in-the-middle attackers to\nspoof arbitrary SSL servers via a crafted certificate issued by a\nlegitimate Certification Authority, a related issue to CVE-2009-2408\n(CVE-2013-4248).\n\nThe asn1_time_to_time_t function in ext/openssl/openssl.c in PHP\nbefore 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not\nproperly parse (1) notBefore and (2) notAfter timestamps in X.509\ncertificates, which allows remote attackers to execute arbitrary code\nor cause a denial of service (memory corruption) via a crafted\ncertificate that is not properly handled by the openssl_x509_parse\nfunction (CVE-2013-6420).\n\nThe scan function in ext/date/lib/parse_iso_intervals.c in PHP through\n5.5.6 does not properly restrict creation of DateInterval objects,\nwhich might allow remote attackers to cause a denial of service\n(heap-based buffer over-read) via a crafted interval specification\n(CVE-2013-6712).\n\nThe updated php packages have been upgraded to the 5.5.8 version which\nis not vulnerable to these issues.\n\nAdditionally, the PECL packages which requires so has been rebuilt for\nphp-5.5.8 and some has been upgraded to their latest versions.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.5.8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64json-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64json2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mbfl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mbfl1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64php5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-amf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-apacheaccessor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-apc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-apc-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-apm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-archive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-auth_nds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bbcode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bcompiler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bitset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bloomy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-braille\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cairo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cairo_wrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-courierauth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cyrus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dbx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-doublemetaphone\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-drizzle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-expect\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filepro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gender\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-geoip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gtk2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-haru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-hidef\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-htscanner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-id3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-imagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-inclued\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-inotify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-libevent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-memcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-memcached\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mnogosearch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-newt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-oggvorbis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-proctitle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-radius\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-rrdtool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sasl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ssh2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-svn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-swish\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sybase_ct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-syck\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tcpwrap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-timezonedb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-txforward\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-uploadprogress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-uuid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-wbxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xattr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xdiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xslcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-yaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-yaz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-yp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_php-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64json-devel-0.11-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64json2-0.11-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64mbfl-devel-1.2.0-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64mbfl1-1.2.0-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-amf-0.9.2-10.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-apacheaccessor-1.0.1-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-apc-3.1.15-1.2.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-apc-admin-3.1.15-1.2.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-apm-1.1.0-1RC2.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-archive-0.2-22.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-auth_nds-2.2.6-28.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-bbcode-1.0.3-0.0.b1.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-bcmath-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-bcompiler-1.0.2-3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-bitset-2.0-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-bloomy-0.1.0-11.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-braille-0.1.1-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-bz2-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-cairo-0.3.2-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-cairo_wrapper-0.2.4-12.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-calendar-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-cgi-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-cli-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-courierauth-0.1.0-26.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ctype-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-curl-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-cyrus-1.0-30.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-dav-1.2-4.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-dba-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-dbase-5.0.1-3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-dbx-1.1.2-3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-devel-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-dio-0.0.7-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-doc-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-dom-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-doublemetaphone-1.0.0-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-drizzle-0.4.2-8.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-enchant-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-event-1.8.1-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-exif-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-expect-0.3.1-3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-fam-5.0.1-21.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-fileinfo-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-filepro-5.1.6-31.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-filter-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-fpm-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ftp-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gd-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gender-1.0.0-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-geoip-1.0.8-3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gettext-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gmp-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gnupg-1.3.2-8.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gnutls-0.3-0.rc1.25.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gtk2-2.0.3-0.git20130225.1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-haru-1.0.4-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-hash-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-hidef-0.1.13-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-htscanner-1.0.1-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-iconv-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-id3-0.2-33.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-imagick-3.1.2-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-imap-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-inclued-0.1.3-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ini-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-inotify-0.1.6-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-intl-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-json-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ldap-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-libevent-0.1.0-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mbstring-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mcrypt-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mcve-7.0.3-11.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-memcache-3.0.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-memcached-2.1.0-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mnogosearch-1.96-35.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mongo-1.4.5-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mssql-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mysql-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mysqli-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-newt-1.2.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-odbc-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-oggvorbis-0.2-33.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-opcache-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-openssl-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pam-1.0.3-10.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pcntl-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_dblib-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_mysql-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_odbc-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_pgsql-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_sqlite-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pgsql-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-phar-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-posix-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-proctitle-0.1.2-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-radius-1.2.7-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-readline-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-recode-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-rrdtool-0-35.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sasl-0.1.0-36.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-session-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-shmop-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-snmp-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-soap-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sockets-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sqlite-1.0.3-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sqlite3-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ssh2-0.12-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-suhosin-0.9.33-7.2.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-svn-1.0.2-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-swish-0.5.0-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sybase_ct-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-syck-0.9.3-17.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sysvmsg-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sysvsem-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sysvshm-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-tcpwrap-1.1.3-18.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-tdb-1.0.0-18.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-tidy-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-timezonedb-2013.9-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-tk-0.1.1-29.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-tokenizer-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-txforward-1.0.7-3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-uploadprogress-1.0.3.1-3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-uuid-1.0.3-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-wbxml-1.0.3-14.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-wddx-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xattr-1.2.0-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xdiff-1.5.2-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xml-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xmlreader-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xmlwriter-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xsl-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xslcache-0.7.2-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-yaml-1.1.1-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-yaz-1.1.6-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-yp-5.2.3-25.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-zip-5.5.8-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-zlib-5.5.8-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:11", "bulletinFamily": "scanner", "description": "This update fixes the following issues :\n\n - memory corruption in openssl_parse_x509 (CVE-2013-6420)\n\n - Heap buffer over-read in DateInterval (CVE-2013-6712)\n\n - man-in-the-middle attacks by specially crafting certificates (CVE-2013-4248)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-07-31T00:00:00", "id": "SUSE_SU-2014-0064-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83607", "published": "2015-05-20T00:00:00", "title": "SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0064-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2014:0064-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83607);\n script_version(\"2.2\");\n script_cvs_date(\"Date: 2018/07/31 17:27:54\");\n\n script_cve_id(\"CVE-2013-4248\", \"CVE-2013-6420\", \"CVE-2013-6712\");\n script_bugtraq_id(61776, 64018, 64225);\n\n script_name(english:\"SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0064-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following issues :\n\n - memory corruption in openssl_parse_x509 (CVE-2013-6420)\n\n - Heap buffer over-read in DateInterval (CVE-2013-6712)\n\n - man-in-the-middle attacks by specially crafting\n certificates (CVE-2013-4248)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://download.suse.com/patch/finder/?keywords=8819817181dd7026cfe3ff43214688c6\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ebe2dd9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4248.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-6420.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-6712.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/854880\"\n );\n # https://www.suse.com/support/update/announcement/2014/suse-su-20140064-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5f0c918a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11 SP2 :\n\nzypper in -t patch sdksp2-apache2-mod_php53-8683\n\nSUSE Linux Enterprise Server 11 SP2 for VMware :\n\nzypper in -t patch slessp2-apache2-mod_php53-8683\n\nSUSE Linux Enterprise Server 11 SP2 :\n\nzypper in -t patch slessp2-apache2-mod_php53-8683\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^2$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"apache2-mod_php53-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-bcmath-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-bz2-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-calendar-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-ctype-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-curl-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-dba-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-dom-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-exif-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-fastcgi-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-fileinfo-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-ftp-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-gd-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-gettext-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-gmp-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-iconv-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-intl-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-json-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-ldap-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-mbstring-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-mcrypt-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-mysql-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-odbc-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-openssl-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pcntl-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pdo-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pear-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pgsql-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pspell-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-shmop-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-snmp-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-soap-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-suhosin-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-sysvmsg-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-sysvsem-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-sysvshm-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-tokenizer-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-wddx-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-xmlreader-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-xmlrpc-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-xmlwriter-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-xsl-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-zip-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-zlib-5.3.8-0.43.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PHP5\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:20:37", "bulletinFamily": "scanner", "description": "This update fixes the following issues :\n\n - memory corruption in openssl_parse_x509. (CVE-2013-6420)\n\n - Heap buffer over-read in DateInterval. (CVE-2013-6712)\n\n - man-in-the-middle attacks by specially crafting certificates (CVE-2013-4248)", "modified": "2014-03-02T00:00:00", "id": "SUSE_11_APACHE2-MOD_PHP53-131218.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=71965", "published": "2014-01-15T00:00:00", "title": "SuSE 11.2 / 11.3 Security Update : PHP5 (SAT Patch Numbers 8683 / 8684)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71965);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2014/03/02 00:50:39 $\");\n\n script_cve_id(\"CVE-2013-4248\", \"CVE-2013-6420\", \"CVE-2013-6712\");\n\n script_name(english:\"SuSE 11.2 / 11.3 Security Update : PHP5 (SAT Patch Numbers 8683 / 8684)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following issues :\n\n - memory corruption in openssl_parse_x509. (CVE-2013-6420)\n\n - Heap buffer over-read in DateInterval. (CVE-2013-6712)\n\n - man-in-the-middle attacks by specially crafting\n certificates (CVE-2013-4248)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=837746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=842676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=853045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=854880\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4248.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-6420.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-6712.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 8683 / 8684 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"apache2-mod_php53-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-bcmath-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-bz2-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-calendar-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-ctype-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-curl-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-dba-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-dom-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-exif-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-fastcgi-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-fileinfo-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-ftp-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-gd-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-gettext-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-gmp-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-iconv-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-intl-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-json-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-ldap-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-mbstring-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-mcrypt-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-mysql-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-odbc-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-openssl-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-pcntl-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-pdo-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-pear-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-pgsql-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-pspell-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-shmop-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-snmp-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-soap-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-suhosin-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-sysvmsg-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-sysvsem-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-sysvshm-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-tokenizer-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-wddx-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-xmlreader-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-xmlrpc-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-xmlwriter-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-xsl-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-zip-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-zlib-5.3.8-0.43.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"apache2-mod_php53-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-bcmath-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-bz2-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-calendar-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ctype-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-curl-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-dba-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-dom-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-exif-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-fastcgi-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-fileinfo-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ftp-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gd-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gettext-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gmp-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-iconv-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-intl-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-json-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ldap-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mbstring-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mcrypt-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mysql-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-odbc-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-openssl-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pcntl-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pdo-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pear-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pgsql-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pspell-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-shmop-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-snmp-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-soap-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-suhosin-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvmsg-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvsem-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvshm-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-tokenizer-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-wddx-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlreader-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlrpc-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlwriter-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xsl-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-zip-5.3.17-0.17.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-zlib-5.3.17-0.17.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:23:16", "bulletinFamily": "scanner", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.\n (CVE-2013-4248)\n\n - The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.\n (CVE-2013-6420)\n\n - The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.\n (CVE-2013-6712)\n\n - Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.\n (CVE-2014-1943)\n\n - softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.\n (CVE-2014-2270)", "modified": "2018-11-15T00:00:00", "id": "SOLARIS11_PHP_20140522.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80737", "published": "2015-01-19T00:00:00", "title": "Oracle Solaris Third-Party Patch Update : php (cve_2013_4248_input_validation)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80737);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/15 20:50:25\");\n\n script_cve_id(\"CVE-2013-4248\", \"CVE-2013-6420\", \"CVE-2013-6712\", \"CVE-2014-1943\", \"CVE-2014-2270\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : php (cve_2013_4248_input_validation)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The openssl_x509_parse function in openssl.c in the\n OpenSSL module in PHP before 5.4.18 and 5.5.x before\n 5.5.2 does not properly handle a '\\0' character in a\n domain name in the Subject Alternative Name field of an\n X.509 certificate, which allows man-in-the-middle\n attackers to spoof arbitrary SSL servers via a crafted\n certificate issued by a legitimate Certification\n Authority, a related issue to CVE-2009-2408.\n (CVE-2013-4248)\n\n - The asn1_time_to_time_t function in\n ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before\n 5.4.23, and 5.5.x before 5.5.7 does not properly parse\n (1) notBefore and (2) notAfter timestamps in X.509\n certificates, which allows remote attackers to execute\n arbitrary code or cause a denial of service (memory\n corruption) via a crafted certificate that is not\n properly handled by the openssl_x509_parse function.\n (CVE-2013-6420)\n\n - The scan function in ext/date/lib/parse_iso_intervals.c\n in PHP through 5.5.6 does not properly restrict creation\n of DateInterval objects, which might allow remote\n attackers to cause a denial of service (heap-based\n buffer over-read) via a crafted interval specification.\n (CVE-2013-6712)\n\n - Fine Free file before 5.17 allows context-dependent\n attackers to cause a denial of service (infinite\n recursion, CPU consumption, and crash) via a crafted\n indirect offset value in the magic of a file.\n (CVE-2014-1943)\n\n - softmagic.c in file before 5.17 and libmagic allows\n context-dependent attackers to cause a denial of service\n (out-of-bounds memory access and crash) via crafted\n offsets in the softmagic of a PE executable.\n (CVE-2014-2270)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/cve-2013-4248-input-validation-vulnerability-in-php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f6e0c4fe\"\n );\n # https://blogs.oracle.com/sunsecurity/cve-2014-1943-resource-management-errors-vulnerability-in-php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?864416ed\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.oracle.com/sunsecurity/cve-2014-2270-buffer-errors-vulnerability-in-php\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-buffer-errors-vulnerabilities-in-php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?90294d9b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.19.6.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:php\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^php$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.19.0.6.0\", sru:\"SRU 11.1.19.6.0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : php\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_hole(port:0, extra:error_extra);\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"php\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:20:25", "bulletinFamily": "scanner", "description": "Updated curl packages fix security vulnerability :\n\nScott Cantor discovered that curl, a file retrieval tool, would disable the CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER setting was disabled. This would also disable ssl certificate host name checks when it should have only disabled verification of the certificate trust chain (CVE-2013-4545).", "modified": "2019-01-02T00:00:00", "id": "MANDRIVA_MDVSA-2013-276.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=71030", "published": "2013-11-22T00:00:00", "title": "Mandriva Linux Security Advisory : curl (MDVSA-2013:276)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:276. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71030);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/01/02 16:37:54\");\n\n script_cve_id(\"CVE-2013-4545\");\n script_bugtraq_id(63776);\n script_xref(name:\"MDVSA\", value:\"2013:276\");\n\n script_name(english:\"Mandriva Linux Security Advisory : curl (MDVSA-2013:276)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated curl packages fix security vulnerability :\n\nScott Cantor discovered that curl, a file retrieval tool, would\ndisable the CURLOPT_SSLVERIFYHOST check when the\nCURLOPT_SSL_VERIFYPEER setting was disabled. This would also disable\nssl certificate host name checks when it should have only disabled\nverification of the certificate trust chain (CVE-2013-4545).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2013-0338.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:curl-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64curl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64curl4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"curl-7.24.0-2.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"curl-examples-7.24.0-2.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64curl-devel-7.24.0-2.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64curl4-7.24.0-2.3.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-02-21T01:20:24", "bulletinFamily": "scanner", "description": "Scott Cantor discovered that curl, a file retrieval tool, would disable the CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER setting was disabled. This would also disable ssl certificate host name checks when it should have only disabled verification of the certificate trust chain.\n\nThe default configuration for the curl package is not affected by this issue since CURLOPT_SSLVERIFYPEER is enabled by default.", "modified": "2018-11-28T00:00:00", "id": "DEBIAN_DSA-2798.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=70985", "published": "2013-11-21T00:00:00", "title": "Debian DSA-2798-1 : curl - unchecked ssl certificate host name", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2798. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70985);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/11/28 22:47:42\");\n\n script_cve_id(\"CVE-2013-4545\");\n script_bugtraq_id(63776);\n script_xref(name:\"DSA\", value:\"2798\");\n\n script_name(english:\"Debian DSA-2798-1 : curl - unchecked ssl certificate host name\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Scott Cantor discovered that curl, a file retrieval tool, would\ndisable the CURLOPT_SSLVERIFYHOST check when the\nCURLOPT_SSL_VERIFYPEER setting was disabled. This would also disable\nssl certificate host name checks when it should have only disabled\nverification of the certificate trust chain.\n\nThe default configuration for the curl package is not affected by this\nissue since CURLOPT_SSLVERIFYPEER is enabled by default.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/curl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/curl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2798\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the curl packages.\n\nFor the oldstable distribution (squeeze), this problem has been fixed\nin version 7.21.0-2.1+squeeze5.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 7.26.0-1+wheezy5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"curl\", reference:\"7.21.0-2.1+squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcurl3\", reference:\"7.21.0-2.1+squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcurl3-dbg\", reference:\"7.21.0-2.1+squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcurl3-gnutls\", reference:\"7.21.0-2.1+squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcurl4-gnutls-dev\", reference:\"7.21.0-2.1+squeeze5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcurl4-openssl-dev\", reference:\"7.21.0-2.1+squeeze5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"curl\", reference:\"7.26.0-1+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libcurl3\", reference:\"7.26.0-1+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libcurl3-dbg\", reference:\"7.26.0-1+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libcurl3-gnutls\", reference:\"7.26.0-1+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libcurl3-nss\", reference:\"7.26.0-1+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libcurl4-gnutls-dev\", reference:\"7.26.0-1+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libcurl4-nss-dev\", reference:\"7.26.0-1+wheezy5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libcurl4-openssl-dev\", reference:\"7.26.0-1+wheezy5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:54", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04463322\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04463322\r\nVersion: 1\r\n\r\nHPSBMU03112 rev.1 - HP System Management Homepage &#40;SMH&#41; on Linux and Windows,\r\nMultiple Vulnerabilities\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-09-30\r\nLast Updated: 2014-09-30\r\n\r\nPotential Security Impact: Cross-site scripting &#40;XSS&#41;, Cross-site Request\r\nForgery &#40;CSRF&#41;, unauthorized disclosure of information, Denial of Service\r\n&#40;DoS&#41;, and Clickjacking\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nPotential security vulnerabilities have been identified with HP System\r\nManagement Homepage &#40;SMH&#41; on Linux and Windows. The vulnerabilities could be\r\nexploited remotely resulting in Cross-site Scripting &#40;XSS&#41;, Cross-site\r\nRequest Forgery &#40;CSRF&#41;, unauthorized disclosure of information, Denial of\r\nService &#40;DoS&#41;, and Clickjacking.\r\n\r\nReferences:\r\n\r\nCVE-2013-4545 Unauthorized modification\r\nCVE-2013-6420 &#40;SSRT101447&#41; Unauthorized disclosure of information\r\nCVE-2013-6422 Unauthorized disclosure of information\r\nCVE-2013-6712 &#40;SSRT101447&#41; Denial of Service &#40;DoS&#41;\r\nCVE-2014-2640 &#40;SSRT101633, SSRT101438&#41; Cross-site Scripting &#40;XSS&#41;\r\nCVE-2014-2641 &#40;SSRT101438&#41; Cross-site Request Forgery &#40;CSRF&#41;\r\nCVE-2014-2642 &#40;SSRT101701&#41; Clickjacking\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP System Management Homepage &#40;SMH&#41; for Linux and Windows prior to version\r\n7.4\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2013-4545 &#40;AV:N/AC:M/Au:N/C:N/I:P/A:N&#41; 4.3\r\nCVE-2013-6420 &#40;AV:N/AC:L/Au:N/C:P/I:P/A:P&#41; 7.5\r\nCVE-2013-6422 &#40;AV:N/AC:H/Au:N/C:P/I:P/A:N&#41; 4.0\r\nCVE-2013-6712 &#40;AV:N/AC:L/Au:N/C:N/I:N/A:P&#41; 5.0\r\nCVE-2014-2640 &#40;AV:N/AC:M/Au:N/C:N/I:P/A:N&#41; 4.3\r\nCVE-2014-2641 &#40;AV:N/AC:M/Au:S/C:P/I:P/A:P&#41; 6.0\r\nCVE-2014-2642 &#40;AV:N/AC:M/Au:N/C:N/I:P/A:N&#41; 4.3\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has made the following software updates available to resolve the\r\nvulnerabilities for the impacted versions of HP System Management Homepage\r\n&#40;SMH&#41; for Linux and Windows:\r\n\r\nhttp://h18013.www1.hp.com/products/servers/management/agents/\r\n\r\nHISTORY\r\nVersion:1 &#40;rev.1&#41; - 30 September 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer&#39;s patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided &quot;as is&quot;\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 &#40;GNU/Linux&#41;\r\n\r\niEYEARECAAYFAlQq3FIACgkQ4B86/C0qfVnTlwCgwWcDOjjkcFklK+74zGBRsqba\r\n3ZYAn2AXFQpMSaHHK8pqKv05UM/d1b7R\r\n=qkt6\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-10-05T00:00:00", "published": "2014-10-05T00:00:00", "id": "SECURITYVULNS:DOC:31138", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31138", "title": "[security bulletin] HPSBMU03112 rev.1 - HP System Management Homepage &#40;SMH&#41; on Linux and Windows, Multiple Vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:53", "bulletinFamily": "software", "description": "\u0418\u043c\u044f \u0445\u043e\u0441\u0442\u0430 \u043d\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u043c CURLOPT_SSL_VERIFYPEER.", "modified": "2013-12-23T00:00:00", "published": "2013-12-23T00:00:00", "id": "SECURITYVULNS:VULN:13420", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13420", "title": "cURL certificates spoofing", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:50", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2014:014\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : php\r\n Date : January 21, 2014\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been discovered and corrected in php:\r\n \r\n The openssl_x509_parse function in openssl.c in the OpenSSL module in\r\n PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a\r\n &#039;&#92;0&#039; character in a domain name in the Subject Alternative Name field\r\n of an X.509 certificate, which allows man-in-the-middle attackers\r\n to spoof arbitrary SSL servers via a crafted certificate issued by a\r\n legitimate Certification Authority, a related issue to CVE-2009-2408\r\n &#40;CVE-2013-4248&#41;.\r\n \r\n The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP\r\n before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not\r\n properly parse &#40;1&#41; notBefore and &#40;2&#41; notAfter timestamps in X.509\r\n certificates, which allows remote attackers to execute arbitrary\r\n code or cause a denial of service &#40;memory corruption&#41; via a crafted\r\n certificate that is not properly handled by the openssl_x509_parse\r\n function &#40;CVE-2013-6420&#41;.\r\n \r\n The scan function in ext/date/lib/parse_iso_intervals.c in PHP through\r\n 5.5.6 does not properly restrict creation of DateInterval objects,\r\n which might allow remote attackers to cause a denial of service\r\n &#40;heap-based buffer over-read&#41; via a crafted interval specification\r\n &#40;CVE-2013-6712&#41;.\r\n \r\n The updated php packages have been upgraded to the 5.5.8 version\r\n which is not vulnerable to these issues.\r\n \r\n Additionally, the PECL packages which requires so has been rebuilt\r\n for php-5.5.8 and some has been upgraded to their latest versions.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6712\r\n http://www.php.net/ChangeLog-5.php#5.5.8\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n 6cbe3c3e54feb911f830a84798cba59b mbs1/x86_64/apache-mod_php-5.5.8-1.mbs1.x86_64.rpm\r\n a10aeb6dd4d85ab4c45b7acb3a080bf1 mbs1/x86_64/lib64json2-0.11-1.mbs1.x86_64.rpm\r\n e661a00b2ea0b360f73c32c633a5665b mbs1/x86_64/lib64json-devel-0.11-1.mbs1.x86_64.rpm\r\n b7938d352e62b7679b55c874e06fbe33 mbs1/x86_64/lib64mbfl1-1.2.0-1.mbs1.x86_64.rpm\r\n 9b84b48d9b2a18e048e1c40c786fc3d5 mbs1/x86_64/lib64mbfl-devel-1.2.0-1.mbs1.x86_64.rpm\r\n 7d4766a2eb0dd7048917eec2e1f9461f mbs1/x86_64/lib64php5_common5-5.5.8-1.mbs1.x86_64.rpm\r\n a6a17628ec5c2528b42d0308b44b8602 mbs1/x86_64/php-amf-0.9.2-10.1.mbs1.x86_64.rpm\r\n f47775a96d510872e93af788c942eb0d mbs1/x86_64/php-apacheaccessor-1.0.1-1.mbs1.x86_64.rpm\r\n 61c55f41ddc362a27b0d622fd72f832b mbs1/x86_64/php-apc-3.1.15-1.2.mbs1.x86_64.rpm\r\n 23e851dddb7a7e036eab0bbe753d22fc mbs1/x86_64/php-apc-admin-3.1.15-1.2.mbs1.x86_64.rpm\r\n 59f6774136e76c82ea13566c73ff5579 mbs1/x86_64/php-apm-1.1.0-1RC2.mbs1.x86_64.rpm\r\n 41f2071c87dc54edd1b35eb3b050523d mbs1/x86_64/php-archive-0.2-22.1.mbs1.x86_64.rpm\r\n 6eea5350fd29e56ab3c6530fd4a8eb2d mbs1/x86_64/php-auth_nds-2.2.6-28.1.mbs1.x86_64.rpm\r\n 09769fd2f27af4498679488463d4f0d0 mbs1/x86_64/php-bbcode-1.0.3-0.0.b1.5.mbs1.x86_64.rpm\r\n 046aade243a8dfbb4ae5235333404450 mbs1/x86_64/php-bcmath-5.5.8-1.mbs1.x86_64.rpm\r\n d41522e2a71180202c9ea965ab8bb87d mbs1/x86_64/php-bcompiler-1.0.2-3.1.mbs1.x86_64.rpm\r\n 22108d55173d81e808601cac8da19528 mbs1/x86_64/php-bitset-2.0-1.mbs1.x86_64.rpm\r\n 60a5774e783dc9410a3abecd25567242 mbs1/x86_64/php-bloomy-0.1.0-11.1.mbs1.x86_64.rpm\r\n bf678b9a204be1b978643122de681fa8 mbs1/x86_64/php-braille-0.1.1-1.mbs1.x86_64.rpm\r\n bb70b7e885f18b80db1ee6738ce3be50 mbs1/x86_64/php-bz2-5.5.8-1.mbs1.x86_64.rpm\r\n 6d44169948606477f69f70f7ad578f53 mbs1/x86_64/php-cairo-0.3.2-1.mbs1.x86_64.rpm\r\n 163f88e5a8527945410c21717dc0c523 mbs1/x86_64/php-cairo_wrapper-0.2.4-12.1.mbs1.x86_64.rpm\r\n bbfb9602746185c2ccee545bda5cea1b mbs1/x86_64/php-calendar-5.5.8-1.mbs1.x86_64.rpm\r\n 6cd3f73d40196e91b3d5b0d115fd2781 mbs1/x86_64/php-cgi-5.5.8-1.mbs1.x86_64.rpm\r\n 303f2b6bd21379576c64e9babe78b5a4 mbs1/x86_64/php-cli-5.5.8-1.mbs1.x86_64.rpm\r\n 1b986fc42ec86b34203557515332cbcb mbs1/x86_64/php-courierauth-0.1.0-26.1.mbs1.x86_64.rpm\r\n a451399cac0d1eb96c02b82c3682bacb mbs1/x86_64/php-ctype-5.5.8-1.mbs1.x86_64.rpm\r\n fff5e8e41e8d91ba8f45dc2c2e09de3e mbs1/x86_64/php-curl-5.5.8-1.mbs1.x86_64.rpm\r\n 9d8d29b7e05ecdb5b209c5f3e9ea11ef mbs1/x86_64/php-cyrus-1.0-30.1.mbs1.x86_64.rpm\r\n be02c96797fe3505035103a28a646650 mbs1/x86_64/php-dav-1.2-4.1.mbs1.x86_64.rpm\r\n b1d13d3740cd6d6c80b4ea9f6deccb1f mbs1/x86_64/php-dba-5.5.8-1.mbs1.x86_64.rpm\r\n 0c1f23ac85aa3da6731cb50877f4933e mbs1/x86_64/php-dbase-5.0.1-3.1.mbs1.x86_64.rpm\r\n 90a56987be11920d4bd5e435e92dd07e mbs1/x86_64/php-dbx-1.1.2-3.1.mbs1.x86_64.rpm\r\n f2924a0354eb16c217b5f7ae073df1e7 mbs1/x86_64/php-devel-5.5.8-1.mbs1.x86_64.rpm\r\n 92a8332882a805d53823f0c950de0d95 mbs1/x86_64/php-dio-0.0.7-1.mbs1.x86_64.rpm\r\n 18e14cc713ce4e782d3378a6b50739d7 mbs1/x86_64/php-doc-5.5.8-1.mbs1.noarch.rpm\r\n 19fe234353968902a9095dac4fd4914b mbs1/x86_64/php-dom-5.5.8-1.mbs1.x86_64.rpm\r\n 3f86006633057b7819cb7ff0109d8bc3 mbs1/x86_64/php-doublemetaphone-1.0.0-1.mbs1.x86_64.rpm\r\n 1c9d18a83bb590cc398de98529619fbe mbs1/x86_64/php-drizzle-0.4.2-8.1.mbs1.x86_64.rpm\r\n 681f9d0f04e86b10bcdab85e8ab46646 mbs1/x86_64/php-enchant-5.5.8-1.mbs1.x86_64.rpm\r\n 86a0fd5715e93fe2ad3af8af9c762f5e mbs1/x86_64/php-event-1.8.1-1.mbs1.x86_64.rpm\r\n e885e3a1aa38a84f3a91a2f3adfdd9ed mbs1/x86_64/php-exif-5.5.8-1.mbs1.x86_64.rpm\r\n 28cbec3693e2ec299ae14f4d3aee2bab mbs1/x86_64/php-expect-0.3.1-3.1.mbs1.x86_64.rpm\r\n 1f6e495022af41702d958c5e4c5a7a0c mbs1/x86_64/php-fam-5.0.1-21.1.mbs1.x86_64.rpm\r\n dcc659581a3370b6152a0be1c3d4330a mbs1/x86_64/php-fileinfo-5.5.8-1.mbs1.x86_64.rpm\r\n 51361ea120255c19051acce2f7c52373 mbs1/x86_64/php-filepro-5.1.6-31.1.mbs1.x86_64.rpm\r\n 57ffefd27baab8189b77ec065f6c25fb mbs1/x86_64/php-filter-5.5.8-1.mbs1.x86_64.rpm\r\n 40ef3b1acf64c3dbbec30ed053faf91d mbs1/x86_64/php-fpm-5.5.8-1.mbs1.x86_64.rpm\r\n 585a27ca37d6e425e33ebffda8d4a3c5 mbs1/x86_64/php-ftp-5.5.8-1.mbs1.x86_64.rpm\r\n f7e17547d06d727435d842566711bd1f mbs1/x86_64/php-gd-5.5.8-1.mbs1.x86_64.rpm\r\n 424413861017a0d960ec25799f7e6d96 mbs1/x86_64/php-gender-1.0.0-1.mbs1.x86_64.rpm\r\n 326ce65eb182fa95338b4950bf2902d8 mbs1/x86_64/php-geoip-1.0.8-3.1.mbs1.x86_64.rpm\r\n e8e5d68ccd220fa1411538c887a9b033 mbs1/x86_64/php-gettext-5.5.8-1.mbs1.x86_64.rpm\r\n e52ebf9fbb468cc480ff89b16746ac32 mbs1/x86_64/php-gmp-5.5.8-1.mbs1.x86_64.rpm\r\n 705599e093ed673401b92dcc55d7f7af mbs1/x86_64/php-gnupg-1.3.2-8.1.mbs1.x86_64.rpm\r\n e3acb8961bcb47b82eae4f2d1f0a5533 mbs1/x86_64/php-gnutls-0.3-0.rc1.25.mbs1.x86_64.rpm\r\n 63cace0435e5165bb99868f0b77fd0fb mbs1/x86_64/php-gtk2-2.0.3-0.git20130225.1.1.mbs1.x86_64.rpm\r\n d24ba27252b2d03b1ac45de414ace8f4 mbs1/x86_64/php-haru-1.0.4-1.mbs1.x86_64.rpm\r\n 69dcad6cd94a553145fc7170eb92b9ab mbs1/x86_64/php-hash-5.5.8-1.mbs1.x86_64.rpm\r\n 011ee7e7c17f420f6fdddb73f07e2689 mbs1/x86_64/php-hidef-0.1.13-1.mbs1.x86_64.rpm\r\n 5be11ca2acde72985150182165690a1e mbs1/x86_64/php-htscanner-1.0.1-1.mbs1.x86_64.rpm\r\n 1ef360e88e9e53f426b6128b352d4498 mbs1/x86_64/php-iconv-5.5.8-1.mbs1.x86_64.rpm\r\n 241adb52708e8152bbd264477d2c6685 mbs1/x86_64/php-id3-0.2-33.1.mbs1.x86_64.rpm\r\n 18a9444caba90afd57ac9d349de79592 mbs1/x86_64/php-imagick-3.1.2-1.mbs1.x86_64.rpm\r\n fb435f0e0c06838e6ba4b8e55edb65da mbs1/x86_64/php-imap-5.5.8-1.mbs1.x86_64.rpm\r\n e3d4b8b1a34ee2fff2514799d39d6c83 mbs1/x86_64/php-inclued-0.1.3-1.mbs1.x86_64.rpm\r\n 9a62365f025a6cd92a5649800f94e392 mbs1/x86_64/php-ini-5.5.8-1.mbs1.x86_64.rpm\r\n cc0fa3dfabc021d0a6f97de624c72451 mbs1/x86_64/php-inotify-0.1.6-1.mbs1.x86_64.rpm\r\n f7c954f5f7a8c3497244dab0ac9cc874 mbs1/x86_64/php-intl-5.5.8-1.mbs1.x86_64.rpm\r\n 72104e0ea01d0b8d7025ae3de961d950 mbs1/x86_64/php-json-5.5.8-1.mbs1.x86_64.rpm\r\n 788d244d7832eca94dc694ec2642c24b mbs1/x86_64/php-ldap-5.5.8-1.mbs1.x86_64.rpm\r\n ef1754adb00601ab1c4c29bb1fd1ef59 mbs1/x86_64/php-libevent-0.1.0-1.mbs1.x86_64.rpm\r\n b300a580ba667f6898875fc41d19116f mbs1/x86_64/php-mbstring-5.5.8-1.mbs1.x86_64.rpm\r\n bb5fecd25651248b7d4731b1aea2b31e mbs1/x86_64/php-mcrypt-5.5.8-1.mbs1.x86_64.rpm\r\n 299d7d44e160c8b4e5b7f30644c65a67 mbs1/x86_64/php-mcve-7.0.3-11.1.mbs1.x86_64.rpm\r\n db5be0ea33960859e4f31dc1d8e6c5af mbs1/x86_64/php-memcache-3.0.8-1.mbs1.x86_64.rpm\r\n bc238ba372583c19c57f658ff4225518 mbs1/x86_64/php-memcached-2.1.0-1.mbs1.x86_64.rpm\r\n fbd5ebb29764a11aa742e77fde63ec03 mbs1/x86_64/php-mnogosearch-1.96-35.1.mbs1.x86_64.rpm\r\n 2c0d85ca48d9b1f22f0f8445364f97e5 mbs1/x86_64/php-mongo-1.4.5-1.mbs1.x86_64.rpm\r\n a87d1de22d52d2e51bb3977a87afb715 mbs1/x86_64/php-mssql-5.5.8-1.mbs1.x86_64.rpm\r\n c2c1b538550758102b8b456a0db9c18f mbs1/x86_64/php-mysql-5.5.8-1.mbs1.x86_64.rpm\r\n c09aef537da221b4eebbaad7a893e195 mbs1/x86_64/php-mysqli-5.5.8-1.mbs1.x86_64.rpm\r\n f50cb148d81ecf786c80661e19714893 mbs1/x86_64/php-mysqlnd-5.5.8-1.mbs1.x86_64.rpm\r\n 25ca5ff7bb6a4bb39e17bef527a4daec mbs1/x86_64/php-newt-1.2.8-1.mbs1.x86_64.rpm\r\n 823b8d9b36c8b34b5f80f3f478d5be7d mbs1/x86_64/php-odbc-5.5.8-1.mbs1.x86_64.rpm\r\n 821f30096996e971be059dcc617beeb4 mbs1/x86_64/php-oggvorbis-0.2-33.1.mbs1.x86_64.rpm\r\n ec2c830033979609b85d19722079ad45 mbs1/x86_64/php-opcache-5.5.8-1.mbs1.x86_64.rpm\r\n 0e66afe941f83d77128a0326fea38368 mbs1/x86_64/php-openssl-5.5.8-1.mbs1.x86_64.rpm\r\n e8b0808df1e75e9eee987d1c38d0de41 mbs1/x86_64/php-pam-1.0.3-10.1.mbs1.x86_64.rpm\r\n c9772947df6039925dc89ed495c5eea0 mbs1/x86_64/php-pcntl-5.5.8-1.mbs1.x86_64.rpm\r\n 2d6f78b753dce6b022f0f495e5894bfe mbs1/x86_64/php-pdo-5.5.8-1.mbs1.x86_64.rpm\r\n 27dd4d459d9c50a3fa5ee81d988e6c4e mbs1/x86_64/php-pdo_dblib-5.5.8-1.mbs1.x86_64.rpm\r\n 060ad327a9a83ef417f9b0bdd60b7529 mbs1/x86_64/php-pdo_mysql-5.5.8-1.mbs1.x86_64.rpm\r\n f42d6c75dcd550e902bdda0672407f17 mbs1/x86_64/php-pdo_odbc-5.5.8-1.mbs1.x86_64.rpm\r\n 0e3764c821f508322e40a779a6694d36 mbs1/x86_64/php-pdo_pgsql-5.5.8-1.mbs1.x86_64.rpm\r\n af7cc29beea4f7a1aa87f81cc0f42e4d mbs1/x86_64/php-pdo_sqlite-5.5.8-1.mbs1.x86_64.rpm\r\n 6dc688c04f4a9617f5d9f179d5bffad3 mbs1/x86_64/php-pgsql-5.5.8-1.mbs1.x86_64.rpm\r\n e9e88947d413f78a0de370b45cd1e581 mbs1/x86_64/php-phar-5.5.8-1.mbs1.x86_64.rpm\r\n c4cbe315a3897b156de8d8b1ebee2454 mbs1/x86_64/php-posix-5.5.8-1.mbs1.x86_64.rpm\r\n a22a1d86311d97a6e74f41d4c5cee58a mbs1/x86_64/php-proctitle-0.1.2-1.mbs1.x86_64.rpm\r\n 1a642e05f7e4acbc0574700d39277f68 mbs1/x86_64/php-radius-1.2.7-1.1.mbs1.x86_64.rpm\r\n 364d5f30ed13942441cc6728af41f3ce mbs1/x86_64/php-readline-5.5.8-1.mbs1.x86_64.rpm\r\n 8e09378518bf4efca20b146d2ad3ae18 mbs1/x86_64/php-recode-5.5.8-1.mbs1.x86_64.rpm\r\n aca1fc497f23bebd1b261a91b4453c83 mbs1/x86_64/php-rrdtool-0-35.1.mbs1.x86_64.rpm\r\n b7ff902ed02d70049b9fdfa86c82c2bd mbs1/x86_64/php-sasl-0.1.0-36.1.mbs1.x86_64.rpm\r\n f28d198a8148aa993accca677f3921ce mbs1/x86_64/php-session-5.5.8-1.mbs1.x86_64.rpm\r\n 9ac8db465023197ca4a3f3358865d6c4 mbs1/x86_64/php-shmop-5.5.8-1.mbs1.x86_64.rpm\r\n 994c1f4ef6fdbb46a1217a0b4679b540 mbs1/x86_64/php-snmp-5.5.8-1.mbs1.x86_64.rpm\r\n 122de98493f51dad25fad1bd6490b14d mbs1/x86_64/php-soap-5.5.8-1.mbs1.x86_64.rpm\r\n 26cb96e64938013375ff2720787dbce3 mbs1/x86_64/php-sockets-5.5.8-1.mbs1.x86_64.rpm\r\n c03f6d3524750a11a26984a5680b6e31 mbs1/x86_64/php-sqlite-1.0.3-1.mbs1.x86_64.rpm\r\n cf9b1e1845c4df39e65c721b5ebe1ecd mbs1/x86_64/php-sqlite3-5.5.8-1.mbs1.x86_64.rpm\r\n 3692df1b43da42070fb2245ba85736d7 mbs1/x86_64/php-ssh2-0.12-1.mbs1.x86_64.rpm\r\n 46b107eaf4753b6f3e5b1d1c01014ac4 mbs1/x86_64/php-suhosin-0.9.33-7.2.mbs1.x86_64.rpm\r\n 648fa01ef7b191c206881bc81fc91cae mbs1/x86_64/php-svn-1.0.2-1.mbs1.x86_64.rpm\r\n 4f76f8fdc2c3b96130b50693f44fb82d mbs1/x86_64/php-swish-0.5.0-1.mbs1.x86_64.rpm\r\n dcda9398908f302d916e16ac23edc864 mbs1/x86_64/php-sybase_ct-5.5.8-1.mbs1.x86_64.rpm\r\n 05c262004a13838b354818605091d375 mbs1/x86_64/php-syck-0.9.3-17.1.mbs1.x86_64.rpm\r\n 911002b84d2ccf6632ab78148eeaa836 mbs1/x86_64/php-sysvmsg-5.5.8-1.mbs1.x86_64.rpm\r\n 64ee1ae53811450f47ced3dfc180cd3b mbs1/x86_64/php-sysvsem-5.5.8-1.mbs1.x86_64.rpm\r\n 8822eff6601523af2aec8a4b40278d5c mbs1/x86_64/php-sysvshm-5.5.8-1.mbs1.x86_64.rpm\r\n cb7122e7b2b81860304578978b20fae4 mbs1/x86_64/php-tcpwrap-1.1.3-18.1.mbs1.x86_64.rpm\r\n dd20d26681b253ca10d226b576cd9da7 mbs1/x86_64/php-tdb-1.0.0-18.1.mbs1.x86_64.rpm\r\n 89ca00e2d6b8a0655161caf3d975a29c mbs1/x86_64/php-tidy-5.5.8-1.mbs1.x86_64.rpm\r\n 63e583090b7d6e86679d9cf4dadd13b8 mbs1/x86_64/php-timezonedb-2013.9-1.1.mbs1.x86_64.rpm\r\n 51abf076f5d22b0393f94d74bf384502 mbs1/x86_64/php-tk-0.1.1-29.1.mbs1.x86_64.rpm\r\n a2a8c303e251afdfd6b6eb84307f95cd mbs1/x86_64/php-tokenizer-5.5.8-1.mbs1.x86_64.rpm\r\n 2d6a9a2ee9034ca19c81914f10dbaaf1 mbs1/x86_64/php-txforward-1.0.7-3.1.mbs1.x86_64.rpm\r\n a91cc0a9f98d6be93242c761722c3363 mbs1/x86_64/php-uploadprogress-1.0.3.1-3.1.mbs1.x86_64.rpm\r\n 4cad056354849adc02de0899481f2c0e mbs1/x86_64/php-uuid-1.0.3-1.mbs1.x86_64.rpm\r\n 269b8bdd1a21e7f7688a60cb6d4e66c9 mbs1/x86_64/php-wbxml-1.0.3-14.1.mbs1.x86_64.rpm\r\n 3c324e3865d37e40e0c44d703e6af971 mbs1/x86_64/php-wddx-5.5.8-1.mbs1.x86_64.rpm\r\n 272928a998127f03fa7b466bdae5625b mbs1/x86_64/php-xattr-1.2.0-1.mbs1.x86_64.rpm\r\n 1a36dc739e5b59e1a7234c20252bb30c mbs1/x86_64/php-xdiff-1.5.2-1.mbs1.x86_64.rpm\r\n e21b93c47fc09d426b1e9873d922c9b6 mbs1/x86_64/php-xml-5.5.8-1.mbs1.x86_64.rpm\r\n 18b1f4b35359ef4803840b6a59023662 mbs1/x86_64/php-xmlreader-5.5.8-1.mbs1.x86_64.rpm\r\n 32cac8722f385bd6c889c7998708f896 mbs1/x86_64/php-xmlrpc-5.5.8-1.mbs1.x86_64.rpm\r\n 17741808a8ab423b918e15d791a470a0 mbs1/x86_64/php-xmlwriter-5.5.8-1.mbs1.x86_64.rpm\r\n c4ca4a667ea3d67c2a5f41be43e275ef mbs1/x86_64/php-xsl-5.5.8-1.mbs1.x86_64.rpm\r\n 26c7a4cb6e3a349f184cb151b3e66bbe mbs1/x86_64/php-xslcache-0.7.2-1.mbs1.x86_64.rpm\r\n 2ec0a54234ba1f9408a1dfc312ce15bb mbs1/x86_64/php-yaml-1.1.1-1.mbs1.x86_64.rpm\r\n d8d867f694f761e0c1fbb42f37671246 mbs1/x86_64/php-yaz-1.1.6-1.mbs1.x86_64.rpm\r\n d3a22538565c0e70823ab006a918b599 mbs1/x86_64/php-yp-5.2.3-25.1.mbs1.x86_64.rpm\r\n e8a6f6b750a57d30cab05f43ed0d2826 mbs1/x86_64/php-zip-5.5.8-1.mbs1.x86_64.rpm\r\n 85fc2115c2d73651c13b7e7d579035c2 mbs1/x86_64/php-zlib-5.5.8-1.mbs1.x86_64.rpm \r\n dffedeb2bc9dbcf09a08c5b8ee085241 mbs1/SRPMS/json-c-0.11-1.mbs1.src.rpm\r\n af6e8a771ad6e82cc4890d017a282a54 mbs1/SRPMS/libmbfl-1.2.0-1.mbs1.src.rpm\r\n 208cadf784cf7e5d87473a66b1ad9dec mbs1/SRPMS/php-5.5.8-1.mbs1.src.rpm\r\n 569fe67ccfe844b44d66cd5801c87029 mbs1/SRPMS/php-amf-0.9.2-10.1.mbs1.src.rpm\r\n 18c40965301ed883fdc24604257cd1e5 mbs1/SRPMS/php-apacheaccessor-1.0.1-1.mbs1.src.rpm\r\n f7450092f00a1271e4c767317739caf9 mbs1/SRPMS/php-apc-3.1.15-1.2.mbs1.src.rpm\r\n 05ac57db5fca564a1056dfbaffb98a5e mbs1/SRPMS/php-apm-1.1.0-1RC2.mbs1.src.rpm\r\n 92d6548693ee63aa19a50bf8662db4b1 mbs1/SRPMS/php-archive-0.2-22.1.mbs1.src.rpm\r\n 937fe1748c3a85337d74d9d25a5f64b2 mbs1/SRPMS/php-auth_nds-2.2.6-28.1.mbs1.src.rpm\r\n 73b13a0ed1ef4c11411c8482d924346a mbs1/SRPMS/php-bbcode-1.0.3-0.0.b1.5.mbs1.src.rpm\r\n 2e6d69003f3b782b4dd304a7fb7838d6 mbs1/SRPMS/php-bcompiler-1.0.2-3.1.mbs1.src.rpm\r\n 0514e5ace4b598d1f2f380eee232d906 mbs1/SRPMS/php-bitset-2.0-1.mbs1.src.rpm\r\n f681295764f84a253a17a6f8f0de66f3 mbs1/SRPMS/php-bloomy-0.1.0-11.1.mbs1.src.rpm\r\n f099bc978799afff5ed4ab35cde70633 mbs1/SRPMS/php-braille-0.1.1-1.mbs1.src.rpm\r\n 522cd2c8a16f78acdc7dc5f80fff34e4 mbs1/SRPMS/php-cairo-0.3.2-1.mbs1.src.rpm\r\n 56436636c2f04d70a96d6cb571abcf03 mbs1/SRPMS/php-cairo_wrapper-0.2.4-12.1.mbs1.src.rpm\r\n 16e205bc0339a90acb9560df409be2f7 mbs1/SRPMS/php-courierauth-0.1.0-26.1.mbs1.src.rpm\r\n fc4f8967c11cc4b2080193ea11439f10 mbs1/SRPMS/php-cyrus-1.0-30.1.mbs1.src.rpm\r\n 028cd11a27d1caf3fa0bfb7ccba72dff mbs1/SRPMS/php-dav-1.2-4.1.mbs1.src.rpm\r\n 6e7fa7b114c2262288d12b16b67f9398 mbs1/SRPMS/php-dbase-5.0.1-3.1.mbs1.src.rpm\r\n f5a32e8c86e6d8a37ea49f6edcc8f2eb mbs1/SRPMS/php-dbx-1.1.2-3.1.mbs1.src.rpm\r\n 28361b8014ef86de714370ed2f9c8523 mbs1/SRPMS/php-dio-0.0.7-1.mbs1.src.rpm\r\n 46cd6b2052a284a5e4b6cd2e9ce0f35b mbs1/SRPMS/php-doublemetaphone-1.0.0-1.mbs1.src.rpm\r\n 216f54099506165d92e2fa5eb5fa895b mbs1/SRPMS/php-drizzle-0.4.2-8.1.mbs1.src.rpm\r\n 8103618186a8263b5aa140ac2604a377 mbs1/SRPMS/php-event-1.8.1-1.mbs1.src.rpm\r\n 117870df2707a9f7f743e0d5e006f01c mbs1/SRPMS/php-expect-0.3.1-3.1.mbs1.src.rpm\r\n 1e9571e84f5c216436346ba4f0ef7e01 mbs1/SRPMS/php-fam-5.0.1-21.1.mbs1.src.rpm\r\n 12ab1fab99d150362d41a2462432616f mbs1/SRPMS/php-filepro-5.1.6-31.1.mbs1.src.rpm\r\n b8f3eeac43f32ffab74d3a6a2e1a95a9 mbs1/SRPMS/php-gender-1.0.0-1.mbs1.src.rpm\r\n f4b01e4ea76567f29b6302a94de0187e mbs1/SRPMS/php-geoip-1.0.8-3.1.mbs1.src.rpm\r\n ad38f3ef3e39a2cc1ff974fb6fee5f27 mbs1/SRPMS/php-gnupg-1.3.2-8.1.mbs1.src.rpm\r\n 7993893485eed60a687dd9072e58ceb7 mbs1/SRPMS/php-gnutls-0.3-0.rc1.25.mbs1.src.rpm\r\n 93667de0345b12d30fd9a90850ccfa64 mbs1/SRPMS/php-gtk2-2.0.3-0.git20130225.1.1.mbs1.src.rpm\r\n 05bf2145f513bfa34f36e60032d752c1 mbs1/SRPMS/php-haru-1.0.4-1.mbs1.src.rpm\r\n efc0bfbf4490ea6bf61464fcc397661e mbs1/SRPMS/php-hidef-0.1.13-1.mbs1.src.rpm\r\n 4c4dcf9335bab8530c2b5a8f5d07fdf5 mbs1/SRPMS/php-htscanner-1.0.1-1.mbs1.src.rpm\r\n 4d39a950797e8df46762c5c73e170179 mbs1/SRPMS/php-id3-0.2-33.1.mbs1.src.rpm\r\n 1a756001cd773cdc7ca5f797e7171660 mbs1/SRPMS/php-imagick-3.1.2-1.mbs1.src.rpm\r\n 7fd6af5d9de5290b131e9624ec67b6bc mbs1/SRPMS/php-inclued-0.1.3-1.mbs1.src.rpm\r\n 57ca03ec85af8be4d4db50843d7adeb4 mbs1/SRPMS/php-inotify-0.1.6-1.mbs1.src.rpm\r\n 58c4db8af664a6790e382575b8b39151 mbs1/SRPMS/php-libevent-0.1.0-1.mbs1.src.rpm\r\n fde733df58d1daf042d0948be090e961 mbs1/SRPMS/php-mcve-7.0.3-11.1.mbs1.src.rpm\r\n 9340b22c4c7b2c5071c197c8fe22aa02 mbs1/SRPMS/php-memcache-3.0.8-1.mbs1.src.rpm\r\n a9c5cbd1eeab91714ec8ce69106e1a20 mbs1/SRPMS/php-memcached-2.1.0-1.mbs1.src.rpm\r\n 6cd241db51c9f1e51bc81e2dfecb485b mbs1/SRPMS/php-mnogosearch-1.96-35.1.mbs1.src.rpm\r\n 98d85dfb93b0a0c269a9a2d3f6f0eede mbs1/SRPMS/php-mongo-1.4.5-1.mbs1.src.rpm\r\n 2524e31d5a61e1352dce360526149544 mbs1/SRPMS/php-newt-1.2.8-1.mbs1.src.rpm\r\n b117d574a2eb07efbeef7e68eb3dbf38 mbs1/SRPMS/php-oggvorbis-0.2-33.1.mbs1.src.rpm\r\n 25eef544c81b44775441da1a9d4a5f8e mbs1/SRPMS/php-pam-1.0.3-10.1.mbs1.src.rpm\r\n e4812e2fb71334c1470855047d33ff92 mbs1/SRPMS/php-proctitle-0.1.2-1.mbs1.src.rpm\r\n b34e461b5688ed89bcde35f46d34615a mbs1/SRPMS/php-radius-1.2.7-1.1.mbs1.src.rpm\r\n 40dbef246efb480f12286479828f0172 mbs1/SRPMS/php-rrdtool-0-35.1.mbs1.src.rpm\r\n 60701f0629317b0bec9f1bdd43354e19 mbs1/SRPMS/php-sasl-0.1.0-36.1.mbs1.src.rpm\r\n 5a75e8c81e606385c707b714b6282e5a mbs1/SRPMS/php-sqlite-1.0.3-1.mbs1.src.rpm\r\n ca0c2cf7daea363b6dbe0b1ef89982c1 mbs1/SRPMS/php-ssh2-0.12-1.mbs1.src.rpm\r\n 2df05fb13a6318aa63d52b58018aaac9 mbs1/SRPMS/php-suhosin-0.9.33-7.2.mbs1.src.rpm\r\n 9a9ab66c2049d3b901a1a29cb41866fc mbs1/SRPMS/php-svn-1.0.2-1.mbs1.src.rpm\r\n 62182c75a65d16872febeb225d345f40 mbs1/SRPMS/php-swish-0.5.0-1.mbs1.src.rpm\r\n fdb525c5d728fb5058edc0bde32f8207 mbs1/SRPMS/php-syck-0.9.3-17.1.mbs1.src.rpm\r\n fdc70578239b8ad71a29d2164346b2e3 mbs1/SRPMS/php-tcpwrap-1.1.3-18.1.mbs1.src.rpm\r\n 7eca5e164fe2c13313d24fa2d9192b2f mbs1/SRPMS/php-tdb-1.0.0-18.1.mbs1.src.rpm\r\n d9b8b9498a693a047250431b387d1a38 mbs1/SRPMS/php-timezonedb-2013.9-1.1.mbs1.src.rpm\r\n 05f98d011308f8e5b93678bc6f8131de mbs1/SRPMS/php-tk-0.1.1-29.1.mbs1.src.rpm\r\n cf608a75bbbaea51c1ce0b04719ce746 mbs1/SRPMS/php-txforward-1.0.7-3.1.mbs1.src.rpm\r\n 4a1bae8e064b076164b81d5e79bd5e4b mbs1/SRPMS/php-uploadprogress-1.0.3.1-3.1.mbs1.src.rpm\r\n 23a9cf1fa7db9dc8843c9262795a1eb1 mbs1/SRPMS/php-uuid-1.0.3-1.mbs1.src.rpm\r\n f1c54907e7c544dfd95764da8175f749 mbs1/SRPMS/php-wbxml-1.0.3-14.1.mbs1.src.rpm\r\n 2c57275de2451e91cbfc271ae14595dc mbs1/SRPMS/php-xattr-1.2.0-1.mbs1.src.rpm\r\n 82d034516dcfe4fbaf68640ccd017a1f mbs1/SRPMS/php-xdiff-1.5.2-1.mbs1.src.rpm\r\n c19da5f5199dbc4d58a2c1d9b7de5bff mbs1/SRPMS/php-xslcache-0.7.2-1.mbs1.src.rpm\r\n b05fbb9a7a6ca882fcb7ed4cab1c3886 mbs1/SRPMS/php-yaml-1.1.1-1.mbs1.src.rpm\r\n b2859baaf205be29a938df103529659d mbs1/SRPMS/php-yaz-1.1.6-1.mbs1.src.rpm\r\n 8544a9059f4099bc17bdd31cb2218aee mbs1/SRPMS/php-yp-5.2.3-25.1.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFS3pnTmqjQ0CJFipgRAtkRAJ417vt7FzRaoh3u+es+hZpnI/G1kwCfcGWD\r\nxmJGFGNLyeQwnIXiJs7+QxY=\r\n=ro67\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2014-01-29T00:00:00", "published": "2014-01-29T00:00:00", "id": "SECURITYVULNS:DOC:30264", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30264", "title": "[ MDVSA-2014:014 ] php", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:54", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04476799\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04476799\r\nVersion: 1\r\n\r\nHPSBUX03139 SSRT101608 rev.1 - HP-UX running System Management Homepage\r\n&#40;SMH&#41;, Remote Cross-Site Request Forgery\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-10-13\r\nLast Updated: 2014-10-13\r\n\r\nPotential Security Impact: Remote Cross-Site Request Forgery\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP System\r\nManagement Homepage &#40;SMH&#41; for HP-UX. The vulnerability could be exploited\r\nremotely to allow cross-site request forgery &#40;CSRF&#41;.\r\n\r\nReferences: CVE-2014-7874 &#40;SSRT101608&#41;\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP System Management Homepage &#40;SMH&#41; v3.2.2 and earlier running on HP-UX\r\nB.11.23\r\nHP System Management Homepage &#40;SMH&#41; v3.2.7 and earlier running on HP-UX\r\nB.11.31\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-7874 &#40;AV:N/AC:M/Au:N/C:P/I:P/A:P&#41; 6.8\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nThe Hewlett-Packard Company thanks David Jorm of Red Hat Product Security for\r\nreporting this vulnerability to security-alert@hp.com.\r\n\r\nRESOLUTION\r\n\r\nHP has provided the following upgrades to resolve this vulnerability.\r\n\r\nThese upgrades are available from the following website:\r\n\r\nURL: http://software.hp.com\r\n\r\nHP-UX Release\r\n Depot name\r\n\r\nB.11.23 &#40;11i v2&#41;\r\n HP_UX_11i_v2_SysMgmtWeb_A.3.2.3_HP-UX_B.11.23_IA_PA.depot or subsequent\r\n\r\nB.11.31 &#40;11i v3&#41;\r\n HP_UX_11i_v3_SysMgmtWeb_A.3.2.8_HP-UX_B.11.31_IA_PA.depot or subsequent\r\n\r\nMANUAL ACTIONS: Yes - NonUpdate\r\n\r\nInstall SMH v3.2.3 or subsequent on HP-UX 11i v2\r\n\r\nInstall SMH v3.2.8 or subsequent on HP-UX 11i v3\r\n\r\nPRODUCT SPECIFIC INFORMATION\r\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\r\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\r\nissued by HP and lists recommended actions that may apply to a specific HP-UX\r\nsystem. It can also download patches and create a depot automatically. For\r\nmore information see: https://www.hp.com/go/swa\r\n\r\nThe following text is for use by the HP-UX Software Assistant.\r\n\r\nAFFECTED VERSIONS\r\n\r\nHP-UX B.11.23\r\n==================\r\nSysMgmtHomepage.SMH-PPAGES\r\nSysMgmtHomepage.SMH-PPAGES-COM\r\nSysMgmtHomepage.SMH-RUN\r\nSysMgmtHomepage.SMH-SAMLOG\r\nSysMgmtHomepage.SMH-UILIB\r\nSysMgmtHomepage.SMH-ASSIST\r\nSysMgmtHomepage.SMH-SDK\r\nSysMgmtHomepage.SMH-UILIB-COM\r\nSysMgmtHomepage.SMH-XLAUNCH\r\nSysMgmtHomepage.SMH-DOC\r\nSysMgmtHomepage.SMH-DOC-COM\r\naction: install A.3.2.3 or subsequent\r\n\r\nHP-UX B.11.31\r\n==================\r\nSysMgmtHomepage.SMH-PPAGES\r\nSysMgmtHomepage.SMH-ASSIST\r\nSysMgmtHomepage.SMH-DOC\r\nSysMgmtHomepage.SMH-DOC-COM\r\nSysMgmtHomepage.SMH-SDK\r\nSysMgmtHomepage.SMH-PPAGES-COM\r\nSysMgmtHomepage.SMH-RUN\r\nSysMgmtHomepage.SMH-SAMLOG\r\nSysMgmtHomepage.SMH-UILIB\r\nSysMgmtHomepage.SMH-UILIB-COM\r\nSysMgmtHomepage.SMH-XLAUNCH\r\naction: install A.3.2.8 or subsequent\r\n\r\nEND AFFECTED VERSIONS\r\n\r\nHISTORY\r\nVersion:1 &#40;rev.1&#41; - 13 October 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer&#39;s patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided &quot;as is&quot;\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 &#40;GNU/Linux&#41;\r\n\r\niEYEARECAAYFAlQ8T+8ACgkQ4B86/C0qfVlM1wCePUJT9bKv24TKKIHsu8P+BL92\r\nXvEAoNGW41DUgAgZnvVQnK1BovrgCafL\r\n=2wzh\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-10-15T00:00:00", "published": "2014-10-15T00:00:00", "id": "SECURITYVULNS:DOC:31214", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31214", "title": "[security bulletin] HPSBUX03139 SSRT101608 rev.1 - HP-UX running System Management Homepage &#40;SMH&#41;, Remote Cross-Site Request Forgery", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:49", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2013:276\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : curl\r\n Date : November 21, 2013\r\n Affected: Business Server 1.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Updated curl packages fix security vulnerability:\r\n \r\n Scott Cantor discovered that curl, a file retrieval tool, would disable\r\n the CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER\r\n setting was disabled. This would also disable ssl certificate host\r\n name checks when it should have only disabled verification of the\r\n certificate trust chain &#40;CVE-2013-4545&#41;.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4545\r\n http://advisories.mageia.org/MGASA-2013-0338.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n 8f84022018a0be9caba70cc8cf6b98d1 mes5/i586/curl-7.19.0-2.8mdvmes5.2.i586.rpm\r\n e86ae32c140ab086117a626b1dc4247c mes5/i586/curl-examples-7.19.0-2.8mdvmes5.2.i586.rpm\r\n af24903c9f5de553fb3608bd58218f24 mes5/i586/libcurl4-7.19.0-2.8mdvmes5.2.i586.rpm\r\n bf050fb57bfcdf91bb8b60f3b0c0e25f mes5/i586/libcurl-devel-7.19.0-2.8mdvmes5.2.i586.rpm \r\n dfb61d68c4c646ab7bd0a9d3a1c39469 mes5/SRPMS/curl-7.19.0-2.8mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 4ccbd52d83d96e492d15463f39e4592e mes5/x86_64/curl-7.19.0-2.8mdvmes5.2.x86_64.rpm\r\n 9c4dd21c21347ef24faa736eec23f8d1 mes5/x86_64/curl-examples-7.19.0-2.8mdvmes5.2.x86_64.rpm\r\n 1ec84b9e08af585ec52115c780f8f7ad mes5/x86_64/lib64curl4-7.19.0-2.8mdvmes5.2.x86_64.rpm\r\n d9ca888f8a41efdbed7413c08b0a3c6c mes5/x86_64/lib64curl-devel-7.19.0-2.8mdvmes5.2.x86_64.rpm \r\n dfb61d68c4c646ab7bd0a9d3a1c39469 mes5/SRPMS/curl-7.19.0-2.8mdvmes5.2.src.rpm\r\n\r\n Mandriva Business Server 1/X86_64:\r\n 1c6d38ad16cfbbd7c08ac4db92c3c322 mbs1/x86_64/curl-7.24.0-2.3.mbs1.x86_64.rpm\r\n 47944d2322c89eb7e167ff2cfaaa0c21 mbs1/x86_64/curl-examples-7.24.0-2.3.mbs1.x86_64.rpm\r\n 6b2c3b949347f726bb1a68700d3de178 mbs1/x86_64/lib64curl4-7.24.0-2.3.mbs1.x86_64.rpm\r\n 1b2449e78f76b8af262fa990317cc6f4 mbs1/x86_64/lib64curl-devel-7.24.0-2.3.mbs1.x86_64.rpm \r\n 5158e7b7a60bad696d90178ec462c6a0 mbs1/SRPMS/curl-7.24.0-2.3.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFSjdjzmqjQ0CJFipgRAixLAJ41ILVt778Lt5wIF9Jwom7KBcuW5gCffIDn\r\nM5ZuM4EwtuqxlZfXqbsmaJI=\r\n=iHkm\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2013-11-26T00:00:00", "published": "2013-11-26T00:00:00", "id": "SECURITYVULNS:DOC:30021", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30021", "title": "[ MDVSA-2013:276 ] curl", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:54", "bulletinFamily": "software", "description": "Crash on parsing date intervals.", "modified": "2014-01-29T00:00:00", "published": "2014-01-29T00:00:00", "id": "SECURITYVULNS:VULN:13542", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13542", "title": "PHP DoS", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:50", "bulletinFamily": "software", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2058-1\r\nDecember 18, 2013\r\n\r\ncurl vulnerability\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 13.10\r\n- Ubuntu 13.04\r\n- Ubuntu 12.10\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nFraudulent security certificates could allow sensitive information to be\r\nexposed when accessing the Internet.\r\n\r\nSoftware Description:\r\n- curl: HTTP, HTTPS, and FTP client and client libraries\r\n\r\nDetails:\r\n\r\nMarc Deslauriers discovered that libcurl incorrectly verified CN and SAN\r\nname fields when digital signature verification was disabled in the GnuTLS\r\nbackend. When libcurl is being used in this uncommon way by specific\r\napplications, an attacker could exploit this to perform a man in the middle\r\nattack to view sensitive information or alter encrypted communications.\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 13.10:\r\n libcurl3-gnutls 7.32.0-1ubuntu1.2\r\n\r\nUbuntu 13.04:\r\n libcurl3-gnutls 7.29.0-1ubuntu3.4\r\n\r\nUbuntu 12.10:\r\n libcurl3-gnutls 7.27.0-1ubuntu1.7\r\n\r\nUbuntu 12.04 LTS:\r\n libcurl3-gnutls 7.22.0-3ubuntu4.6\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2058-1\r\n CVE-2013-6422\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/curl/7.32.0-1ubuntu1.2\r\n https://launchpad.net/ubuntu/+source/curl/7.29.0-1ubuntu3.4\r\n https://launchpad.net/ubuntu/+source/curl/7.27.0-1ubuntu1.7\r\n https://launchpad.net/ubuntu/+source/curl/7.22.0-3ubuntu4.6\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "modified": "2013-12-23T00:00:00", "published": "2013-12-23T00:00:00", "id": "SECURITYVULNS:DOC:30129", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30129", "title": "[USN-2058-1] curl vulnerability", "type": "securityvulns", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "cve": [{"lastseen": "2017-09-08T10:27:03", "bulletinFamily": "NVD", "description": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.", "modified": "2017-09-07T21:29:17", "published": "2014-10-18T21:55:21", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7874", "id": "CVE-2014-7874", "title": "CVE-2014-7874", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-03T18:49:03", "bulletinFamily": "NVD", "description": "cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN name field verification (CURLOPT_SSL_VERIFYHOST) when the digital signature verification (CURLOPT_SSL_VERIFYPEER) is disabled, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", "modified": "2016-06-16T21:59:31", "published": "2013-11-23T06:55:04", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4545", "id": "CVE-2013-4545", "title": "CVE-2013-4545", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-03T19:11:06", "bulletinFamily": "NVD", "description": "The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling digital signature verification (CURLOPT_SSL_VERIFYPEER), also disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.", "modified": "2016-04-07T16:55:59", "published": "2013-12-23T17:55:02", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6422", "id": "CVE-2013-6422", "type": "cve", "title": "CVE-2013-6422", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-11-01T05:14:12", "bulletinFamily": "NVD", "description": "The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.", "modified": "2018-10-30T12:27:34", "published": "2013-11-27T23:37:39", "id": "CVE-2013-6712", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6712", "title": "CVE-2013-6712", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-01T05:14:12", "bulletinFamily": "NVD", "description": "The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.", "modified": "2018-10-30T12:27:34", "published": "2013-12-16T23:46:45", "id": "CVE-2013-6420", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6420", "title": "CVE-2013-6420", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-03T20:17:32", "bulletinFamily": "NVD", "description": "HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors.", "modified": "2015-08-10T11:34:07", "published": "2014-10-01T20:55:03", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2642", "id": "CVE-2014-2642", "title": "CVE-2014-2642", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-03T20:17:31", "bulletinFamily": "NVD", "description": "Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.", "modified": "2015-08-10T11:33:48", "published": "2014-10-01T20:55:03", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2641", "id": "CVE-2014-2641", "title": "CVE-2014-2641", "type": "cve", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-03T20:17:31", "bulletinFamily": "NVD", "description": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", "modified": "2015-08-10T11:33:33", "published": "2014-10-01T20:55:03", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2640", "id": "CVE-2014-2640", "title": "CVE-2014-2640", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "f5": [{"lastseen": "2016-09-26T17:23:03", "bulletinFamily": "software", "description": "Recommended action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n", "modified": "2014-05-22T00:00:00", "published": "2014-03-27T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15110.html", "id": "SOL15110", "title": "SOL15110 - PHP Vulnerability CVE-2013-6420", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:21", "bulletinFamily": "software", "description": "Recommended Action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n", "modified": "2014-04-07T00:00:00", "published": "2014-04-07T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15150.html", "id": "SOL15150", "title": "SOL15150 - cURL and libcurl vulnerability CVE-2013-4545", "type": "f5", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2018-10-22T16:40:20", "bulletinFamily": "scanner", "description": "This host is running HP System Management\n Homepage (SMH) and is prone to multiple vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2014-10-14T00:00:00", "id": "OPENVAS:1361412562310804858", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804858", "title": "HP System Management Homepage Multiple Vulnerabilities - Oct14", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_hp_smh_mult_vuln_oct14.nasl 11867 2018-10-12 10:48:11Z cfischer $\n#\n# HP System Management Homepage Multiple Vulnerabilities - Oct14\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:hp:system_management_homepage\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804858\");\n script_version(\"$Revision: 11867 $\");\n script_cve_id(\"CVE-2014-2640\", \"CVE-2014-2641\", \"CVE-2014-2642\");\n script_bugtraq_id(70208);\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:48:11 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-14 11:52:11 +0530 (Tue, 14 Oct 2014)\");\n\n script_name(\"HP System Management Homepage Multiple Vulnerabilities - Oct14\");\n\n script_tag(name:\"summary\", value:\"This host is running HP System Management\n Homepage (SMH) and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are exists due to,\n\n - An error as HTTP requests to certain scripts do not require multiple steps,\n explicit confirmation, or a unique token when performing sensitive actions.\n\n - An error as application does not validate user-supplied input.\n\n - An unspecified error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to perform clickjacking attacks, perform a Cross-Site Request\n Forgery attack or execute arbitrary script code in a user's browser session\n within the trust relationship between their browser and the server.\");\n\n script_tag(name:\"affected\", value:\"HP System Management Homepage (SMH) before\n version 7.4\");\n\n script_tag(name:\"solution\", value:\"Upgrade to HP System Management Homepage\n (SMH) 7.4 or later.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_hp_smh_detect.nasl\");\n script_mandatory_keys(\"HP/SMH/installed\");\n script_require_ports(\"Services/www\", 2381);\n script_xref(name:\"URL\", value:\"http://h18013.www1.hp.com/products/servers/management/agents/index.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!smhPort = get_app_port(cpe:CPE)) exit(0);\n\nif(!smhVer = get_app_version(cpe:CPE, port:smhPort)) exit(0);\n\nif(version_is_less(version:smhVer, test_version:\"7.4\"))\n{\n security_message(smhPort);\n exit(0);\n}\n", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:09:17", "bulletinFamily": "scanner", "description": "Check for the Version of php5", "modified": "2018-01-17T00:00:00", "published": "2013-12-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841659", "id": "OPENVAS:841659", "title": "Ubuntu Update for php5 USN-2055-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2055_1.nasl 8448 2018-01-17 16:18:06Z teissa $\n#\n# Ubuntu Update for php5 USN-2055-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841659);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-17 12:10:04 +0530 (Tue, 17 Dec 2013)\");\n script_cve_id(\"CVE-2013-6420\", \"CVE-2013-6712\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for php5 USN-2055-1\");\n\n tag_insight = \"Stefan Esser discovered that PHP incorrectly parsed\ncertificates. An attacker could use a malformed certificate to cause PHP\nto crash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2013-6420)\n\nIt was discovered that PHP incorrectly handled DateInterval objects. An\nattacker could use this issue to cause PHP to crash, resulting in a denial\nof service. (CVE-2013-6712)\";\n\n tag_affected = \"php5 on Ubuntu 13.10 ,\n Ubuntu 13.04 ,\n Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 10.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2055-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2055-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of php5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.6-1ubuntu1.5\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.6-1ubuntu1.5\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.6-1ubuntu1.5\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1ubuntu3.9\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1ubuntu3.9\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1ubuntu3.9\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.22\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.22\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.22\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.5.3+dfsg-1ubuntu2.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.5.3+dfsg-1ubuntu2.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.5.3+dfsg-1ubuntu2.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.9-4ubuntu2.4\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.9-4ubuntu2.4\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.9-4ubuntu2.4\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:51:43", "bulletinFamily": "scanner", "description": "Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-6420 \nStefan Esser reported possible memory corruption in\nopenssl_x509_parse().\n\nCVE-2013-6712 \nCreating DateInterval objects from parsed ISO dates was\nnot properly restricted, which allowed to cause a\ndenial of service.\n\nIn addition, the update for Debian 7 Wheezy \ncontains several bugfixes\noriginally targeted for the upcoming Wheezy point release.", "modified": "2017-07-07T00:00:00", "published": "2013-12-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=702816", "id": "OPENVAS:702816", "title": "Debian Security Advisory DSA 2816-1 (php5 - several vulnerabilities)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2816.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2816-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"php5 on Debian Linux\";\ntag_insight = \"This package is a metapackage that, when installed, guarantees that you\nhave at least one of the three server-side versions of the PHP5 interpreter\ninstalled. Removing this package won't remove PHP5 from your system, however\nit may remove other packages that depend on this one.\";\ntag_solution = \"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 5.3.3-7+squeeze18.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 5.4.4-14+deb7u7.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 5.5.6+dfsg-2.\n\nWe recommend that you upgrade your php5 packages.\";\ntag_summary = \"Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-6420 \nStefan Esser reported possible memory corruption in\nopenssl_x509_parse().\n\nCVE-2013-6712 \nCreating DateInterval objects from parsed ISO dates was\nnot properly restricted, which allowed to cause a\ndenial of service.\n\nIn addition, the update for Debian 7 Wheezy \ncontains several bugfixes\noriginally targeted for the upcoming Wheezy point release.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702816);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-6420\", \"CVE-2013-6712\");\n script_name(\"Debian Security Advisory DSA 2816-1 (php5 - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-12-12 00:00:00 +0100 (Thu, 12 Dec 2013)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2816.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:56:20", "bulletinFamily": "scanner", "description": "Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-6420 \nStefan Esser reported possible memory corruption in\nopenssl_x509_parse().\n\nCVE-2013-6712 \nCreating DateInterval objects from parsed ISO dates was\nnot properly restricted, which allowed to cause a\ndenial of service.\n\nIn addition, the update for Debian 7 Wheezy \ncontains several bugfixes\noriginally targeted for the upcoming Wheezy point release.", "modified": "2018-04-06T00:00:00", "published": "2013-12-12T00:00:00", "id": "OPENVAS:1361412562310702816", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702816", "title": "Debian Security Advisory DSA 2816-1 (php5 - several vulnerabilities)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2816.nasl 9353 2018-04-06 07:14:20Z cfischer $\n# Auto-generated from advisory DSA 2816-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"php5 on Debian Linux\";\ntag_insight = \"This package is a metapackage that, when installed, guarantees that you\nhave at least one of the three server-side versions of the PHP5 interpreter\ninstalled. Removing this package won't remove PHP5 from your system, however\nit may remove other packages that depend on this one.\";\ntag_solution = \"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 5.3.3-7+squeeze18.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 5.4.4-14+deb7u7.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 5.5.6+dfsg-2.\n\nWe recommend that you upgrade your php5 packages.\";\ntag_summary = \"Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-6420 \nStefan Esser reported possible memory corruption in\nopenssl_x509_parse().\n\nCVE-2013-6712 \nCreating DateInterval objects from parsed ISO dates was\nnot properly restricted, which allowed to cause a\ndenial of service.\n\nIn addition, the update for Debian 7 Wheezy \ncontains several bugfixes\noriginally targeted for the upcoming Wheezy point release.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702816\");\n script_version(\"$Revision: 9353 $\");\n script_cve_id(\"CVE-2013-6420\", \"CVE-2013-6712\");\n script_name(\"Debian Security Advisory DSA 2816-1 (php5 - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2018-04-06 09:14:20 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value:\"2013-12-12 00:00:00 +0100 (Thu, 12 Dec 2013)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2816.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.3-7+squeeze18\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.4-14+deb7u7\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-19T13:04:49", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2013-12-17T00:00:00", "id": "OPENVAS:1361412562310841659", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841659", "title": "Ubuntu Update for php5 USN-2055-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2055_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# Ubuntu Update for php5 USN-2055-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841659\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-17 12:10:04 +0530 (Tue, 17 Dec 2013)\");\n script_cve_id(\"CVE-2013-6420\", \"CVE-2013-6712\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for php5 USN-2055-1\");\n\n\n script_tag(name:\"affected\", value:\"php5 on Ubuntu 13.10,\n Ubuntu 13.04,\n Ubuntu 12.10,\n Ubuntu 12.04 LTS,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"Stefan Esser discovered that PHP incorrectly parsed\ncertificates. An attacker could use a malformed certificate to cause PHP\nto crash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2013-6420)\n\nIt was discovered that PHP incorrectly handled DateInterval objects. An\nattacker could use this issue to cause PHP to crash, resulting in a denial\nof service. (CVE-2013-6712)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2055-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2055-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php5'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.10|12\\.04 LTS|10\\.04 LTS|13\\.10|13\\.04)\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.6-1ubuntu1.5\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.6-1ubuntu1.5\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.6-1ubuntu1.5\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1ubuntu3.9\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1ubuntu3.9\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1ubuntu3.9\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.22\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.22\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.22\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.5.3+dfsg-1ubuntu2.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.5.3+dfsg-1ubuntu2.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.5.3+dfsg-1ubuntu2.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.9-4ubuntu2.4\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.9-4ubuntu2.4\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.9-4ubuntu2.4\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:53:32", "bulletinFamily": "scanner", "description": "Check for the Version of mingw-curl", "modified": "2018-04-06T00:00:00", "published": "2014-02-05T00:00:00", "id": "OPENVAS:1361412562310867302", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867302", "title": "Fedora Update for mingw-curl FEDORA-2013-22046", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-curl FEDORA-2013-22046\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867302\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-05 10:31:09 +0530 (Wed, 05 Feb 2014)\");\n script_cve_id(\"CVE-2013-4545\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Fedora Update for mingw-curl FEDORA-2013-22046\");\n\n tag_insight = \"cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS,\nDICT, TELNET and TFTP servers, using any of the supported protocols.\ncURL is designed to work without user interaction or any kind of\ninteractivity. cURL offers many useful capabilities, like proxy\nsupport, user authentication, FTP upload, HTTP post, and file transfer\nresume.\n\nThis is the MinGW cross-compiled Windows library.\n\";\n\n tag_affected = \"mingw-curl on Fedora 20\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-22046\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-December/123676.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of mingw-curl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-curl\", rpm:\"mingw-curl~7.33.0~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-26T11:09:48", "bulletinFamily": "scanner", "description": "Check for the Version of curl", "modified": "2018-01-26T00:00:00", "published": "2013-12-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841658", "id": "OPENVAS:841658", "title": "Ubuntu Update for curl USN-2048-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2048_1.nasl 8542 2018-01-26 06:57:28Z teissa $\n#\n# Ubuntu Update for curl USN-2048-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841658);\n script_version(\"$Revision: 8542 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-26 07:57:28 +0100 (Fri, 26 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-17 12:10:02 +0530 (Tue, 17 Dec 2013)\");\n script_cve_id(\"CVE-2013-4545\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Ubuntu Update for curl USN-2048-1\");\n\n tag_insight = \"Scott Cantor discovered that libcurl incorrectly verified CN\nand SAN name fields when digital signature verification was disabled. When\nlibcurl is being used in this uncommon way by specific applications, an\nattacker could exploit this to perform a man in the middle attack to view\nsensitive information or alter encrypted communications.\";\n\n tag_affected = \"curl on Ubuntu 13.10 ,\n Ubuntu 13.04 ,\n Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 10.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2048-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2048-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of curl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.27.0-1ubuntu1.5\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.22.0-3ubuntu4.4\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.19.7-1ubuntu1.4\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcurl3:i386\", ver:\"7.32.0-1ubuntu1.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcurl3:i386\", ver:\"7.29.0-1ubuntu3.3\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:57:55", "bulletinFamily": "scanner", "description": "Scott Cantor discovered that curl, a file retrieval tool, would disable\nthe CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER setting\nwas disabled. This would also disable ssl certificate host name checks\nwhen it should have only disabled verification of the certificate trust\nchain.\n\nThe default configuration for the curl package is not affected by this\nissue since CURLOPT_SSLVERIFYPEER is enabled by default.", "modified": "2018-04-06T00:00:00", "published": "2013-11-17T00:00:00", "id": "OPENVAS:1361412562310892798", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892798", "title": "Debian Security Advisory DSA 2798-1 (curl - unchecked ssl certificate host name)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2798.nasl 9353 2018-04-06 07:14:20Z cfischer $\n# Auto-generated from advisory DSA 2798-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"curl on Debian Linux\";\ntag_insight = \"curl is a client to get files from servers using any of the supported\nprotocols. The command is designed to work without user interaction\nor any kind of interactivity.\";\ntag_solution = \"For the oldstable distribution (squeeze), this problem has been fixed in\nversion 7.21.0-2.1+squeeze5.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 7.26.0-1+wheezy5.\n\nFor the testing (jessie) and unstable (sid) distributions, this problem\nhas been fixed in version 7.33.0-1.\n\nWe recommend that you upgrade your curl packages.\";\ntag_summary = \"Scott Cantor discovered that curl, a file retrieval tool, would disable\nthe CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER setting\nwas disabled. This would also disable ssl certificate host name checks\nwhen it should have only disabled verification of the certificate trust\nchain.\n\nThe default configuration for the curl package is not affected by this\nissue since CURLOPT_SSLVERIFYPEER is enabled by default.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892798\");\n script_version(\"$Revision: 9353 $\");\n script_cve_id(\"CVE-2013-4545\");\n script_name(\"Debian Security Advisory DSA 2798-1 (curl - unchecked ssl certificate host name)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2018-04-06 09:14:20 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value:\"2013-11-17 00:00:00 +0100 (Sun, 17 Nov 2013)\");\n script_tag(name: \"cvss_base\", value:\"4.3\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2798.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"curl\", ver:\"7.21.0-2.1+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.21.0-2.1+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.21.0-2.1+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.21.0-2.1+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl4-gnutls-dev\", ver:\"7.21.0-2.1+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl4-openssl-dev\", ver:\"7.21.0-2.1+squeeze5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"curl\", ver:\"7.26.0-1+wheezy5\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.26.0-1+wheezy5\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.26.0-1+wheezy5\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.26.0-1+wheezy5\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-nss\", ver:\"7.26.0-1+wheezy5\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl4-gnutls-dev\", ver:\"7.26.0-1+wheezy5\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl4-nss-dev\", ver:\"7.26.0-1+wheezy5\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl4-openssl-dev\", ver:\"7.26.0-1+wheezy5\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-25T10:52:08", "bulletinFamily": "scanner", "description": "Check for the Version of mingw-curl", "modified": "2017-07-10T00:00:00", "published": "2013-12-03T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=867097", "id": "OPENVAS:867097", "title": "Fedora Update for mingw-curl FEDORA-2013-21887", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-curl FEDORA-2013-21887\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867097);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-03 14:45:21 +0530 (Tue, 03 Dec 2013)\");\n script_cve_id(\"CVE-2013-4545\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Fedora Update for mingw-curl FEDORA-2013-21887\");\n\n tag_insight = \"cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS,\nDICT, TELNET and TFTP servers, using any of the supported protocols.\ncURL is designed to work without user interaction or any kind of\ninteractivity. cURL offers many useful capabilities, like proxy\nsupport, user authentication, FTP upload, HTTP post, and file transfer\nresume.\n\nThis is the MinGW cross-compiled Windows library.\n\";\n\n tag_affected = \"mingw-curl on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-21887\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-December/123009.html\");\n script_summary(\"Check for the Version of mingw-curl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-curl\", rpm:\"mingw-curl~7.33.0~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-01T23:55:49", "bulletinFamily": "scanner", "description": "Check for the Version of mingw-curl", "modified": "2018-04-06T00:00:00", "published": "2013-12-03T00:00:00", "id": "OPENVAS:1361412562310867097", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867097", "title": "Fedora Update for mingw-curl FEDORA-2013-21887", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-curl FEDORA-2013-21887\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867097\");\n script_version(\"$Revision: 9372 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:56:37 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-03 14:45:21 +0530 (Tue, 03 Dec 2013)\");\n script_cve_id(\"CVE-2013-4545\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Fedora Update for mingw-curl FEDORA-2013-21887\");\n\n tag_insight = \"cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS,\nDICT, TELNET and TFTP servers, using any of the supported protocols.\ncURL is designed to work without user interaction or any kind of\ninteractivity. cURL offers many useful capabilities, like proxy\nsupport, user authentication, FTP upload, HTTP post, and file transfer\nresume.\n\nThis is the MinGW cross-compiled Windows library.\n\";\n\n tag_affected = \"mingw-curl on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-21887\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-December/123009.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of mingw-curl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-curl\", rpm:\"mingw-curl~7.33.0~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:03", "bulletinFamily": "unix", "description": "Stefan Esser discovered that PHP incorrectly parsed certificates. An attacker could use a malformed certificate to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-6420)\n\nIt was discovered that PHP incorrectly handled DateInterval objects. An attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2013-6712)", "modified": "2013-12-12T00:00:00", "published": "2013-12-12T00:00:00", "id": "USN-2055-1", "href": "https://usn.ubuntu.com/2055-1/", "title": "PHP vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:09:06", "bulletinFamily": "unix", "description": "Scott Cantor discovered that libcurl incorrectly verified CN and SAN name fields when digital signature verification was disabled. When libcurl is being used in this uncommon way by specific applications, an attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.", "modified": "2013-12-05T00:00:00", "published": "2013-12-05T00:00:00", "id": "USN-2048-1", "href": "https://usn.ubuntu.com/2048-1/", "title": "curl vulnerability", "type": "ubuntu", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T00:09:33", "bulletinFamily": "unix", "description": "Marc Deslauriers discovered that libcurl incorrectly verified CN and SAN name fields when digital signature verification was disabled in the GnuTLS backend. When libcurl is being used in this uncommon way by specific applications, an attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.", "modified": "2013-12-18T00:00:00", "published": "2013-12-18T00:00:00", "id": "USN-2058-1", "href": "https://usn.ubuntu.com/2058-1/", "title": "curl vulnerability", "type": "ubuntu", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "debian": [{"lastseen": "2018-10-18T13:49:12", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2816-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nDecember 12, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : php5\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-6420 CVE-2013-6712\nDebian Bug : 731112 731895\n\nSeveral vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-6420\n\n Stefan Esser reported possible memory corruption in\n openssl_x509_parse().\n\nCVE-2013-6712\n\n Creating DateInterval objects from parsed ISO dates was\n not properly restricted, which allowed to cause a\n denial of service.\n\nIn addition, the update for Debian 7 &quot;Wheezy&quot; contains several bugfixes\noriginally targeted for the upcoming Wheezy point release.\n\nFor the oldstable distribution (squeeze), these problems have been fixed in\nversion 5.3.3-7+squeeze18.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 5.4.4-14+deb7u7.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 5.5.6+dfsg-2.\n\nWe recommend that you upgrade your php5 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2013-12-12T21:18:36", "published": "2013-12-12T21:18:36", "id": "DEBIAN:DSA-2816-1:9C993", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00230.html", "title": "[SECURITY] [DSA 2816-1] php5 security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-18T13:49:57", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2798-1 security@debian.org\nhttp://www.debian.org/security/ Michael Gilbert\nNovember 17, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : curl\nVulnerability : unchecked ssl certificate host name\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-4545\n\nScott Cantor discovered that curl, a file retrieval tool, would disable\nthe CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER setting\nwas disabled. This would also disable ssl certificate host name checks\nwhen it should have only disabled verification of the certificate trust\nchain.\n\nThe default configuration for the curl package is not affected by this\nissue since CURLOPT_SSLVERIFYPEER is enabled by default.\n\nFor the oldstable distribution (squeeze), this problem has been fixed in\nversion 7.21.0-2.1+squeeze5.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 7.26.0-1+wheezy5.\n\nFor the testing (jessie) and unstable (sid) distributions, this problem\nhas been fixed in version 7.33.0-1.\n\nWe recommend that you upgrade your curl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2013-11-17T18:32:51", "published": "2013-11-17T18:32:51", "id": "DEBIAN:DSA-2798-1:7716A", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00212.html", "title": "[SECURITY] [DSA 2798-1] curl security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-18T13:48:22", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2798-2 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nNovember 20, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : curl\nVulnerability : unchecked ssl certificate host name\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-4545\n\nThe update for curl in DSA-2798-1 uncovered a regression affecting the\ncurl command line tool behaviour (#729965). This update disables host\nverification too when using the --insecure option.\n\nFor the oldstable distribution (squeeze), this problem has been fixed in\nversion 7.21.0-2.1+squeeze6.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 7.26.0-1+wheezy6.\n\nFor the testing (jessie) and unstable (sid) distributions, the curl\ncommand line tool behaves as expected with the --insecure option.\n\nFor reference the original advisory text follows.\n\nScott Cantor discovered that curl, a file retrieval tool, would disable\nthe CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER setting\nwas disabled. This would also disable ssl certificate host name checks\nwhen it should have only disabled verification of the certificate trust\nchain.\n\nThe default configuration for the curl package is not affected by this\nissue since CURLOPT_SSLVERIFYPEER is enabled by default.\n\nFor the oldstable distribution (squeeze), this problem has been fixed in\nversion 7.21.0-2.1+squeeze5.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 7.26.0-1+wheezy5.\n\nFor the testing (jessie) and unstable (sid) distributions, this problem\nhas been fixed in version 7.33.0-1.\n\nWe recommend that you upgrade your curl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2013-11-20T22:17:13", "published": "2013-11-20T22:17:13", "id": "DEBIAN:DSA-2798-2:B3298", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00213.html", "title": "[SECURITY] [DSA 2798-2] curl security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-18T13:49:02", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2824-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nDecember 19, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : curl\nVulnerability : unchecked tls/ssl certificate host name\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-6422\n\nMarc Deslauriers discovered that curl, a file retrieval tool, would\nmistakenly skip verifying the CN and SAN name fields when digital\nsignature verification was disabled in the libcurl GnuTLS backend.\n\nThe default configuration for the curl package is not affected by this\nissue since the digital signature verification is enabled by default.\n\nThe oldstable distribution (squeeze) is not affected by this problem.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 7.26.0-1+wheezy7.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 7.34.0-1.\n\nWe recommend that you upgrade your curl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2013-12-19T18:51:28", "published": "2013-12-19T18:51:28", "id": "DEBIAN:DSA-2824-1:9EFF8", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00238.html", "title": "[SECURITY] [DSA 2824-1] curl security update", "type": "debian", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "freebsd": [{"lastseen": "2018-08-31T01:14:52", "bulletinFamily": "unix", "description": "\ncURL project reports:\n\nlibcurl is vulnerable to a case of missing out the checking\n\t of the certificate CN or SAN name field when the digital\n\t signature verification is turned off.\nlibcurl offers two separate and independent options for\n\t verifying a server's TLS certificate. CURLOPT_SSL_VERIFYPEER\n\t and CURLOPT_SSL_VERIFYHOST. The first one tells libcurl to\n\t verify the trust chain using a CA cert bundle, while the\n\t second tells libcurl to make sure that the name fields in\n\t the server certificate meets the criteria. Both options are\n\t enabled by default.\nThis flaw had the effect that when an application disabled\n\t CURLOPT_SSL_VERIFYPEER, libcurl mistakenly also skipped the\n\t CURLOPT_SSL_VERIFYHOST check. Applications can disable\n\t CURLOPT_SSL_VERIFYPEER and still achieve security by doing\n\t the check on its own using other means.\nThe curl command line tool is not affected by this problem\n\t as it either enables both options or disables both at the\n\t same time.\n\n", "modified": "2013-12-17T00:00:00", "published": "2013-12-17T00:00:00", "id": "4E1F4ABC-6837-11E3-9CDA-3C970E169BC2", "href": "https://vuxml.freebsd.org/freebsd/4e1f4abc-6837-11e3-9cda-3c970e169bc2.html", "title": "cURL library -- cert name check ignore with GnuTLS", "type": "freebsd", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T01:14:53", "bulletinFamily": "unix", "description": "\nStefan Esser reports:\n\nThe PHP function openssl_x509_parse() uses a helper function\n\t called asn1_time_to_time_t() to convert timestamps from ASN1\n\t string format into integer timestamp values. The parser within\n\t this helper function is not binary safe and can therefore be\n\t tricked to write up to five NUL bytes outside of an allocated\n\t buffer.\nThis problem can be triggered by x509 certificates that contain\n\t NUL bytes in their notBefore and notAfter timestamp fields and\n\t leads to a memory corruption that might result in arbitrary\n\t code execution.\nDepending on how openssl_x509_parse() is used within a PHP\n\t application the attack requires either a malicious cert signed\n\t by a compromised/malicious CA or can be carried out with a\n\t self-signed cert.\n\n", "modified": "2013-12-13T00:00:00", "published": "2013-12-13T00:00:00", "id": "47B4E713-6513-11E3-868F-0025905A4771", "href": "https://vuxml.freebsd.org/freebsd/47b4e713-6513-11e3-868f-0025905a4771.html", "title": "PHP5 -- memory corruption in openssl_x509_parse()", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-03T18:25:05", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2013:1813\n\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA memory corruption flaw was found in the way the openssl_x509_parse()\nfunction of the PHP openssl extension parsed X.509 certificates. A remote\nattacker could use this flaw to provide a malicious self-signed certificate\nor a certificate signed by a trusted authority to a PHP application using\nthe aforementioned function, causing the application to crash or, possibly,\nallow the attacker to execute arbitrary code with the privileges of the\nuser running the PHP interpreter. (CVE-2013-6420)\n\nRed Hat would like to thank the PHP project for reporting this issue.\nUpstream acknowledges Stefan Esser as the original reporter of this issue.\n\nAll php53 and php users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After installing\nthe updated packages, the httpd daemon must be restarted for the update to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-December/020061.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-December/020063.html\n\n**Affected packages:**\nphp\nphp-bcmath\nphp-cli\nphp-common\nphp-dba\nphp-devel\nphp-embedded\nphp-enchant\nphp-fpm\nphp-gd\nphp-imap\nphp-intl\nphp-ldap\nphp-mbstring\nphp-mysql\nphp-odbc\nphp-pdo\nphp-pgsql\nphp-process\nphp-pspell\nphp-recode\nphp-snmp\nphp-soap\nphp-tidy\nphp-xml\nphp-xmlrpc\nphp-zts\nphp53\nphp53-bcmath\nphp53-cli\nphp53-common\nphp53-dba\nphp53-devel\nphp53-gd\nphp53-imap\nphp53-intl\nphp53-ldap\nphp53-mbstring\nphp53-mysql\nphp53-odbc\nphp53-pdo\nphp53-pgsql\nphp53-process\nphp53-pspell\nphp53-snmp\nphp53-soap\nphp53-xml\nphp53-xmlrpc\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1813.html", "modified": "2013-12-11T09:54:26", "published": "2013-12-11T09:25:38", "href": "http://lists.centos.org/pipermail/centos-announce/2013-December/020061.html", "id": "CESA-2013:1813", "title": "php, php53 security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "amazon": [{"lastseen": "2018-10-02T16:55:19", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nA memory corruption flaw was found in the way the openssl_x509_parse() function of the PHP openssl extension parsed X.509 certificates. A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP application using the aforementioned function, causing the application to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the user running the PHP interpreter.\n\n \n**Affected Packages:** \n\n\nphp54\n\n \n**Issue Correction:** \nRun _yum update php54_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n php54-recode-5.4.23-1.49.amzn1.i686 \n php54-mysqlnd-5.4.23-1.49.amzn1.i686 \n php54-enchant-5.4.23-1.49.amzn1.i686 \n php54-common-5.4.23-1.49.amzn1.i686 \n php54-xml-5.4.23-1.49.amzn1.i686 \n php54-imap-5.4.23-1.49.amzn1.i686 \n php54-tidy-5.4.23-1.49.amzn1.i686 \n php54-process-5.4.23-1.49.amzn1.i686 \n php54-snmp-5.4.23-1.49.amzn1.i686 \n php54-gd-5.4.23-1.49.amzn1.i686 \n php54-soap-5.4.23-1.49.amzn1.i686 \n php54-mssql-5.4.23-1.49.amzn1.i686 \n php54-embedded-5.4.23-1.49.amzn1.i686 \n php54-5.4.23-1.49.amzn1.i686 \n php54-ldap-5.4.23-1.49.amzn1.i686 \n php54-pgsql-5.4.23-1.49.amzn1.i686 \n php54-fpm-5.4.23-1.49.amzn1.i686 \n php54-odbc-5.4.23-1.49.amzn1.i686 \n php54-pspell-5.4.23-1.49.amzn1.i686 \n php54-devel-5.4.23-1.49.amzn1.i686 \n php54-intl-5.4.23-1.49.amzn1.i686 \n php54-pdo-5.4.23-1.49.amzn1.i686 \n php54-cli-5.4.23-1.49.amzn1.i686 \n php54-mbstring-5.4.23-1.49.amzn1.i686 \n php54-mcrypt-5.4.23-1.49.amzn1.i686 \n php54-xmlrpc-5.4.23-1.49.amzn1.i686 \n php54-dba-5.4.23-1.49.amzn1.i686 \n php54-bcmath-5.4.23-1.49.amzn1.i686 \n php54-mysql-5.4.23-1.49.amzn1.i686 \n php54-debuginfo-5.4.23-1.49.amzn1.i686 \n \n src: \n php54-5.4.23-1.49.amzn1.src \n \n x86_64: \n php54-xml-5.4.23-1.49.amzn1.x86_64 \n php54-xmlrpc-5.4.23-1.49.amzn1.x86_64 \n php54-gd-5.4.23-1.49.amzn1.x86_64 \n php54-recode-5.4.23-1.49.amzn1.x86_64 \n php54-pgsql-5.4.23-1.49.amzn1.x86_64 \n php54-mssql-5.4.23-1.49.amzn1.x86_64 \n php54-mcrypt-5.4.23-1.49.amzn1.x86_64 \n php54-odbc-5.4.23-1.49.amzn1.x86_64 \n php54-fpm-5.4.23-1.49.amzn1.x86_64 \n php54-pspell-5.4.23-1.49.amzn1.x86_64 \n php54-soap-5.4.23-1.49.amzn1.x86_64 \n php54-enchant-5.4.23-1.49.amzn1.x86_64 \n php54-common-5.4.23-1.49.amzn1.x86_64 \n php54-bcmath-5.4.23-1.49.amzn1.x86_64 \n php54-cli-5.4.23-1.49.amzn1.x86_64 \n php54-5.4.23-1.49.amzn1.x86_64 \n php54-snmp-5.4.23-1.49.amzn1.x86_64 \n php54-pdo-5.4.23-1.49.amzn1.x86_64 \n php54-mysql-5.4.23-1.49.amzn1.x86_64 \n php54-embedded-5.4.23-1.49.amzn1.x86_64 \n php54-intl-5.4.23-1.49.amzn1.x86_64 \n php54-process-5.4.23-1.49.amzn1.x86_64 \n php54-imap-5.4.23-1.49.amzn1.x86_64 \n php54-ldap-5.4.23-1.49.amzn1.x86_64 \n php54-tidy-5.4.23-1.49.amzn1.x86_64 \n php54-devel-5.4.23-1.49.amzn1.x86_64 \n php54-dba-5.4.23-1.49.amzn1.x86_64 \n php54-debuginfo-5.4.23-1.49.amzn1.x86_64 \n php54-mysqlnd-5.4.23-1.49.amzn1.x86_64 \n php54-mbstring-5.4.23-1.49.amzn1.x86_64 \n \n \n", "modified": "2014-09-16T22:11:00", "published": "2014-09-16T22:11:00", "id": "ALAS-2013-263", "href": "https://alas.aws.amazon.com/ALAS-2013-263.html", "title": "Critical: php54", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-02T16:55:16", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nThe asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function. \n\n \n**Affected Packages:** \n\n\nphp\n\n \n**Issue Correction:** \nRun _yum update php_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n php-mysqlnd-5.3.28-1.2.amzn1.i686 \n php-snmp-5.3.28-1.2.amzn1.i686 \n php-debuginfo-5.3.28-1.2.amzn1.i686 \n php-common-5.3.28-1.2.amzn1.i686 \n php-imap-5.3.28-1.2.amzn1.i686 \n php-fpm-5.3.28-1.2.amzn1.i686 \n php-enchant-5.3.28-1.2.amzn1.i686 \n php-mcrypt-5.3.28-1.2.amzn1.i686 \n php-mbstring-5.3.28-1.2.amzn1.i686 \n php-dba-5.3.28-1.2.amzn1.i686 \n php-odbc-5.3.28-1.2.amzn1.i686 \n php-ldap-5.3.28-1.2.amzn1.i686 \n php-pgsql-5.3.28-1.2.amzn1.i686 \n php-5.3.28-1.2.amzn1.i686 \n php-soap-5.3.28-1.2.amzn1.i686 \n php-recode-5.3.28-1.2.amzn1.i686 \n php-mysql-5.3.28-1.2.amzn1.i686 \n php-xml-5.3.28-1.2.amzn1.i686 \n php-pspell-5.3.28-1.2.amzn1.i686 \n php-mssql-5.3.28-1.2.amzn1.i686 \n php-bcmath-5.3.28-1.2.amzn1.i686 \n php-cli-5.3.28-1.2.amzn1.i686 \n php-process-5.3.28-1.2.amzn1.i686 \n php-embedded-5.3.28-1.2.amzn1.i686 \n php-pdo-5.3.28-1.2.amzn1.i686 \n php-intl-5.3.28-1.2.amzn1.i686 \n php-xmlrpc-5.3.28-1.2.amzn1.i686 \n php-gd-5.3.28-1.2.amzn1.i686 \n php-tidy-5.3.28-1.2.amzn1.i686 \n php-devel-5.3.28-1.2.amzn1.i686 \n \n src: \n php-5.3.28-1.2.amzn1.src \n \n x86_64: \n php-common-5.3.28-1.2.amzn1.x86_64 \n php-mssql-5.3.28-1.2.amzn1.x86_64 \n php-mysql-5.3.28-1.2.amzn1.x86_64 \n php-soap-5.3.28-1.2.amzn1.x86_64 \n php-odbc-5.3.28-1.2.amzn1.x86_64 \n php-recode-5.3.28-1.2.amzn1.x86_64 \n php-mysqlnd-5.3.28-1.2.amzn1.x86_64 \n php-xmlrpc-5.3.28-1.2.amzn1.x86_64 \n php-embedded-5.3.28-1.2.amzn1.x86_64 \n php-enchant-5.3.28-1.2.amzn1.x86_64 \n php-dba-5.3.28-1.2.amzn1.x86_64 \n php-cli-5.3.28-1.2.amzn1.x86_64 \n php-snmp-5.3.28-1.2.amzn1.x86_64 \n php-mcrypt-5.3.28-1.2.amzn1.x86_64 \n php-pgsql-5.3.28-1.2.amzn1.x86_64 \n php-imap-5.3.28-1.2.amzn1.x86_64 \n php-pspell-5.3.28-1.2.amzn1.x86_64 \n php-bcmath-5.3.28-1.2.amzn1.x86_64 \n php-devel-5.3.28-1.2.amzn1.x86_64 \n php-fpm-5.3.28-1.2.amzn1.x86_64 \n php-ldap-5.3.28-1.2.amzn1.x86_64 \n php-mbstring-5.3.28-1.2.amzn1.x86_64 \n php-gd-5.3.28-1.2.amzn1.x86_64 \n php-xml-5.3.28-1.2.amzn1.x86_64 \n php-5.3.28-1.2.amzn1.x86_64 \n php-debuginfo-5.3.28-1.2.amzn1.x86_64 \n php-tidy-5.3.28-1.2.amzn1.x86_64 \n php-pdo-5.3.28-1.2.amzn1.x86_64 \n php-intl-5.3.28-1.2.amzn1.x86_64 \n php-process-5.3.28-1.2.amzn1.x86_64 \n \n \n", "modified": "2014-09-16T22:11:00", "published": "2014-09-16T22:11:00", "id": "ALAS-2013-262", "href": "https://alas.aws.amazon.com/ALAS-2013-262.html", "title": "Critical: php", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-02T16:55:16", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nA memory corruption flaw was found in the way the openssl_x509_parse() function of the PHP openssl extension parsed X.509 certificates. A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP application using the aforementioned function, causing the application to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the user running the PHP interpreter.\n\n \n**Affected Packages:** \n\n\nphp55\n\n \n**Issue Correction:** \nRun _yum update php55_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n php55-gd-5.5.7-1.61.amzn1.i686 \n php55-pspell-5.5.7-1.61.amzn1.i686 \n php55-ldap-5.5.7-1.61.amzn1.i686 \n php55-cli-5.5.7-1.61.amzn1.i686 \n php55-process-5.5.7-1.61.amzn1.i686 \n php55-tidy-5.5.7-1.61.amzn1.i686 \n php55-recode-5.5.7-1.61.amzn1.i686 \n php55-snmp-5.5.7-1.61.amzn1.i686 \n php55-pgsql-5.5.7-1.61.amzn1.i686 \n php55-mysqlnd-5.5.7-1.61.amzn1.i686 \n php55-imap-5.5.7-1.61.amzn1.i686 \n php55-pdo-5.5.7-1.61.amzn1.i686 \n php55-debuginfo-5.5.7-1.61.amzn1.i686 \n php55-odbc-5.5.7-1.61.amzn1.i686 \n php55-fpm-5.5.7-1.61.amzn1.i686 \n php55-opcache-5.5.7-1.61.amzn1.i686 \n php55-bcmath-5.5.7-1.61.amzn1.i686 \n php55-soap-5.5.7-1.61.amzn1.i686 \n php55-common-5.5.7-1.61.amzn1.i686 \n php55-devel-5.5.7-1.61.amzn1.i686 \n php55-xml-5.5.7-1.61.amzn1.i686 \n php55-intl-5.5.7-1.61.amzn1.i686 \n php55-embedded-5.5.7-1.61.amzn1.i686 \n php55-gmp-5.5.7-1.61.amzn1.i686 \n php55-enchant-5.5.7-1.61.amzn1.i686 \n php55-mbstring-5.5.7-1.61.amzn1.i686 \n php55-mcrypt-5.5.7-1.61.amzn1.i686 \n php55-dba-5.5.7-1.61.amzn1.i686 \n php55-mssql-5.5.7-1.61.amzn1.i686 \n php55-xmlrpc-5.5.7-1.61.amzn1.i686 \n php55-5.5.7-1.61.amzn1.i686 \n \n src: \n php55-5.5.7-1.61.amzn1.src \n \n x86_64: \n php55-cli-5.5.7-1.61.amzn1.x86_64 \n php55-5.5.7-1.61.amzn1.x86_64 \n php55-gd-5.5.7-1.61.amzn1.x86_64 \n php55-recode-5.5.7-1.61.amzn1.x86_64 \n php55-fpm-5.5.7-1.61.amzn1.x86_64 \n php55-mssql-5.5.7-1.61.amzn1.x86_64 \n php55-dba-5.5.7-1.61.amzn1.x86_64 \n php55-soap-5.5.7-1.61.amzn1.x86_64 \n php55-snmp-5.5.7-1.61.amzn1.x86_64 \n php55-embedded-5.5.7-1.61.amzn1.x86_64 \n php55-imap-5.5.7-1.61.amzn1.x86_64 \n php55-opcache-5.5.7-1.61.amzn1.x86_64 \n php55-mcrypt-5.5.7-1.61.amzn1.x86_64 \n php55-pspell-5.5.7-1.61.amzn1.x86_64 \n php55-xml-5.5.7-1.61.amzn1.x86_64 \n php55-pgsql-5.5.7-1.61.amzn1.x86_64 \n php55-intl-5.5.7-1.61.amzn1.x86_64 \n php55-gmp-5.5.7-1.61.amzn1.x86_64 \n php55-process-5.5.7-1.61.amzn1.x86_64 \n php55-odbc-5.5.7-1.61.amzn1.x86_64 \n php55-tidy-5.5.7-1.61.amzn1.x86_64 \n php55-ldap-5.5.7-1.61.amzn1.x86_64 \n php55-mbstring-5.5.7-1.61.amzn1.x86_64 \n php55-common-5.5.7-1.61.amzn1.x86_64 \n php55-bcmath-5.5.7-1.61.amzn1.x86_64 \n php55-devel-5.5.7-1.61.amzn1.x86_64 \n php55-pdo-5.5.7-1.61.amzn1.x86_64 \n php55-xmlrpc-5.5.7-1.61.amzn1.x86_64 \n php55-mysqlnd-5.5.7-1.61.amzn1.x86_64 \n php55-enchant-5.5.7-1.61.amzn1.x86_64 \n php55-debuginfo-5.5.7-1.61.amzn1.x86_64 \n \n \n", "modified": "2014-09-16T22:11:00", "published": "2014-09-16T22:11:00", "id": "ALAS-2013-264", "href": "https://alas.aws.amazon.com/ALAS-2013-264.html", "title": "Critical: php55", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T19:42:12", "bulletinFamily": "unix", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA memory corruption flaw was found in the way the openssl_x509_parse()\nfunction of the PHP openssl extension parsed X.509 certificates. A remote\nattacker could use this flaw to provide a malicious self-signed certificate\nor a certificate signed by a trusted authority to a PHP application using\nthe aforementioned function, causing the application to crash or, possibly,\nallow the attacker to execute arbitrary code with the privileges of the\nuser running the PHP interpreter. (CVE-2013-6420)\n\nRed Hat would like to thank the PHP project for reporting this issue.\nUpstream acknowledges Stefan Esser as the original reporter of this issue.\n\nAll php53 and php users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After installing\nthe updated packages, the httpd daemon must be restarted for the update to\ntake effect.\n", "modified": "2018-06-06T20:24:28", "published": "2013-12-11T05:00:00", "id": "RHSA-2013:1813", "href": "https://access.redhat.com/errata/RHSA-2013:1813", "type": "redhat", "title": "(RHSA-2013:1813) Critical: php53 and php security update", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T17:42:44", "bulletinFamily": "unix", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA memory corruption flaw was found in the way the openssl_x509_parse()\nfunction of the PHP openssl extension parsed X.509 certificates. A remote\nattacker could use this flaw to provide a malicious self-signed certificate\nor a certificate signed by a trusted authority to a PHP application using\nthe aforementioned function, causing the application to crash or, possibly,\nallow the attacker to execute arbitrary code with the privileges of the\nuser running the PHP interpreter. (CVE-2013-6420)\n\nRed Hat would like to thank the PHP project for reporting this issue.\nUpstream acknowledges Stefan Esser as the original reporter of this issue.\n\nAll php users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\n", "modified": "2017-09-08T12:06:35", "published": "2013-12-12T05:00:00", "id": "RHSA-2013:1826", "href": "https://access.redhat.com/errata/RHSA-2013:1826", "type": "redhat", "title": "(RHSA-2013:1826) Critical: php security update", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T17:44:17", "bulletinFamily": "unix", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA memory corruption flaw was found in the way the openssl_x509_parse()\nfunction of the PHP openssl extension parsed X.509 certificates. A remote\nattacker could use this flaw to provide a malicious self-signed certificate\nor a certificate signed by a trusted authority to a PHP application using\nthe aforementioned function, causing the application to crash or, possibly,\nallow the attacker to execute arbitrary code with the privileges of the\nuser running the PHP interpreter. (CVE-2013-6420)\n\nRed Hat would like to thank the PHP project for reporting this issue.\nUpstream acknowledges Stefan Esser as the original reporter of this issue.\n\nAll php users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\n", "modified": "2017-09-08T12:17:29", "published": "2013-12-11T05:00:00", "id": "RHSA-2013:1824", "href": "https://access.redhat.com/errata/RHSA-2013:1824", "type": "redhat", "title": "(RHSA-2013:1824) Critical: php security update", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T17:42:08", "bulletinFamily": "unix", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA memory corruption flaw was found in the way the openssl_x509_parse()\nfunction of the PHP openssl extension parsed X.509 certificates. A remote\nattacker could use this flaw to provide a malicious self-signed certificate\nor a certificate signed by a trusted authority to a PHP application using\nthe aforementioned function, causing the application to crash or, possibly,\nallow the attacker to execute arbitrary code with the privileges of the\nuser running the PHP interpreter. (CVE-2013-6420)\n\nRed Hat would like to thank the PHP project for reporting this issue.\nUpstream acknowledges Stefan Esser as the original reporter of this issue.\n\nAll php53 users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\n", "modified": "2017-09-08T12:06:28", "published": "2013-12-11T05:00:00", "id": "RHSA-2013:1825", "href": "https://access.redhat.com/errata/RHSA-2013:1825", "type": "redhat", "title": "(RHSA-2013:1825) Critical: php53 security update", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T21:41:28", "bulletinFamily": "unix", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA memory corruption flaw was found in the way the openssl_x509_parse()\nfunction of the PHP openssl extension parsed X.509 certificates. A remote\nattacker could use this flaw to provide a malicious self-signed certificate\nor a certificate signed by a trusted authority to a PHP application using\nthe aforementioned function, causing the application to crash or, possibly,\nallow the attacker to execute arbitrary code with the privileges of the\nuser running the PHP interpreter. (CVE-2013-6420)\n\nRed Hat would like to thank the PHP project for reporting this issue.\nUpstream acknowledges Stefan Esser as the original reporter of this issue.\n\nAll php users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\n", "modified": "2018-06-13T01:28:20", "published": "2013-12-11T05:00:00", "id": "RHSA-2013:1815", "href": "https://access.redhat.com/errata/RHSA-2013:1815", "type": "redhat", "title": "(RHSA-2013:1815) Critical: php security update", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "slackware": [{"lastseen": "2018-08-31T02:36:44", "bulletinFamily": "unix", "description": "New php packages are available for Slackware 14.0, 14.1, and -current to\nfix a security issue.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/php-5.4.24-i486-1_slack14.1.txz: Upgraded.\n The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before\n 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly\n parse (1) notBefore and (2) notAfter timestamps in X.509 certificates,\n which allows remote attackers to execute arbitrary code or cause a denial\n of service (memory corruption) via a crafted certificate that is not\n properly handled by the openssl_x509_parse function.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the &quot;Get Slack&quot; section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.24-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.24-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.24-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.24-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.4.24-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.4.24-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n1c864df50286602ccb2d3efbabb9d7ec php-5.4.24-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\ncc0f365855b83708c82a84ea44a4ad21 php-5.4.24-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n1091912280ef2fbe271da2aa304dba36 php-5.4.24-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n22b91ef0428a15b3124c5b4fb911b1bc php-5.4.24-x86_64-1_slack14.1.txz\n\nSlackware -current package:\nf306c21609d14c7380295d63054d8f46 n/php-5.4.24-i486-1.txz\n\nSlackware x86_64 -current package:\n3cb4ff4fdaba44aa5ed3a946adbe9c9f n/php-5.4.24-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg php-5.4.24-i486-1_slack14.1.txz\n\nThen, restart Apache httpd:\n > /etc/rc.d/rc.httpd stop\n > /etc/rc.d/rc.httpd start", "modified": "2014-01-13T22:30:32", "published": "2014-01-13T22:30:32", "id": "SSA-2014-013-03", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.409445", "title": "php", "type": "slackware", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "seebug": [{"lastseen": "2017-11-19T17:39:28", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 64225\r\nCVE(CAN) ID: CVE-2013-6420\r\n\r\nPHP 5.3.27\u4e4b\u524d\u7248\u672c\u30015.4.22\u4e4b\u524d\u7248\u672c\u30015.5.6\u4e4b\u524d\u7248\u672c\u89e3\u6790x.509\u8bc1\u4e66\u65f6\uff0c&quot;asn1_time_to_time_t()&quot;\u51fd\u6570(ext/openssl/openssl.c)\u51fa\u9519\uff0c\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684x.509\u8bc1\u4e66\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u7834\u574f\u5185\u5b58\u3002\n0\nPHP PHP 5.5.x\r\nPHP PHP 5.4.x\r\nPHP PHP 5.3.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nPHP\r\n---\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.php.net\r\n\r\nhttp://www.php.net/downloads.php\r\nhttp://git.php.net/?p=php-src.git;a=commitdiff;h=c1224573c773b6845e83505f717fbf820fc18415 \r\nhttp://git.php.net/?p=php-src.git;a=blobdiff;f=NEWS;h=8abf65e05b0298a6f2dba9439c9513919234766f;hp=70461d97d85c65e01e739514923303b09257f65f;hb=c1224573c773b6845e83505f717fbf820fc18415;hpb=32873cd0ddea7df8062213bb025beb6fb070e59d", "modified": "2013-12-18T00:00:00", "published": "2013-12-18T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61173", "id": "SSV:61173", "type": "seebug", "title": "PHP OpenSSL Extension 'openssl_x509_parse()'\u5185\u5b58\u7834\u574f\u6f0f\u6d1e", "sourceData": "\n Proof of Concept:\r\n \r\n The following x509 certificate demonstrates the out of bounds write:\r\n \r\n -----BEGIN CERTIFICATE-----\r\n MIIEpDCCA4ygAwIBAgIJAJzu8r6u6eBcMA0GCSqGSIb3DQEBBQUAMIHDMQswCQYD\r\n VQQGEwJERTEcMBoGA1UECAwTTm9yZHJoZWluLVdlc3RmYWxlbjEQMA4GA1UEBwwH\r\n S8ODwrZsbjEUMBIGA1UECgwLU2VrdGlvbkVpbnMxHzAdBgNVBAsMFk1hbGljaW91\r\n cyBDZXJ0IFNlY3Rpb24xITAfBgNVBAMMGG1hbGljaW91cy5zZWt0aW9uZWlucy5k\r\n ZTEqMCgGCSqGSIb3DQEJARYbc3RlZmFuLmVzc2VyQHNla3Rpb25laW5zLmRlMHUY\r\n ZDE5NzAwMTAxMDAwMDAwWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\r\n AAAAAAAXDTE0MTEyODExMzkzNVowgcMxCzAJBgNVBAYTAkRFMRwwGgYDVQQIDBNO\r\n b3JkcmhlaW4tV2VzdGZhbGVuMRAwDgYDVQQHDAdLw4PCtmxuMRQwEgYDVQQKDAtT\r\n ZWt0aW9uRWluczEfMB0GA1UECwwWTWFsaWNpb3VzIENlcnQgU2VjdGlvbjEhMB8G\r\n A1UEAwwYbWFsaWNpb3VzLnNla3Rpb25laW5zLmRlMSowKAYJKoZIhvcNAQkBFhtz\r\n dGVmYW4uZXNzZXJAc2VrdGlvbmVpbnMuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IB\r\n DwAwggEKAoIBAQDDAf3hl7JY0XcFniyEJpSSDqn0OqBr6QP65usJPRt/8PaDoqBu\r\n wEYT/Na+6fsgPjC0uK9DZgWg2tHWWoanSblAMoz5PH6Z+S4SHRZ7e2dDIjPjdhjh\r\n 0mLg2UMO5yp0V797Ggs9lNt6JRfH81MN2obXWs4NtztLMuD6egqpr8dDbr34aOs8\r\n pkdui5UawTZksy5pLPHq5cMhFGm06v65CLo0V2Pd9+KAokPrPcN5KLKebz7mLpk6\r\n SMeEXOKP4idEqxyQ7O7fBuHMedsQhu+prY3si3BUyKfQtP5CZnX2bp0wKHxX12DX\r\n 1nfFIt9DbGvHTcyOuN+nZLPBm3vWxntyIIvVAgMBAAGjQjBAMAkGA1UdEwQCMAAw\r\n EQYJYIZIAYb4QgEBBAQDAgeAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEF\r\n BQcDAjANBgkqhkiG9w0BAQUFAAOCAQEAG0fZYYCTbdj1XYc+1SnoaPR+vI8C8CaD\r\n 8+0UYhdnyU4gga0BAcDrY9e94eEAu6ZqycF6FjLqXXdAboppWocr6T6GD1x33Ckl\r\n VArzG/KxQohGD2JeqkhIMlDomxHO7ka39+Oa8i2vWLVyjU8AZvWMAruHa4EENyG7\r\n lW2AagaFKFCr9TnXTfrdxGVEbv7KVQ6bdhg5p5SjpWH1+Mq03uR3ZXPBYdyV8319\r\n o0lVj1KFI2DCL/liWisJRoof+1cR35Ctd0wYBcpB6TZslMcOPl76dwKwJgeJo2Qg\r\n Zsfmc2vC1/qOlNuNq/0TzzkVGv8ETT3CgaU+UXe4XOVvkccebJn2dg==\r\n -----END CERTIFICATE-----\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-61173", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cert": [{"lastseen": "2018-12-25T20:17:43", "bulletinFamily": "info", "description": "### Overview \n\nHP System Management Homepage versions 7.2.3 and 7.3.2.1 contain a reflected cross site scripting vulnerability.\n\n### Description \n\n[**CWE-79**](<https://cwe.mitre.org/data/definitions/79.html>)**: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')** \\- CVE-2014-2640\n\nHP System Management Homepage versions 7.2.3 and 7.3.2.1 contain a reflected cross site scripting (XSS) vulnerability. The reflected XSS is found in the `red2301.html` page's vulnerable `RedirectUrl` parameter. \n \n--- \n \n### Impact \n\nA remote unauthenticated attacker may be able to execute arbitrary script in the context of the end-user's browser session. \n \n--- \n \n### Solution \n\n**Apply an Update** \n \nWindows Server 2003 users should update to System Management Homepage version 7.2.4. All other users should update to System Management Homepage 7.4. \n \nPlease refer to HP's [security bulletin](<https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322>) for more information. \n \n--- \n \n### Vendor Information\n\n125228\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ Hewlett-Packard Company \n\nNotified: September 08, 2014 Updated: October 01, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 6.4 | AV:N/AC:L/Au:N/C:P/I:P/A:-- \nTemporal | 5.8 | E:POC/RL:ND/RC:C \nEnvironmental | 1.4 | CDP:ND/TD:L/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References \n\n * <https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322>\n * <http://seclists.org/bugtraq/2014/Oct/4>\n\n### Credit\n\nThanks to Jakub Pa\u0142aczy\u0144ski for reporting this vulnerability. \n\nThis document was written by Todd Lewellen. \n\n### Other Information\n\n**CVE IDs:** | [CVE-2014-2640](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2640>) \n---|--- \n**Date Public:** | 2014-09-30 \n**Date First Published:** | 2014-10-03 \n**Date Last Updated: ** | 2014-10-03 13:48 UTC \n**Document Revision: ** | 17 \n", "modified": "2014-10-03T13:48:00", "published": "2014-10-03T00:00:00", "id": "VU:125228", "href": "https://www.kb.cert.org/vuls/id/125228", "type": "cert", "title": "HP System Management Homepage vulnerable to cross-site scripting", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "zdt": [{"lastseen": "2018-02-06T09:14:07", "bulletinFamily": "exploit", "description": "The PHP function openssl_x509_parse() uses a helper function called asn1_time_to_time_t() to convert timestamps from ASN1 string format into integer timestamp values. The parser within this helper function is not binary safe and can therefore be tricked to write up to five NUL bytes outside of an allocated buffer. This problem can be triggered by x509 certificates that contain NUL bytes in their notBefore and notAfter timestamp fields and leads to a memory corruption that might result in arbitrary code execution.", "modified": "2013-12-16T00:00:00", "published": "2013-12-16T00:00:00", "id": "1337DAY-ID-21682", "href": "https://0day.today/exploit/description/21682", "type": "zdt", "title": "PHP openssl_x509_parse() Memory Corruption Vulnerability", "sourceData": "Advisory: PHP openssl_x509_parse() Memory Corruption Vulnerability\r\n Release Date: 2013/12/13\r\nLast Modified: 2013/12/13\r\n Author: Stefan Esser [stefan.esser[at]sektioneins.de]\r\n\r\n Application: PHP 4.0.6 - PHP 4.4.9\r\n PHP 5.0.x\r\n PHP 5.1.x\r\n PHP 5.2.x\r\n PHP 5.3.0 - PHP 5.3.27\r\n PHP 5.4.0 - PHP 5.4.22\r\n PHP 5.5.0 - PHP 5.5.6\r\n Severity: PHP applications using openssl_x509_parse() to parse a\r\n malicious x509 certificate might trigger a memory\r\n corruption that might result in arbitrary code execution\r\n Risk: Critical\r\nVendor Status: Vendor has released PHP 5.5.7, PHP 5.4.23 and PHP 5.3.28\r\n that contain a fix for this vulnerability\r\n Reference:\r\nhttp://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html\r\n\r\nOverview:\r\n\r\n Quote from http://www.php.net\r\n \"PHP is a widely-used general-purpose scripting language that\r\n is especially suited for Web development and can be embedded\r\n into HTML.\"\r\n\r\n The PHP function openssl_x509_parse() uses a helper function\r\n called asn1_time_to_time_t() to convert timestamps from ASN1\r\n string format into integer timestamp values. The parser within\r\n this helper function is not binary safe and can therefore be\r\n tricked to write up to five NUL bytes outside of an allocated\r\n buffer.\r\n \r\n This problem can be triggered by x509 certificates that contain\r\n NUL bytes in their notBefore and notAfter timestamp fields and\r\n leads to a memory corruption that might result in arbitrary\r\n code execution.\r\n \r\n Depending on how openssl_x509_parse() is used within a PHP\r\n application the attack requires either a malicious cert signed\r\n by a compromised/malicious CA or can be carried out with a\r\n self-signed cert.\r\n\r\nDetails:\r\n\r\n The PHP function openssl_x509_parse() is used by PHP applications\r\n to parse additional information out of x509 certificates, usually\r\n to harden SSL encrypted communication channels against MITM\r\n attacks. In the wild we have seen the following use cases for this\r\n function:\r\n \r\n * output certificate debugging information\r\n (e.g. cacert.org/analyse.php)\r\n * webmail application with SMIME support\r\n * client certificate handling\r\n * certificate pinning\r\n * verification of other certificate properties\r\n (e.g. a default Wordpress install if ext/curl is not loaded)\r\n \r\n When we backported security fixes for some previous security\r\n vulnerabilities in PHP's openssl to PHP 4.4.9 as part of our\r\n PHP security backport services that we provide to customers,\r\n we performed a quick audit of openssl_x509_parse() and all the\r\n functions it calls, which led to the discovery of a memory\r\n corruption vulnerability.\r\n \r\n Within the function openssl_x509_parse() the helper function\r\n asn1_time_to_time_t() is called two times to parse the\r\n notBefore and notAfter ASN1 string timestamps from the cert\r\n into integer time_t values as you can see below:\r\n \r\n add_assoc_long(return_value, \"validFrom_time_t\",\r\nasn1_time_to_time_t(X509_get_notBefore(cert) TSRMLS_CC));\r\n add_assoc_long(return_value, \"validTo_time_t\",\r\nasn1_time_to_time_t(X509_get_notAfter(cert) TSRMLS_CC));\r\n \r\n When you take a look into this helper function you will see\r\n that it only contains a quickly hacked parser that was never\r\n really improved since its introduction in PHP 4.0.6. The author\r\n of this parser was even aware of its hackishness as you can see\r\n from the error message contained in the code:\r\n \r\n static time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr TSRMLS_DC) /*\r\n{{{ */\r\n {\r\n /*\r\n This is how the time string is formatted:\r\n snprintf(p, sizeof(p), \"%02d%02d%02d%02d%02d%02dZ\",ts->tm_year%100,\r\n ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);\r\n */\r\n\r\n time_t ret;\r\n struct tm thetime;\r\n char * strbuf;\r\n char * thestr;\r\n long gmadjust = 0;\r\n\r\n if (timestr->length < 13) {\r\n php_error_docref(NULL TSRMLS_CC, E_WARNING, \"extension author\r\ntoo lazy to parse %s correctly\", timestr->data);\r\n return (time_t)-1;\r\n }\r\n\r\n However the actual problem of the code should become obvious when\r\n you read the rest of the parsing code that attempts to first\r\n duplicate the timestamp string and then parses the timestamp by\r\n going through the copy in reverse order and writing five NUL bytes\r\n into the duplicated string.\r\n\r\n strbuf = estrdup((char *)timestr->data);\r\n\r\n memset(&thetime, 0, sizeof(thetime));\r\n\r\n /* we work backwards so that we can use atoi more easily */\r\n\r\n thestr = strbuf + timestr->length - 3;\r\n\r\n thetime.tm_sec = atoi(thestr);\r\n *thestr = '\\0';\r\n thestr -= 2;\r\n thetime.tm_min = atoi(thestr);\r\n *thestr = '\\0';\r\n thestr -= 2;\r\n thetime.tm_hour = atoi(thestr);\r\n *thestr = '\\0';\r\n thestr -= 2;\r\n thetime.tm_mday = atoi(thestr);\r\n *thestr = '\\0';\r\n thestr -= 2;\r\n thetime.tm_mon = atoi(thestr)-1;\r\n *thestr = '\\0';\r\n thestr -= 2;\r\n thetime.tm_year = atoi(thestr);\r\n\r\n The problem with this code is that ASN1 strings can contain NUL\r\n bytes, while the parser is not binary safe. This means if a\r\n timestamp string inside a x509 certificate contains a NUL byte\r\n at e.g. position 13 the estrdup() will only allocate 14 bytes\r\n for a copy of the string, but the parser will attempt to write\r\n five NUL bytes to memory addressed by the ASN1 length of the\r\n string. If the real string length is longer than 16 bytes this\r\n will result in writes of NUL bytes outside of the allocated\r\n buffer.\r\n \r\n Because of PHP's deterministic heap memory layout that can be\r\n controlled a lot by sending e.g. POST variables and using\r\n duplicate variable names to poke memory holes this vulnerability\r\n must be considered exploitable. However the actual exploit will\r\n depend a lot on how the PHP application uses openssl_x509_parse()\r\n and a lot of other factors.\r\n\r\n Depending on which of the actual use cases the function is used\r\n for by an application, an attacker can trigger the memory\r\n corruption with a self-signed certificate. An example for this\r\n is the public analyse.php x509 cert debugging script provided\r\n by CACert on their webserver.\r\n \r\n Other applications like Wordpress use openssl_x509_parse() to\r\n further verify SSL certificates whenever Wordpress connects to\r\n a HTTPS URL (in case ext/curl is not loaded which is the default\r\n for several linux distributions). Because the parsing only\r\n happens after the initial SSL connection is established this\r\n can only be abused by attackers controlling a malicious trusted\r\n cert. However recent disclosures of alleged NSA capabilities,\r\n the French incident and disclosures about fully compromised\r\n trusted CAs in the past years have shown that this capability\r\n might be in the reach of malicious attackers.\n\n# 0day.today [2018-02-06] #", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://0day.today/exploit/21682"}], "packetstorm": [{"lastseen": "2016-12-05T22:23:25", "bulletinFamily": "exploit", "description": "", "modified": "2013-12-15T00:00:00", "published": "2013-12-15T00:00:00", "href": "https://packetstormsecurity.com/files/124436/PHP-openssl_x509_parse-Memory-Corruption.html", "id": "PACKETSTORM:124436", "type": "packetstorm", "title": "PHP openssl_x509_parse() Memory Corruption", "sourceData": "` \nSektionEins GmbH \nwww.sektioneins.de \n \n-= Security Advisory =- \n \nAdvisory: PHP openssl_x509_parse() Memory Corruption Vulnerability \nRelease Date: 2013/12/13 \nLast Modified: 2013/12/13 \nAuthor: Stefan Esser [stefan.esser[at]sektioneins.de] \n \nApplication: PHP 4.0.6 - PHP 4.4.9 \nPHP 5.0.x \nPHP 5.1.x \nPHP 5.2.x \nPHP 5.3.0 - PHP 5.3.27 \nPHP 5.4.0 - PHP 5.4.22 \nPHP 5.5.0 - PHP 5.5.6 \nSeverity: PHP applications using openssl_x509_parse() to parse a \nmalicious x509 certificate might trigger a memory \ncorruption that might result in arbitrary code execution \nRisk: Critical \nVendor Status: Vendor has released PHP 5.5.7, PHP 5.4.23 and PHP 5.3.28 \nthat contain a fix for this vulnerability \nReference: \nhttp://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html \n \nOverview: \n \nQuote from http://www.php.net \n\"PHP is a widely-used general-purpose scripting language that \nis especially suited for Web development and can be embedded \ninto HTML.\" \n \nThe PHP function openssl_x509_parse() uses a helper function \ncalled asn1_time_to_time_t() to convert timestamps from ASN1 \nstring format into integer timestamp values. The parser within \nthis helper function is not binary safe and can therefore be \ntricked to write up to five NUL bytes outside of an allocated \nbuffer. \n \nThis problem can be triggered by x509 certificates that contain \nNUL bytes in their notBefore and notAfter timestamp fields and \nleads to a memory corruption that might result in arbitrary \ncode execution. \n \nDepending on how openssl_x509_parse() is used within a PHP \napplication the attack requires either a malicious cert signed \nby a compromised/malicious CA or can be carried out with a \nself-signed cert. \n \nDetails: \n \nThe PHP function openssl_x509_parse() is used by PHP applications \nto parse additional information out of x509 certificates, usually \nto harden SSL encrypted communication channels against MITM \nattacks. In the wild we have seen the following use cases for this \nfunction: \n \n* output certificate debugging information \n(e.g. cacert.org/analyse.php) \n* webmail application with SMIME support \n* client certificate handling \n* certificate pinning \n* verification of other certificate properties \n(e.g. a default Wordpress install if ext/curl is not loaded) \n \nWhen we backported security fixes for some previous security \nvulnerabilities in PHP's openssl to PHP 4.4.9 as part of our \nPHP security backport services that we provide to customers, \nwe performed a quick audit of openssl_x509_parse() and all the \nfunctions it calls, which led to the discovery of a memory \ncorruption vulnerability. \n \nWithin the function openssl_x509_parse() the helper function \nasn1_time_to_time_t() is called two times to parse the \nnotBefore and notAfter ASN1 string timestamps from the cert \ninto integer time_t values as you can see below: \n \nadd_assoc_long(return_value, \"validFrom_time_t\", \nasn1_time_to_time_t(X509_get_notBefore(cert) TSRMLS_CC)); \nadd_assoc_long(return_value, \"validTo_time_t\", \nasn1_time_to_time_t(X509_get_notAfter(cert) TSRMLS_CC)); \n \nWhen you take a look into this helper function you will see \nthat it only contains a quickly hacked parser that was never \nreally improved since its introduction in PHP 4.0.6. The author \nof this parser was even aware of its hackishness as you can see \nfrom the error message contained in the code: \n \nstatic time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr TSRMLS_DC) /* \n{{{ */ \n{ \n/* \nThis is how the time string is formatted: \nsnprintf(p, sizeof(p), \"%02d%02d%02d%02d%02d%02dZ\",ts->tm_year%100, \nts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec); \n*/ \n \ntime_t ret; \nstruct tm thetime; \nchar * strbuf; \nchar * thestr; \nlong gmadjust = 0; \n \nif (timestr->length < 13) { \nphp_error_docref(NULL TSRMLS_CC, E_WARNING, \"extension author \ntoo lazy to parse %s correctly\", timestr->data); \nreturn (time_t)-1; \n} \n \nHowever the actual problem of the code should become obvious when \nyou read the rest of the parsing code that attempts to first \nduplicate the timestamp string and then parses the timestamp by \ngoing through the copy in reverse order and writing five NUL bytes \ninto the duplicated string. \n \nstrbuf = estrdup((char *)timestr->data); \n \nmemset(&thetime, 0, sizeof(thetime)); \n \n/* we work backwards so that we can use atoi more easily */ \n \nthestr = strbuf + timestr->length - 3; \n \nthetime.tm_sec = atoi(thestr); \n*thestr = '\\0'; \nthestr -= 2; \nthetime.tm_min = atoi(thestr); \n*thestr = '\\0'; \nthestr -= 2; \nthetime.tm_hour = atoi(thestr); \n*thestr = '\\0'; \nthestr -= 2; \nthetime.tm_mday = atoi(thestr); \n*thestr = '\\0'; \nthestr -= 2; \nthetime.tm_mon = atoi(thestr)-1; \n*thestr = '\\0'; \nthestr -= 2; \nthetime.tm_year = atoi(thestr); \n \nThe problem with this code is that ASN1 strings can contain NUL \nbytes, while the parser is not binary safe. This means if a \ntimestamp string inside a x509 certificate contains a NUL byte \nat e.g. position 13 the estrdup() will only allocate 14 bytes \nfor a copy of the string, but the parser will attempt to write \nfive NUL bytes to memory addressed by the ASN1 length of the \nstring. If the real string length is longer than 16 bytes this \nwill result in writes of NUL bytes outside of the allocated \nbuffer. \n \nBecause of PHP's deterministic heap memory layout that can be \ncontrolled a lot by sending e.g. POST variables and using \nduplicate variable names to poke memory holes this vulnerability \nmust be considered exploitable. However the actual exploit will \ndepend a lot on how the PHP application uses openssl_x509_parse() \nand a lot of other factors. \n \nDepending on which of the actual use cases the function is used \nfor by an application, an attacker can trigger the memory \ncorruption with a self-signed certificate. An example for this \nis the public analyse.php x509 cert debugging script provided \nby CACert on their webserver. \n \nOther applications like Wordpress use openssl_x509_parse() to \nfurther verify SSL certificates whenever Wordpress connects to \na HTTPS URL (in case ext/curl is not loaded which is the default \nfor several linux distributions). Because the parsing only \nhappens after the initial SSL connection is established this \ncan only be abused by attackers controlling a malicious trusted \ncert. However recent disclosures of alleged NSA capabilities, \nthe French incident and disclosures about fully compromised \ntrusted CAs in the past years have shown that this capability \nmight be in the reach of malicious attackers. \n \n \nProof of Concept: \n \nThe following x509 certificate demonstrates the out of bounds write: \n \n-----BEGIN CERTIFICATE----- \nMIIEpDCCA4ygAwIBAgIJAJzu8r6u6eBcMA0GCSqGSIb3DQEBBQUAMIHDMQswCQYD \nVQQGEwJERTEcMBoGA1UECAwTTm9yZHJoZWluLVdlc3RmYWxlbjEQMA4GA1UEBwwH \nS8ODwrZsbjEUMBIGA1UECgwLU2VrdGlvbkVpbnMxHzAdBgNVBAsMFk1hbGljaW91 \ncyBDZXJ0IFNlY3Rpb24xITAfBgNVBAMMGG1hbGljaW91cy5zZWt0aW9uZWlucy5k \nZTEqMCgGCSqGSIb3DQEJARYbc3RlZmFuLmVzc2VyQHNla3Rpb25laW5zLmRlMHUY \nZDE5NzAwMTAxMDAwMDAwWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA \nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA \nAAAAAAAXDTE0MTEyODExMzkzNVowgcMxCzAJBgNVBAYTAkRFMRwwGgYDVQQIDBNO \nb3JkcmhlaW4tV2VzdGZhbGVuMRAwDgYDVQQHDAdLw4PCtmxuMRQwEgYDVQQKDAtT \nZWt0aW9uRWluczEfMB0GA1UECwwWTWFsaWNpb3VzIENlcnQgU2VjdGlvbjEhMB8G \nA1UEAwwYbWFsaWNpb3VzLnNla3Rpb25laW5zLmRlMSowKAYJKoZIhvcNAQkBFhtz \ndGVmYW4uZXNzZXJAc2VrdGlvbmVpbnMuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IB \nDwAwggEKAoIBAQDDAf3hl7JY0XcFniyEJpSSDqn0OqBr6QP65usJPRt/8PaDoqBu \nwEYT/Na+6fsgPjC0uK9DZgWg2tHWWoanSblAMoz5PH6Z+S4SHRZ7e2dDIjPjdhjh \n0mLg2UMO5yp0V797Ggs9lNt6JRfH81MN2obXWs4NtztLMuD6egqpr8dDbr34aOs8 \npkdui5UawTZksy5pLPHq5cMhFGm06v65CLo0V2Pd9+KAokPrPcN5KLKebz7mLpk6 \nSMeEXOKP4idEqxyQ7O7fBuHMedsQhu+prY3si3BUyKfQtP5CZnX2bp0wKHxX12DX \n1nfFIt9DbGvHTcyOuN+nZLPBm3vWxntyIIvVAgMBAAGjQjBAMAkGA1UdEwQCMAAw \nEQYJYIZIAYb4QgEBBAQDAgeAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEF \nBQcDAjANBgkqhkiG9w0BAQUFAAOCAQEAG0fZYYCTbdj1XYc+1SnoaPR+vI8C8CaD \n8+0UYhdnyU4gga0BAcDrY9e94eEAu6ZqycF6FjLqXXdAboppWocr6T6GD1x33Ckl \nVArzG/KxQohGD2JeqkhIMlDomxHO7ka39+Oa8i2vWLVyjU8AZvWMAruHa4EENyG7 \nlW2AagaFKFCr9TnXTfrdxGVEbv7KVQ6bdhg5p5SjpWH1+Mq03uR3ZXPBYdyV8319 \no0lVj1KFI2DCL/liWisJRoof+1cR35Ctd0wYBcpB6TZslMcOPl76dwKwJgeJo2Qg \nZsfmc2vC1/qOlNuNq/0TzzkVGv8ETT3CgaU+UXe4XOVvkccebJn2dg== \n-----END CERTIFICATE----- \n \n \nDisclosure Timeline: \n \n01. December 2013 - Notified security@php.net \nProvided description, POC cert, demo \nvalgrind output and patch \n02. December 2013 - security@php.net acknowledges and \nsays thank you for report and patch \n02. December 2013 - security@php.net announces that planned \nrelease date is 12th December \n03. December 2013 - Notification from RedHat Security that \nCVE-2013-6420 was assigned to this issue \n09. December 2013 - RedHat Security tells php.net that they \nshould commit the fix silently and add \ninfo about it only after release \nThey further tell php.net to tell us to \nnot discuss the vulnerability in public \nprior to patches being available \n10. December 2013 - security@php.net fixes the vulnerability \nopenly and does not attempt to hide that \nthe commit is a security fix as RedHat \nSecurity suggested \n11. December 2013 - RedHat Security Announces that they now \nconsider this vulnerability public and \nsends out their own patches with big \nannouncement one day before php.net is \nready to release their own fixes \n12. December 2013 - security@php.net pushes PHP updates to \nthe PHP 5.3, PHP 5.3 and PHP 5.5 branches \nto the mirros as was previously agreed upon \n13. December 2013 - New PHP releases are announce on php.net \n13. December 2013 - Public Disclosure of this advisory \n \n \nRecommendation: \n \nIt is recommended to upgrade to the latest version of PHP \nwhich also fixes additional non security problems reported \nby third parties. \n \nGrab your copy at: \nhttp://www.php.net/get/php-5.5.7.tar.bz2/from/a/mirror \n \n \nCVE Information: \n \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has \nassigned the name CVE-2013-6420 to this vulnerability. \n \n \nGPG-Key: \n \npub 4096R/D6A3FE46 2013-11-06 Stefan Esser \nKey fingerprint = 0A04 AB88 90D2 E67C 3D3D 86E1 AA39 B97F D6A3 FE46 \n \n \nCopyright 2013 SektionEins GmbH. All rights reserved. \n \n`\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://packetstormsecurity.com/files/download/124436/phpx509parse-corrupt.txt"}]}