ID SUSE-SU-2016:2080-1 Type suse Reporter Suse Modified 2016-08-16T13:10:01
Description
php5 was updated to fix the following security issues:
CVE-2016-6297: Stack-based buffer overflow vulnerability in
php_stream_zip_opener (bsc#991426).
CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE
(bsc#991427).
CVE-2016-6289: Integer overflow leads to buffer overflow in
virtual_file_ex (bsc#991428).
CVE-2016-6290: Use after free in unserialize() with Unexpected Session
Deserialization (bsc#991429).
CVE-2016-5399: Improper error handling in bzread() (bsc#991430).
CVE-2016-6288: Buffer over-read in php_url_parse_ex (bsc#991433).
CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn
in simplestring.c (bsc#991437).
CVE-2016-5769: Mcrypt: Heap Overflow due to integer overflows
(bsc#986388).
CVE-2015-8935: XSS in header() with Internet Explorer (bsc#986004).
CVE-2016-5772: Double free corruption in wddx_deserialize (bsc#986244).
CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap
overflow (bsc#986386).
CVE-2016-5767: Integer Overflow in gdImagePaletteToTrueColor() resulting
in heap overflow (bsc#986393).
{"enchantments": {"score": {"value": 6.9, "vector": "NONE", "modified": "2016-09-04T11:49:45", "rev": 2}, "dependencies": {"references": [{"type": "nessus", "idList": ["PHP_7_0_9.NASL", "PHP_5_6_24.NASL", "PHP_5_5_38.NASL", "DEBIAN_DSA-3631.NASL", "OPENSUSE-2016-985.NASL", "OPENSUSE-2016-921.NASL", "SUSE_SU-2016-2080-1.NASL", "FREEBSD_PKG_B6402385533B11E6A7BD14DAE9D210B8.NASL", "SUSE_SU-2016-2013-1.NASL", "SUSE_SU-2016-2210-1.NASL"]}, {"type": "f5", "idList": ["SOL63712424", "SOL21042398", "F5:K15850913", "F5:K63712424", "F5:K21042398", "F5:K34985231", "F5:K67644055", "F5:K03534020", "SOL52430518", "F5:K43267483"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:1761-1", "OPENSUSE-SU-2016:2451-1", "SUSE-SU-2016:2328-1", "SUSE-SU-2016:2013-1", "SUSE-SU-2016:2408-1"]}, {"type": "cve", "idList": ["CVE-2016-5399", "CVE-2016-5769", "CVE-2016-6297", "CVE-2016-6296", "CVE-2016-6291", "CVE-2016-6288", "CVE-2016-5767", "CVE-2016-6289", "CVE-2016-6290", "CVE-2015-8935"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310808787", "OPENVAS:1361412562310871700", "OPENVAS:1361412562310808633", "OPENVAS:1361412562310851364", "OPENVAS:1361412562310140013", "OPENVAS:1361412562310703631", "OPENVAS:1361412562310808634", "OPENVAS:1361412562310808788", "OPENVAS:1361412562311220161063", "OPENVAS:703631"]}, {"type": "freebsd", "idList": ["66D77C58-3B1D-11E6-8E82-002590263BF5", "B6402385-533B-11E6-A7BD-14DAE9D210B8"]}, {"type": "debian", "idList": ["DEBIAN:DLA-628-1:9ADD4", "DEBIAN:DSA-3631-1:30BAB"]}, {"type": "centos", "idList": ["CESA-2016:2598"]}, {"type": "redhat", "idList": ["RHSA-2016:2598"]}, {"type": "ubuntu", "idList": ["USN-3045-1"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:0207AE2406224805196D7BD19402D596"]}, {"type": "fedora", "idList": ["FEDORA:4BD9160779B7", "FEDORA:1851F608780A", "FEDORA:BB1106070D49", "FEDORA:D4D5A605E1F0"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-2598"]}, {"type": "slackware", "idList": ["SSA-2016-176-01"]}, {"type": "amazon", "idList": ["ALAS-2016-728"]}, {"type": "hackerone", "idList": ["H1:145392"]}], "modified": "2016-09-04T11:49:45", "rev": 2}, "vulnersScore": 6.9}, "published": "2016-08-16T13:10:01", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00039.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "edition": 1, "description": "php5 was updated to fix the following security issues:\n\n - CVE-2016-6297: Stack-based buffer overflow vulnerability in\n php_stream_zip_opener (bsc#991426).\n - CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE\n (bsc#991427).\n - CVE-2016-6289: Integer overflow leads to buffer overflow in\n virtual_file_ex (bsc#991428).\n - CVE-2016-6290: Use after free in unserialize() with Unexpected Session\n Deserialization (bsc#991429).\n - CVE-2016-5399: Improper error handling in bzread() (bsc#991430).\n - CVE-2016-6288: Buffer over-read in php_url_parse_ex (bsc#991433).\n - CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn\n in simplestring.c (bsc#991437).\n - CVE-2016-5769: Mcrypt: Heap Overflow due to integer overflows\n (bsc#986388).\n - CVE-2015-8935: XSS in header() with Internet Explorer (bsc#986004).\n - CVE-2016-5772: Double free corruption in wddx_deserialize (bsc#986244).\n - CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap\n overflow (bsc#986386).\n - CVE-2016-5767: Integer Overflow in gdImagePaletteToTrueColor() resulting\n in heap overflow (bsc#986393).\n\n", "bulletinFamily": "unix", "viewCount": 25, "cvelist": ["CVE-2016-5399", "CVE-2016-6288", "CVE-2016-6290", "CVE-2016-5772", "CVE-2016-6297", "CVE-2016-6289", "CVE-2016-5769", "CVE-2015-8935", "CVE-2016-5766", "CVE-2016-5767", "CVE-2016-6291", "CVE-2016-6296"], "affectedPackage": [{"packageFilename": "php5-shmop-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-shmop", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-mbstring-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-mbstring", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "apache2-mod_php5-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "apache2-mod_php5", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-wddx-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-wddx", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-dba-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-dba", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-mbstring-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-mbstring", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-shmop-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-shmop", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-calendar-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-calendar", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-xsl-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-xsl", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-mcrypt-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-mcrypt", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-xmlrpc-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-xmlrpc", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-wddx-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-wddx", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-debuginfo-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-debuginfo", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Debuginfo", "arch": "x86_64"}, {"packageFilename": "php5-openssl-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-openssl", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-pspell-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-pspell", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-mysql-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-mysql", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "apache2-mod_php5-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "apache2-mod_php5", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-ctype-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-ctype", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-pear-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-pear", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-gd-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-gd", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-fastcgi-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-fastcgi", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-xmlrpc-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-xmlrpc", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-dbase-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-dbase", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-odbc-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-odbc", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-zip-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-zip", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-ftp-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-ftp", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-gd-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-gd", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-exif-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-exif", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-soap-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-soap", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-ctype-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-ctype", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-exif-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-exif", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-hash-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-hash", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-tokenizer-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-tokenizer", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-sysvsem-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-sysvsem", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-xmlwriter-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-xmlwriter", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-zip-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-zip", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-mbstring-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-mbstring", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-dba-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-dba", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-tokenizer-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-tokenizer", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-exif-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-exif", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-pdo-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-pdo", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-gmp-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-gmp", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-xmlreader-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-xmlreader", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-mysql-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-mysql", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-snmp-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-snmp", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-dba-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-dba", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-sysvmsg-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-sysvmsg", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-dom-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-dom", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-pgsql-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-pgsql", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-sysvsem-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-sysvsem", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-shmop-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-shmop", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-json-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-json", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-xsl-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-xsl", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-gettext-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-gettext", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-debugsource-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-debugsource", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Debuginfo", "arch": "s390x"}, {"packageFilename": "php5-openssl-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-openssl", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-xsl-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-xsl", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-ftp-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-ftp", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-sysvmsg-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-sysvmsg", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-pspell-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-pspell", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-pear-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-pear", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-mysql-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-mysql", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-pcntl-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-pcntl", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-ctype-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-ctype", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-debuginfo-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-debuginfo", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Debuginfo", "arch": "s390x"}, {"packageFilename": "php5-sysvshm-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-sysvshm", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-suhosin-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-suhosin", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-dom-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-dom", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-iconv-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-iconv", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-xmlrpc-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-xmlrpc", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-zlib-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-zlib", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-mcrypt-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-mcrypt", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-hash-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-hash", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-json-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-json", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-soap-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-soap", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-dbase-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-dbase", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-zlib-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-zlib", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-gettext-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-gettext", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-curl-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-curl", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-bcmath-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-bcmath", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-gd-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-gd", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-sysvmsg-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-sysvmsg", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-curl-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-curl", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-hash-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-hash", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-iconv-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-iconv", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-curl-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-curl", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-dom-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-dom", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-odbc-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-odbc", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-gmp-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-gmp", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-debugsource-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-debugsource", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Debuginfo", "arch": "i586"}, {"packageFilename": "php5-ftp-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-ftp", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-pspell-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-pspell", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-json-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-json", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-ldap-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-ldap", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-soap-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-soap", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-gettext-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-gettext", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-xmlreader-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-xmlreader", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-iconv-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-iconv", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-fastcgi-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-fastcgi", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-pdo-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-pdo", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-odbc-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-odbc", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-mcrypt-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-mcrypt", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-sysvsem-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-sysvsem", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-pear-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-pear", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-debuginfo-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-debuginfo", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Debuginfo", "arch": "i586"}, {"packageFilename": "php5-pgsql-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-pgsql", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-gmp-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-gmp", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-debugsource-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-debugsource", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Debuginfo", "arch": "x86_64"}, {"packageFilename": "php5-zip-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-zip", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-xmlwriter-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-xmlwriter", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-sysvshm-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-sysvshm", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-suhosin-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-suhosin", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-ldap-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-ldap", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-snmp-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-snmp", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-snmp-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-snmp", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-pdo-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-pdo", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-pgsql-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-pgsql", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-xmlreader-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-xmlreader", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-wddx-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-wddx", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-bcmath-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-bcmath", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-pcntl-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-pcntl", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-sysvshm-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-sysvshm", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-pcntl-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-pcntl", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-xmlwriter-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-xmlwriter", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-dbase-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-dbase", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-ldap-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-ldap", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-openssl-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-openssl", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-bz2-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-bz2", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}, {"packageFilename": "php5-bz2-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-bz2", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-bcmath-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-bcmath", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-fastcgi-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-fastcgi", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-calendar-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-calendar", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-calendar-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-calendar", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-suhosin-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-suhosin", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-tokenizer-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "php5-tokenizer", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "apache2-mod_php5-5.2.14-0.7.30.89.1.s390x.rpm", "packageName": "apache2-mod_php5", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "s390x"}, {"packageFilename": "php5-bz2-5.2.14-0.7.30.89.1.x86_64.rpm", "packageName": "php5-bz2", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "x86_64"}, {"packageFilename": "php5-zlib-5.2.14-0.7.30.89.1.i586.rpm", "packageName": "php5-zlib", "packageVersion": "5.2.14-0.7.30.89.1", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server LTSS", "arch": "i586"}], "modified": "2016-08-16T13:10:01", "references": ["https://bugzilla.suse.com/991427", "https://bugzilla.suse.com/991426", "https://bugzilla.suse.com/986388", "https://bugzilla.suse.com/986393", "https://bugzilla.suse.com/991429", "https://bugzilla.suse.com/986386", "https://bugzilla.suse.com/986004", "https://bugzilla.suse.com/991428", "https://bugzilla.suse.com/991433", "https://bugzilla.suse.com/991437", "https://bugzilla.suse.com/986244", "https://bugzilla.suse.com/991430"], "type": "suse", "id": "SUSE-SU-2016:2080-1", "lastseen": "2016-09-04T11:49:45", "reporter": "Suse", "title": "Security update for php5 (important)"}
{"nessus": [{"lastseen": "2021-01-20T14:46:16", "description": "php5 was updated to fix the following security issues :\n\n - CVE-2016-6297: Stack-based buffer overflow vulnerability\n in php_stream_zip_opener (bsc#991426).\n\n - CVE-2016-6291: Out-of-bounds access in\n exif_process_IFD_in_MAKERNOTE (bsc#991427).\n\n - CVE-2016-6289: Integer overflow leads to buffer overflow\n in virtual_file_ex (bsc#991428).\n\n - CVE-2016-6290: Use after free in unserialize() with\n Unexpected Session Deserialization (bsc#991429).\n\n - CVE-2016-5399: Improper error handling in bzread()\n (bsc#991430).\n\n - CVE-2016-6288: Buffer over-read in php_url_parse_ex\n (bsc#991433).\n\n - CVE-2016-6296: Heap buffer overflow vulnerability in\n simplestring_addn in simplestring.c (bsc#991437).\n\n - CVE-2016-5769: Mcrypt: Heap Overflow due to integer\n overflows (bsc#986388).\n\n - CVE-2015-8935: XSS in header() with Internet Explorer\n (bsc#986004).\n\n - CVE-2016-5772: Double free corruption in\n wddx_deserialize (bsc#986244).\n\n - CVE-2016-5766: Integer Overflow in _gd2GetHeader()\n resulting in heap overflow (bsc#986386).\n\n - CVE-2016-5767: Integer Overflow in\n gdImagePaletteToTrueColor() resulting in heap overflow\n (bsc#986393).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-02T00:00:00", "title": "SUSE SLES11 Security Update : php5 (SUSE-SU-2016:2080-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5399", "CVE-2016-6288", "CVE-2016-6290", "CVE-2016-5772", "CVE-2016-6297", "CVE-2016-6289", "CVE-2016-5769", "CVE-2015-8935", "CVE-2016-5766", "CVE-2016-5767", "CVE-2016-6291", "CVE-2016-6296"], "modified": "2016-09-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:php5-tokenizer", "p-cpe:/a:novell:suse_linux:php5-bcmath", "p-cpe:/a:novell:suse_linux:php5-zip", "p-cpe:/a:novell:suse_linux:php5-xmlrpc", "p-cpe:/a:novell:suse_linux:php5-calendar", "p-cpe:/a:novell:suse_linux:php5-odbc", "p-cpe:/a:novell:suse_linux:php5-gettext", "p-cpe:/a:novell:suse_linux:php5-openssl", "p-cpe:/a:novell:suse_linux:php5-iconv", "p-cpe:/a:novell:suse_linux:php5-bz2", "p-cpe:/a:novell:suse_linux:php5-dbase", "p-cpe:/a:novell:suse_linux:php5-sysvmsg", "p-cpe:/a:novell:suse_linux:php5-suhosin", "p-cpe:/a:novell:suse_linux:php5-pgsql", "p-cpe:/a:novell:suse_linux:php5-mbstring", "p-cpe:/a:novell:suse_linux:apache2-mod_php5", "p-cpe:/a:novell:suse_linux:php5-ctype", "p-cpe:/a:novell:suse_linux:php5-pspell", "p-cpe:/a:novell:suse_linux:php5", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:php5-gd", "p-cpe:/a:novell:suse_linux:php5-mcrypt", "p-cpe:/a:novell:suse_linux:php5-sysvsem", "p-cpe:/a:novell:suse_linux:php5-soap", "p-cpe:/a:novell:suse_linux:php5-ldap", "p-cpe:/a:novell:suse_linux:php5-mysql", "p-cpe:/a:novell:suse_linux:php5-sysvshm", "p-cpe:/a:novell:suse_linux:php5-fastcgi", "p-cpe:/a:novell:suse_linux:php5-gmp", "p-cpe:/a:novell:suse_linux:php5-xmlwriter", "p-cpe:/a:novell:suse_linux:php5-wddx", "p-cpe:/a:novell:suse_linux:php5-exif", "p-cpe:/a:novell:suse_linux:php5-xmlreader", "p-cpe:/a:novell:suse_linux:php5-curl", "p-cpe:/a:novell:suse_linux:php5-dba", "p-cpe:/a:novell:suse_linux:php5-snmp", "p-cpe:/a:novell:suse_linux:php5-ftp", "p-cpe:/a:novell:suse_linux:php5-zlib", "p-cpe:/a:novell:suse_linux:php5-dom", "p-cpe:/a:novell:suse_linux:php5-xsl", "p-cpe:/a:novell:suse_linux:php5-hash", "p-cpe:/a:novell:suse_linux:php5-pdo", "p-cpe:/a:novell:suse_linux:php5-pear", "p-cpe:/a:novell:suse_linux:php5-pcntl", "p-cpe:/a:novell:suse_linux:php5-json", "p-cpe:/a:novell:suse_linux:php5-shmop"], "id": "SUSE_SU-2016-2080-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93293", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2080-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93293);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8935\", \"CVE-2016-5399\", \"CVE-2016-5766\", \"CVE-2016-5767\", \"CVE-2016-5769\", \"CVE-2016-5772\", \"CVE-2016-6288\", \"CVE-2016-6289\", \"CVE-2016-6290\", \"CVE-2016-6291\", \"CVE-2016-6296\", \"CVE-2016-6297\");\n\n script_name(english:\"SUSE SLES11 Security Update : php5 (SUSE-SU-2016:2080-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"php5 was updated to fix the following security issues :\n\n - CVE-2016-6297: Stack-based buffer overflow vulnerability\n in php_stream_zip_opener (bsc#991426).\n\n - CVE-2016-6291: Out-of-bounds access in\n exif_process_IFD_in_MAKERNOTE (bsc#991427).\n\n - CVE-2016-6289: Integer overflow leads to buffer overflow\n in virtual_file_ex (bsc#991428).\n\n - CVE-2016-6290: Use after free in unserialize() with\n Unexpected Session Deserialization (bsc#991429).\n\n - CVE-2016-5399: Improper error handling in bzread()\n (bsc#991430).\n\n - CVE-2016-6288: Buffer over-read in php_url_parse_ex\n (bsc#991433).\n\n - CVE-2016-6296: Heap buffer overflow vulnerability in\n simplestring_addn in simplestring.c (bsc#991437).\n\n - CVE-2016-5769: Mcrypt: Heap Overflow due to integer\n overflows (bsc#986388).\n\n - CVE-2015-8935: XSS in header() with Internet Explorer\n (bsc#986004).\n\n - CVE-2016-5772: Double free corruption in\n wddx_deserialize (bsc#986244).\n\n - CVE-2016-5766: Integer Overflow in _gd2GetHeader()\n resulting in heap overflow (bsc#986386).\n\n - CVE-2016-5767: Integer Overflow in\n gdImagePaletteToTrueColor() resulting in heap overflow\n (bsc#986393).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986004\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986388\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991426\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991427\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991433\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8935/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5399/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5766/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5767/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5769/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5772/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6288/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6289/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6290/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6291/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6296/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6297/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162080-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?50764ab8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP2-LTSS:zypper in -t patch\nslessp2-php5-12696=1\n\nSUSE Linux Enterprise Debuginfo 11-SP2:zypper in -t patch\ndbgsp2-php5-12696=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"apache2-mod_php5-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-bcmath-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-bz2-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-calendar-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-ctype-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-curl-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-dba-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-dbase-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-dom-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-exif-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-fastcgi-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-ftp-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-gd-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-gettext-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-gmp-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-hash-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-iconv-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-json-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-ldap-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-mbstring-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-mcrypt-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-mysql-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-odbc-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-openssl-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pcntl-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pdo-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pear-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pgsql-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pspell-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-shmop-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-snmp-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-soap-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-suhosin-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-sysvmsg-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-sysvsem-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-sysvshm-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-tokenizer-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-wddx-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-xmlreader-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-xmlrpc-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-xmlwriter-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-xsl-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-zip-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-zlib-5.2.14-0.7.30.89.1\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T14:46:22", "description": "This update for php53 fixes the following issues :\n\n - security update :\n\n - CVE-2014-3587: Integer overflow in the\n cdf_read_property_info affecting SLES11 SP3 [bsc#987530]\n\n - CVE-2016-6297: Stack-based buffer overflow vulnerability\n in php_stream_zip_opener [bsc#991426]\n\n - CVE-2016-6291: Out-of-bounds access in\n exif_process_IFD_in_MAKERNOTE [bsc#991427]\n\n - CVE-2016-6289: Integer overflow leads to buffer overflow\n in virtual_file_ex [bsc#991428]\n\n - CVE-2016-6290: Use after free in unserialize() with\n Unexpected Session Deserialization [bsc#991429]\n\n - CVE-2016-5399: Improper error handling in bzread()\n [bsc#991430]\n\n - CVE-2016-6288: Buffer over-read in php_url_parse_ex\n [bsc#991433]\n\n - CVE-2016-6296: Heap buffer overflow vulnerability in\n simplestring_addn in simplestring.c [bsc#991437]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-08T00:00:00", "title": "SUSE SLES11 Security Update : php53 (SUSE-SU-2016:2210-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5399", "CVE-2016-6288", "CVE-2016-6290", "CVE-2014-3587", "CVE-2016-6297", "CVE-2016-3587", "CVE-2016-6289", "CVE-2016-6291", "CVE-2016-6296"], "modified": "2016-09-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:php53-shmop", "p-cpe:/a:novell:suse_linux:php53-snmp", "p-cpe:/a:novell:suse_linux:php53-sysvsem", "p-cpe:/a:novell:suse_linux:php53-dba", "p-cpe:/a:novell:suse_linux:php53-pear", "p-cpe:/a:novell:suse_linux:php53-xsl", "p-cpe:/a:novell:suse_linux:php53-calendar", "p-cpe:/a:novell:suse_linux:php53-openssl", "p-cpe:/a:novell:suse_linux:php53", "p-cpe:/a:novell:suse_linux:php53-dom", "p-cpe:/a:novell:suse_linux:php53-odbc", "p-cpe:/a:novell:suse_linux:php53-ctype", "p-cpe:/a:novell:suse_linux:php53-zip", "p-cpe:/a:novell:suse_linux:php53-pgsql", "p-cpe:/a:novell:suse_linux:php53-pcntl", "p-cpe:/a:novell:suse_linux:php53-pspell", "p-cpe:/a:novell:suse_linux:apache2-mod_php53", "p-cpe:/a:novell:suse_linux:php53-gmp", "p-cpe:/a:novell:suse_linux:php53-gd", "p-cpe:/a:novell:suse_linux:php53-curl", "p-cpe:/a:novell:suse_linux:php53-gettext", "p-cpe:/a:novell:suse_linux:php53-iconv", "p-cpe:/a:novell:suse_linux:php53-bz2", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:php53-zlib", "p-cpe:/a:novell:suse_linux:php53-bcmath", "p-cpe:/a:novell:suse_linux:php53-fastcgi", "p-cpe:/a:novell:suse_linux:php53-json", "p-cpe:/a:novell:suse_linux:php53-sysvmsg", "p-cpe:/a:novell:suse_linux:php53-mbstring", "p-cpe:/a:novell:suse_linux:php53-ldap", "p-cpe:/a:novell:suse_linux:php53-xmlreader", "p-cpe:/a:novell:suse_linux:php53-suhosin", "p-cpe:/a:novell:suse_linux:php53-ftp", "p-cpe:/a:novell:suse_linux:php53-soap", "p-cpe:/a:novell:suse_linux:php53-sysvshm", "p-cpe:/a:novell:suse_linux:php53-fileinfo", "p-cpe:/a:novell:suse_linux:php53-mcrypt", "p-cpe:/a:novell:suse_linux:php53-intl", "p-cpe:/a:novell:suse_linux:php53-wddx", "p-cpe:/a:novell:suse_linux:php53-xmlrpc", "p-cpe:/a:novell:suse_linux:php53-tokenizer", "p-cpe:/a:novell:suse_linux:php53-pdo", "p-cpe:/a:novell:suse_linux:php53-xmlwriter", "p-cpe:/a:novell:suse_linux:php53-mysql", "p-cpe:/a:novell:suse_linux:php53-exif"], "id": "SUSE_SU-2016-2210-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93367", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2210-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93367);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3587\", \"CVE-2016-3587\", \"CVE-2016-5399\", \"CVE-2016-6288\", \"CVE-2016-6289\", \"CVE-2016-6290\", \"CVE-2016-6291\", \"CVE-2016-6296\", \"CVE-2016-6297\");\n script_bugtraq_id(69325);\n\n script_name(english:\"SUSE SLES11 Security Update : php53 (SUSE-SU-2016:2210-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for php53 fixes the following issues :\n\n - security update :\n\n - CVE-2014-3587: Integer overflow in the\n cdf_read_property_info affecting SLES11 SP3 [bsc#987530]\n\n - CVE-2016-6297: Stack-based buffer overflow vulnerability\n in php_stream_zip_opener [bsc#991426]\n\n - CVE-2016-6291: Out-of-bounds access in\n exif_process_IFD_in_MAKERNOTE [bsc#991427]\n\n - CVE-2016-6289: Integer overflow leads to buffer overflow\n in virtual_file_ex [bsc#991428]\n\n - CVE-2016-6290: Use after free in unserialize() with\n Unexpected Session Deserialization [bsc#991429]\n\n - CVE-2016-5399: Improper error handling in bzread()\n [bsc#991430]\n\n - CVE-2016-6288: Buffer over-read in php_url_parse_ex\n [bsc#991433]\n\n - CVE-2016-6296: Heap buffer overflow vulnerability in\n simplestring_addn in simplestring.c [bsc#991437]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=987530\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991426\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991427\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991433\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3587/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3587/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5399/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6288/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6289/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6290/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6291/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6296/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6297/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162210-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?afc57c21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-php53-12724=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-php53-12724=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-php53-12724=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"apache2-mod_php53-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-bcmath-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-bz2-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-calendar-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ctype-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-curl-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-dba-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-dom-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-exif-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-fastcgi-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-fileinfo-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ftp-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gd-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gettext-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gmp-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-iconv-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-intl-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-json-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ldap-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mbstring-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mcrypt-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mysql-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-odbc-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-openssl-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pcntl-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pdo-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pear-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pgsql-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pspell-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-shmop-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-snmp-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-soap-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-suhosin-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvmsg-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvsem-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvshm-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-tokenizer-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-wddx-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlreader-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlrpc-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlwriter-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xsl-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-zip-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-zlib-5.3.17-79.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T14:46:14", "description": "php53 was updated to fix five security issues. These security issues\nwere fixed :\n\n - CVE-2016-5769: mcrypt: Heap Overflow due to integer\n overflows (bsc#986388).\n\n - CVE-2015-8935: XSS in header() with Internet Explorer\n (bsc#986004).\n\n - CVE-2016-5772: Double Free Courruption in\n wddx_deserialize (bsc#986244).\n\n - CVE-2016-5766: Integer Overflow in _gd2GetHeader()\n resulting in heap overflow (bsc#986386).\n\n - CVE-2016-5767: Integer Overflow in\n gdImagePaletteToTrueColor() resulting in heap overflow\n (bsc#986393).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-02T00:00:00", "title": "SUSE SLES11 Security Update : php53 (SUSE-SU-2016:2013-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5772", "CVE-2016-5769", "CVE-2015-8935", "CVE-2016-5766", "CVE-2016-5767"], "modified": "2016-09-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:php53-shmop", "p-cpe:/a:novell:suse_linux:php53-snmp", "p-cpe:/a:novell:suse_linux:php53-sysvsem", "p-cpe:/a:novell:suse_linux:php53-dba", "p-cpe:/a:novell:suse_linux:php53-pear", "p-cpe:/a:novell:suse_linux:php53-xsl", "p-cpe:/a:novell:suse_linux:php53-calendar", "p-cpe:/a:novell:suse_linux:php53-openssl", "p-cpe:/a:novell:suse_linux:php53", "p-cpe:/a:novell:suse_linux:php53-dom", "p-cpe:/a:novell:suse_linux:php53-odbc", "p-cpe:/a:novell:suse_linux:php53-ctype", "p-cpe:/a:novell:suse_linux:php53-zip", "p-cpe:/a:novell:suse_linux:php53-pgsql", "p-cpe:/a:novell:suse_linux:php53-pcntl", "p-cpe:/a:novell:suse_linux:php53-pspell", "p-cpe:/a:novell:suse_linux:apache2-mod_php53", "p-cpe:/a:novell:suse_linux:php53-gmp", "p-cpe:/a:novell:suse_linux:php53-gd", "p-cpe:/a:novell:suse_linux:php53-curl", "p-cpe:/a:novell:suse_linux:php53-gettext", "p-cpe:/a:novell:suse_linux:php53-iconv", "p-cpe:/a:novell:suse_linux:php53-bz2", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:php53-zlib", "p-cpe:/a:novell:suse_linux:php53-bcmath", "p-cpe:/a:novell:suse_linux:php53-fastcgi", "p-cpe:/a:novell:suse_linux:php53-json", "p-cpe:/a:novell:suse_linux:php53-sysvmsg", "p-cpe:/a:novell:suse_linux:php53-mbstring", "p-cpe:/a:novell:suse_linux:php53-ldap", "p-cpe:/a:novell:suse_linux:php53-xmlreader", "p-cpe:/a:novell:suse_linux:php53-suhosin", "p-cpe:/a:novell:suse_linux:php53-ftp", "p-cpe:/a:novell:suse_linux:php53-soap", "p-cpe:/a:novell:suse_linux:php53-sysvshm", "p-cpe:/a:novell:suse_linux:php53-fileinfo", "p-cpe:/a:novell:suse_linux:php53-mcrypt", "p-cpe:/a:novell:suse_linux:php53-intl", "p-cpe:/a:novell:suse_linux:php53-wddx", "p-cpe:/a:novell:suse_linux:php53-xmlrpc", "p-cpe:/a:novell:suse_linux:php53-tokenizer", "p-cpe:/a:novell:suse_linux:php53-pdo", "p-cpe:/a:novell:suse_linux:php53-xmlwriter", "p-cpe:/a:novell:suse_linux:php53-mysql", "p-cpe:/a:novell:suse_linux:php53-exif"], "id": "SUSE_SU-2016-2013-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93282", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2013-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93282);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8935\", \"CVE-2016-5766\", \"CVE-2016-5767\", \"CVE-2016-5769\", \"CVE-2016-5772\");\n\n script_name(english:\"SUSE SLES11 Security Update : php53 (SUSE-SU-2016:2013-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"php53 was updated to fix five security issues. These security issues\nwere fixed :\n\n - CVE-2016-5769: mcrypt: Heap Overflow due to integer\n overflows (bsc#986388).\n\n - CVE-2015-8935: XSS in header() with Internet Explorer\n (bsc#986004).\n\n - CVE-2016-5772: Double Free Courruption in\n wddx_deserialize (bsc#986244).\n\n - CVE-2016-5766: Integer Overflow in _gd2GetHeader()\n resulting in heap overflow (bsc#986386).\n\n - CVE-2016-5767: Integer Overflow in\n gdImagePaletteToTrueColor() resulting in heap overflow\n (bsc#986393).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986004\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986388\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8935/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5766/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5767/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5769/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5772/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162013-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55c305da\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-php53-12683=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-php53-12683=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-php53-12683=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/08/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"apache2-mod_php53-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-bcmath-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-bz2-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-calendar-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ctype-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-curl-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-dba-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-dom-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-exif-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-fastcgi-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-fileinfo-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ftp-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gd-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gettext-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gmp-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-iconv-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-intl-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-json-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ldap-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mbstring-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mcrypt-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mysql-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-odbc-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-openssl-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pcntl-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pdo-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pear-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pgsql-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pspell-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-shmop-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-snmp-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-soap-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-suhosin-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvmsg-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvsem-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvshm-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-tokenizer-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-wddx-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlreader-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlrpc-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlwriter-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xsl-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-zip-5.3.17-74.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-zlib-5.3.17-74.1\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:31:01", "description": "This update for php5 fixes the following issues :\n\n - security update :\n\n - CVE-2016-6128: Invalid color index not properly handled\n [bsc#987580]\n\n - CVE-2016-6161: global out of bounds read when encoding\n gif from malformed input withgd2togif [bsc#988032]\n\n - CVE-2016-6292: NULL pointer dereference in\n exif_process_user_comment [bsc#991422]\n\n - CVE-2016-6295: Use after free in SNMP with GC and\n unserialize() [bsc#991424]\n\n - CVE-2016-6297: Stack-based buffer overflow vulnerability\n in php_stream_zip_opener [bsc#991426]\n\n - CVE-2016-6291: Out-of-bounds access in\n exif_process_IFD_in_MAKERNOTE [bsc#991427]\n\n - CVE-2016-6289: Integer overflow leads to buffer overflow\n in virtual_file_ex [bsc#991428]\n\n - CVE-2016-6290: Use after free in unserialize() with\n Unexpected Session Deserialization [bsc#991429]\n\n - CVE-2016-5399: Improper error handling in bzread()\n [bsc#991430]\n\n - CVE-2016-6296: Heap buffer overflow vulnerability in\n simplestring_addn in simplestring.c [bsc#991437]\n\n - CVE-2016-6207: Integer overflow error within\n _gdContributionsAlloc() [bsc#991434]\n\n - CVE-2016-6288: Buffer over-read in php_url_parse_ex\n [bsc#991433]", "edition": 20, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-08-16T00:00:00", "title": "openSUSE Security Update : php5 (openSUSE-2016-985)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5399", "CVE-2016-6288", "CVE-2016-6290", "CVE-2016-6128", "CVE-2016-6161", "CVE-2016-6207", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-6289", "CVE-2016-6291", "CVE-2016-6296"], "modified": "2016-08-16T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-opcache", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:php5-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-opcache-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-ldap"], "id": "OPENSUSE-2016-985.NASL", "href": "https://www.tenable.com/plugins/nessus/92982", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-985.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92982);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5399\", \"CVE-2016-6128\", \"CVE-2016-6161\", \"CVE-2016-6207\", \"CVE-2016-6288\", \"CVE-2016-6289\", \"CVE-2016-6290\", \"CVE-2016-6291\", \"CVE-2016-6292\", \"CVE-2016-6295\", \"CVE-2016-6296\", \"CVE-2016-6297\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-2016-985)\");\n script_summary(english:\"Check for the openSUSE-2016-985 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for php5 fixes the following issues :\n\n - security update :\n\n - CVE-2016-6128: Invalid color index not properly handled\n [bsc#987580]\n\n - CVE-2016-6161: global out of bounds read when encoding\n gif from malformed input withgd2togif [bsc#988032]\n\n - CVE-2016-6292: NULL pointer dereference in\n exif_process_user_comment [bsc#991422]\n\n - CVE-2016-6295: Use after free in SNMP with GC and\n unserialize() [bsc#991424]\n\n - CVE-2016-6297: Stack-based buffer overflow vulnerability\n in php_stream_zip_opener [bsc#991426]\n\n - CVE-2016-6291: Out-of-bounds access in\n exif_process_IFD_in_MAKERNOTE [bsc#991427]\n\n - CVE-2016-6289: Integer overflow leads to buffer overflow\n in virtual_file_ex [bsc#991428]\n\n - CVE-2016-6290: Use after free in unserialize() with\n Unexpected Session Deserialization [bsc#991429]\n\n - CVE-2016-5399: Improper error handling in bzread()\n [bsc#991430]\n\n - CVE-2016-6296: Heap buffer overflow vulnerability in\n simplestring_addn in simplestring.c [bsc#991437]\n\n - CVE-2016-6207: Integer overflow error within\n _gdContributionsAlloc() [bsc#991434]\n\n - CVE-2016-6288: Buffer over-read in php_url_parse_ex\n [bsc#991433]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=987580\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=988032\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=991422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=991424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=991426\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=991427\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=991428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=991429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=991430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=991433\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=991434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=991437\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debugsource-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-devel-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pear-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-debuginfo-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-5.6.1-72.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-debuginfo-5.6.1-72.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T10:57:25", "description": "PHP reports :\n\n- Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined\ncolumns)\n\n- Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and\nunserialize()).\n\n- Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary\nwrite/read access).\n\n- Fixed bug #72519 (imagegif/output out-of-bounds access).\n\n- Fixed bug #72520 (Stack-based buffer overflow vulnerability in\nphp_stream_zip_opener).\n\n- Fixed bug #72533 (locale_accept_from_http out-of-bounds access).\n\n- Fixed bug #72541 (size_t overflow lead to heap corruption).\n\n- Fixed bug #72551, bug #72552 (Incorrect casting from size_t to int\nlead to heap overflow in mdecrypt_generic).\n\n- Fixed bug #72558 (Integer overflow error within\n_gdContributionsAlloc()).\n\n- Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP\nlibraries and applications).\n\n- Fixed bug #72603 (Out of bound read in\nexif_process_IFD_in_MAKERNOTE).\n\n- Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn\nsimplestring.c).\n\n- Fixed bug #72613 (Inadequate error handling in bzread()).\n\n- Fixed bug #72618 (NULL pointer Dereference in\nexif_process_user_comment).", "edition": 29, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-07-27T00:00:00", "title": "FreeBSD : php -- multiple vulnerabilities (b6402385-533b-11e6-a7bd-14dae9d210b8) (httpoxy)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5399", "CVE-2016-6288", "CVE-2016-5385", "CVE-2016-6290", "CVE-2015-8879", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-6289", "CVE-2016-6294", "CVE-2016-6291", "CVE-2016-6296"], "modified": "2016-07-27T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:php70-zip", "p-cpe:/a:freebsd:freebsd:php70-odbc", "p-cpe:/a:freebsd:freebsd:php55-gd", "p-cpe:/a:freebsd:freebsd:php70-mcrypt", "p-cpe:/a:freebsd:freebsd:php70", "p-cpe:/a:freebsd:freebsd:php56-snmp", "p-cpe:/a:freebsd:freebsd:php56-xmlrpc", "p-cpe:/a:freebsd:freebsd:php56-odbc", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:php55-odbc", "p-cpe:/a:freebsd:freebsd:php70-exif", "p-cpe:/a:freebsd:freebsd:php56-gd", "p-cpe:/a:freebsd:freebsd:php55-snmp", "p-cpe:/a:freebsd:freebsd:php70-bz2", "p-cpe:/a:freebsd:freebsd:php70-snmp", "p-cpe:/a:freebsd:freebsd:php70-xmlrpc", "p-cpe:/a:freebsd:freebsd:php55-xmlrpc", "p-cpe:/a:freebsd:freebsd:php70-gd", "p-cpe:/a:freebsd:freebsd:php55-bz2", "p-cpe:/a:freebsd:freebsd:php70-curl", "p-cpe:/a:freebsd:freebsd:php55", "p-cpe:/a:freebsd:freebsd:php56", "p-cpe:/a:freebsd:freebsd:php55-exif", "p-cpe:/a:freebsd:freebsd:php55-zip", "p-cpe:/a:freebsd:freebsd:php56-bz2", "p-cpe:/a:freebsd:freebsd:php56-zip", "p-cpe:/a:freebsd:freebsd:php56-exif"], "id": "FREEBSD_PKG_B6402385533B11E6A7BD14DAE9D210B8.NASL", "href": "https://www.tenable.com/plugins/nessus/92574", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92574);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-8879\", \"CVE-2016-5385\", \"CVE-2016-5399\", \"CVE-2016-6288\", \"CVE-2016-6289\", \"CVE-2016-6290\", \"CVE-2016-6291\", \"CVE-2016-6292\", \"CVE-2016-6294\", \"CVE-2016-6295\", \"CVE-2016-6296\", \"CVE-2016-6297\");\n\n script_name(english:\"FreeBSD : php -- multiple vulnerabilities (b6402385-533b-11e6-a7bd-14dae9d210b8) (httpoxy)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP reports :\n\n- Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined\ncolumns)\n\n- Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and\nunserialize()).\n\n- Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary\nwrite/read access).\n\n- Fixed bug #72519 (imagegif/output out-of-bounds access).\n\n- Fixed bug #72520 (Stack-based buffer overflow vulnerability in\nphp_stream_zip_opener).\n\n- Fixed bug #72533 (locale_accept_from_http out-of-bounds access).\n\n- Fixed bug #72541 (size_t overflow lead to heap corruption).\n\n- Fixed bug #72551, bug #72552 (Incorrect casting from size_t to int\nlead to heap overflow in mdecrypt_generic).\n\n- Fixed bug #72558 (Integer overflow error within\n_gdContributionsAlloc()).\n\n- Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP\nlibraries and applications).\n\n- Fixed bug #72603 (Out of bound read in\nexif_process_IFD_in_MAKERNOTE).\n\n- Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn\nsimplestring.c).\n\n- Fixed bug #72613 (Inadequate error handling in bzread()).\n\n- Fixed bug #72618 (NULL pointer Dereference in\nexif_process_user_comment).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.5.38\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.6.24\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-7.php#7.0.8\"\n );\n # http://seclists.org/oss-sec/2016/q3/121\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://seclists.org/oss-sec/2016/q3/121\"\n );\n # https://vuxml.freebsd.org/freebsd/b6402385-533b-11e6-a7bd-14dae9d210b8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?63176dba\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"php55<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-curl<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-bz2<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-bz2<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-bz2<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-exif<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-exif<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-exif<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-gd<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-gd<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-gd<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-mcrypt<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-odbc<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-odbc<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-odbc<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-snmp<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-snmp<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-snmp<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-xmlrpc<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-xmlrpc<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-xmlrpc<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-zip<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-zip<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-zip<7.0.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:49:43", "description": "Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development.\n\nThe vulnerabilities are addressed by upgrading PHP to the new upstream\nversion 5.6.24, which includes additional bug fixes. Please refer to\nthe upstream changelog for more information :", "edition": 26, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-07-27T00:00:00", "title": "Debian DSA-3631-1 : php5 - security update (httpoxy)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5399", "CVE-2016-5385", "CVE-2016-6290", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-6289", "CVE-2016-6294", "CVE-2016-6291", "CVE-2016-6296"], "modified": "2016-07-27T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:php5"], "id": "DEBIAN_DSA-3631.NASL", "href": "https://www.tenable.com/plugins/nessus/92573", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3631. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92573);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5385\", \"CVE-2016-5399\", \"CVE-2016-6289\", \"CVE-2016-6290\", \"CVE-2016-6291\", \"CVE-2016-6292\", \"CVE-2016-6294\", \"CVE-2016-6295\", \"CVE-2016-6296\", \"CVE-2016-6297\");\n script_xref(name:\"DSA\", value:\"3631\");\n\n script_name(english:\"Debian DSA-3631-1 : php5 - security update (httpoxy)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development.\n\nThe vulnerabilities are addressed by upgrading PHP to the new upstream\nversion 5.6.24, which includes additional bug fixes. Please refer to\nthe upstream changelog for more information :\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/php5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3631\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the php5 packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 5.6.24+dfsg-0+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-mod-php5\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libphp5-embed\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-pear\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-cgi\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-cli\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-common\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-curl\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-dbg\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-dev\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-enchant\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-fpm\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-gd\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-gmp\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-imap\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-interbase\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-intl\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-ldap\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-mcrypt\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-mysql\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-mysqlnd\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-odbc\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-pgsql\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-phpdbg\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-pspell\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-readline\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-recode\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-snmp\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-sqlite\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-sybase\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-tidy\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-xmlrpc\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-xsl\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-01T05:19:58", "description": "According to its banner, the version of PHP running on the remote web\nserver is 5.5.x prior to 5.5.38. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A Segfault condition occurs when accessing\n nvarchar(max) defined columns. (CVE-2015-8879)\n\n - A man-in-the-middle vulnerability exists, known as\n 'httpoxy', due to a failure to properly resolve\n namespace conflicts in accordance with RFC 3875 section\n 4.1.18. The HTTP_PROXY environment variable is set based\n on untrusted user data in the 'Proxy' header of HTTP\n requests. The HTTP_PROXY environment variable is used by\n some web client libraries to specify a remote proxy\n server. An unauthenticated, remote attacker can exploit\n this, via a crafted 'Proxy' header in an HTTP request,\n to redirect an application's internal HTTP traffic to an\n arbitrary proxy server where it may be observed or\n manipulated. (CVE-2016-5385)\n\n - An overflow condition exists in the php_bz2iop_read()\n function within file ext/bz2/bz2.c due to improper\n handling of error conditions. An unauthenticated, remote\n attacker can exploit this, via a crafted request, to\n execute arbitrary code. (CVE-2016-5399)\n\n - A flaw exists in the GD Graphics Library (libgd),\n specifically in the gdImageScaleTwoPass() function\n within file gd_interpolation.c, due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this to cause a denial of\n service condition. (CVE-2016-6207)\n\n - A buffer overflow condition exists in the\n php_url_parse_ex() function. (CVE-2016-6288)\n\n - An integer overflow condition exists in the\n virtual_file_ex() function within file\n Zend/zend_virtual_cwd.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2016-6289)\n\n - A use-after-free error exists within the file\n ext/session/session.c when handling 'var_hash'\n destruction. An unauthenticated, remote attacker can\n exploit this to deference already freed memory,\n resulting in the execution of arbitrary code.\n (CVE-2016-6290)\n\n - An out-of-bounds read error exists in the\n exif_process_IFD_in_MAKERNOTE() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition or\n disclose memory contents. (CVE-2016-6291)\n\n - A NULL pointer dereference flaw exists in the\n exif_process_user_comment() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition.\n (CVE-2016-6292)\n\n - Multiple out-of-bounds read errors exist in the\n locale_accept_from_http() function within file\n ext/intl/locale/locale_methods.c. An unauthenticated,\n remote attacker can exploit these to cause a denial of\n service condition or disclose memory contents.\n (CVE-2016-6293, CVE-2016-6294)\n\n - A use-after-free error exists within file\n ext/snmp/snmp.c when handling garbage collection during\n deserialization of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n deference already freed memory, resulting in the\n execution of arbitrary code. (CVE-2016-6295)\n\n - A heap-based buffer overflow condition exists in the\n simplestring_addn() function within file simplestring.c\n due to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6296)\n\n - An integer overflow condition exists in the\n php_stream_zip_opener() function within file\n ext/zip/zip_stream.c due to improper validation of\n user-supplied input when handling zip streams. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6297)\n\n - An out-of-bounds read error exists in the GD Graphics\n Library (libgd), specifically in the\n gdImageScaleBilinearPalette() function within file\n gd_interpolation.c, when handling transparent color. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or disclose\n memory contents.\n\n - A heap-based buffer overflow condition exists in the\n mdecrypt_generic() function within file\n ext/mcrypt/mcrypt.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code.\n\n - A NULL write flaw exists in the GD Graphics Library\n (libgd) in the gdImageColorTransparent() function due to\n improper handling of negative transparent colors. A\n remote attacker can exploit this to disclose memory\n contents.\n\n - An overflow condition exists in the php_url_prase_ex()\n function due to improper validation of user-supplied\n input. A remote attacker can exploit this to cause a\n buffer overflow, resulting in a denial of service\n condition.", "edition": 35, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-07-26T00:00:00", "title": "PHP 5.5.x < 5.5.38 Multiple Vulnerabilities (httpoxy)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5399", "CVE-2016-6288", "CVE-2016-5385", "CVE-2016-6290", "CVE-2015-8879", "CVE-2016-6207", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-6293", "CVE-2016-6289", "CVE-2016-6294", "CVE-2016-6291", "CVE-2016-6296"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_5_38.NASL", "href": "https://www.tenable.com/plugins/nessus/92554", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92554);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\n \"CVE-2015-8879\",\n \"CVE-2016-5385\",\n \"CVE-2016-5399\",\n \"CVE-2016-6207\",\n \"CVE-2016-6288\",\n \"CVE-2016-6289\",\n \"CVE-2016-6290\",\n \"CVE-2016-6291\",\n \"CVE-2016-6292\",\n \"CVE-2016-6293\",\n \"CVE-2016-6294\",\n \"CVE-2016-6295\",\n \"CVE-2016-6296\",\n \"CVE-2016-6297\"\n );\n script_bugtraq_id(\n 90842,\n 91821,\n 92051,\n 92073,\n 92074,\n 92078,\n 92094,\n 92095,\n 92097,\n 92099,\n 92111\n );\n script_xref(name:\"CERT\", value:\"797896\");\n script_xref(name:\"EDB-ID\", value:\"40155\");\n\n script_name(english:\"PHP 5.5.x < 5.5.38 Multiple Vulnerabilities (httpoxy)\");\n script_summary(english:\"Checks the version of PHP.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of PHP running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP running on the remote web\nserver is 5.5.x prior to 5.5.38. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A Segfault condition occurs when accessing\n nvarchar(max) defined columns. (CVE-2015-8879)\n\n - A man-in-the-middle vulnerability exists, known as\n 'httpoxy', due to a failure to properly resolve\n namespace conflicts in accordance with RFC 3875 section\n 4.1.18. The HTTP_PROXY environment variable is set based\n on untrusted user data in the 'Proxy' header of HTTP\n requests. The HTTP_PROXY environment variable is used by\n some web client libraries to specify a remote proxy\n server. An unauthenticated, remote attacker can exploit\n this, via a crafted 'Proxy' header in an HTTP request,\n to redirect an application's internal HTTP traffic to an\n arbitrary proxy server where it may be observed or\n manipulated. (CVE-2016-5385)\n\n - An overflow condition exists in the php_bz2iop_read()\n function within file ext/bz2/bz2.c due to improper\n handling of error conditions. An unauthenticated, remote\n attacker can exploit this, via a crafted request, to\n execute arbitrary code. (CVE-2016-5399)\n\n - A flaw exists in the GD Graphics Library (libgd),\n specifically in the gdImageScaleTwoPass() function\n within file gd_interpolation.c, due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this to cause a denial of\n service condition. (CVE-2016-6207)\n\n - A buffer overflow condition exists in the\n php_url_parse_ex() function. (CVE-2016-6288)\n\n - An integer overflow condition exists in the\n virtual_file_ex() function within file\n Zend/zend_virtual_cwd.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2016-6289)\n\n - A use-after-free error exists within the file\n ext/session/session.c when handling 'var_hash'\n destruction. An unauthenticated, remote attacker can\n exploit this to deference already freed memory,\n resulting in the execution of arbitrary code.\n (CVE-2016-6290)\n\n - An out-of-bounds read error exists in the\n exif_process_IFD_in_MAKERNOTE() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition or\n disclose memory contents. (CVE-2016-6291)\n\n - A NULL pointer dereference flaw exists in the\n exif_process_user_comment() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition.\n (CVE-2016-6292)\n\n - Multiple out-of-bounds read errors exist in the\n locale_accept_from_http() function within file\n ext/intl/locale/locale_methods.c. An unauthenticated,\n remote attacker can exploit these to cause a denial of\n service condition or disclose memory contents.\n (CVE-2016-6293, CVE-2016-6294)\n\n - A use-after-free error exists within file\n ext/snmp/snmp.c when handling garbage collection during\n deserialization of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n deference already freed memory, resulting in the\n execution of arbitrary code. (CVE-2016-6295)\n\n - A heap-based buffer overflow condition exists in the\n simplestring_addn() function within file simplestring.c\n due to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6296)\n\n - An integer overflow condition exists in the\n php_stream_zip_opener() function within file\n ext/zip/zip_stream.c due to improper validation of\n user-supplied input when handling zip streams. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6297)\n\n - An out-of-bounds read error exists in the GD Graphics\n Library (libgd), specifically in the\n gdImageScaleBilinearPalette() function within file\n gd_interpolation.c, when handling transparent color. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or disclose\n memory contents.\n\n - A heap-based buffer overflow condition exists in the\n mdecrypt_generic() function within file\n ext/mcrypt/mcrypt.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code.\n\n - A NULL write flaw exists in the GD Graphics Library\n (libgd) in the gdImageColorTransparent() function due to\n improper handling of negative transparent colors. A\n remote attacker can exploit this to disclose memory\n contents.\n\n - An overflow condition exists in the php_url_prase_ex()\n function due to improper validation of user-supplied\n input. A remote attacker can exploit this to cause a\n buffer overflow, resulting in a denial of service\n condition.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.5.38\");\n script_set_attribute(attribute:\"see_also\", value:\"https://httpoxy.org\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.5.38 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-6290\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.5)?$\")\n audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.5\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.5.x\", port);\n\nif (version =~ \"^5\\.5\\.\" && ver_compare(ver:version, fix:\"5.5.38\", strict:FALSE) < 0){\n security_report_v4(\n port : port,\n extra :\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 5.5.38' +\n '\\n',\n severity:SECURITY_HOLE\n );\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-01T05:20:02", "description": "According to its banner, the version of PHP running on the remote web\nserver is 5.6.x prior to 5.6.24. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A man-in-the-middle vulnerability exists, known as\n 'httpoxy', due to a failure to properly resolve\n namespace conflicts in accordance with RFC 3875 section\n 4.1.18. The HTTP_PROXY environment variable is set based\n on untrusted user data in the 'Proxy' header of HTTP\n requests. The HTTP_PROXY environment variable is used by\n some web client libraries to specify a remote proxy\n server. An unauthenticated, remote attacker can exploit\n this, via a crafted 'Proxy' header in an HTTP request,\n to redirect an application's internal HTTP traffic to an\n arbitrary proxy server where it may be observed or\n manipulated. (CVE-2016-5385)\n\n - An overflow condition exists in the php_bz2iop_read()\n function within file ext/bz2/bz2.c due to improper\n handling of error conditions. An unauthenticated, remote\n attacker can exploit this, via a crafted request, to\n execute arbitrary code. (CVE-2016-5399)\n\n - A flaw exists in the GD Graphics Library (libgd),\n specifically in the gdImageScaleTwoPass() function\n within file gd_interpolation.c, due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this to cause a denial of\n service condition. (CVE-2016-6207)\n\n - An integer overflow condition exists in the\n virtual_file_ex() function within file\n Zend/zend_virtual_cwd.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2016-6289)\n\n - A use-after-free error exists within the file\n ext/session/session.c when handling 'var_hash'\n destruction. An unauthenticated, remote attacker can\n exploit this to deference already freed memory,\n resulting in the execution of arbitrary code.\n (CVE-2016-6290)\n\n - An out-of-bounds read error exists in the\n exif_process_IFD_in_MAKERNOTE() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition or\n disclose memory contents. (CVE-2016-6291)\n\n - A NULL pointer dereference flaw exists in the\n exif_process_user_comment() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition.\n (CVE-2016-6292)\n\n - Multiple out-of-bounds read errors exist in the\n locale_accept_from_http() function within file\n ext/intl/locale/locale_methods.c. An unauthenticated,\n remote attacker can exploit these to cause a denial of\n service condition or disclose memory contents.\n (CVE-2016-6293, CVE-2016-6294)\n\n - A use-after-free error exists within file\n ext/snmp/snmp.c when handling garbage collection during\n deserialization of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n deference already freed memory, resulting in the\n execution of arbitrary code. (CVE-2016-6295)\n\n - A heap-based buffer overflow condition exists in the\n simplestring_addn() function within file simplestring.c\n due to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6296)\n\n - An integer overflow condition exists in the\n php_stream_zip_opener() function within file\n ext/zip/zip_stream.c due to improper validation of\n user-supplied input when handling zip streams. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6297)\n\n - An out-of-bounds read error exists in the GD Graphics\n Library (libgd), specifically in the\n gdImageScaleBilinearPalette() function within file\n gd_interpolation.c, when handling transparent color. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or disclose\n memory contents.\n\n - A heap-based buffer overflow condition exists in the\n mdecrypt_generic() function within file\n ext/mcrypt/mcrypt.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code.\n\n - A NULL write flaw exists in the GD Graphics Library\n (libgd) in the gdImageColorTransparent() function due to\n improper handling of negative transparent colors. A\n remote attacker can exploit this to disclose memory\n contents.", "edition": 35, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-07-26T00:00:00", "title": "PHP 5.6.x < 5.6.24 Multiple Vulnerabilities (httpoxy)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5399", "CVE-2016-5385", "CVE-2016-6290", "CVE-2016-6207", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-6293", "CVE-2016-6289", "CVE-2016-6294", "CVE-2016-6291", "CVE-2016-6296"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_6_24.NASL", "href": "https://www.tenable.com/plugins/nessus/92555", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92555);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\n \"CVE-2016-5385\",\n \"CVE-2016-5399\",\n \"CVE-2016-6207\",\n \"CVE-2016-6289\",\n \"CVE-2016-6290\",\n \"CVE-2016-6291\",\n \"CVE-2016-6292\",\n \"CVE-2016-6293\",\n \"CVE-2016-6294\",\n \"CVE-2016-6295\",\n \"CVE-2016-6296\",\n \"CVE-2016-6297\"\n );\n script_bugtraq_id(\n 91821,\n 92051,\n 92073,\n 92074,\n 92078,\n 92094,\n 92095,\n 92097,\n 92099\n );\n script_xref(name:\"CERT\", value:\"797896\");\n script_xref(name:\"EDB-ID\", value:\"40155\");\n\n script_name(english:\"PHP 5.6.x < 5.6.24 Multiple Vulnerabilities (httpoxy)\");\n script_summary(english:\"Checks the version of PHP.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of PHP running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP running on the remote web\nserver is 5.6.x prior to 5.6.24. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A man-in-the-middle vulnerability exists, known as\n 'httpoxy', due to a failure to properly resolve\n namespace conflicts in accordance with RFC 3875 section\n 4.1.18. The HTTP_PROXY environment variable is set based\n on untrusted user data in the 'Proxy' header of HTTP\n requests. The HTTP_PROXY environment variable is used by\n some web client libraries to specify a remote proxy\n server. An unauthenticated, remote attacker can exploit\n this, via a crafted 'Proxy' header in an HTTP request,\n to redirect an application's internal HTTP traffic to an\n arbitrary proxy server where it may be observed or\n manipulated. (CVE-2016-5385)\n\n - An overflow condition exists in the php_bz2iop_read()\n function within file ext/bz2/bz2.c due to improper\n handling of error conditions. An unauthenticated, remote\n attacker can exploit this, via a crafted request, to\n execute arbitrary code. (CVE-2016-5399)\n\n - A flaw exists in the GD Graphics Library (libgd),\n specifically in the gdImageScaleTwoPass() function\n within file gd_interpolation.c, due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this to cause a denial of\n service condition. (CVE-2016-6207)\n\n - An integer overflow condition exists in the\n virtual_file_ex() function within file\n Zend/zend_virtual_cwd.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2016-6289)\n\n - A use-after-free error exists within the file\n ext/session/session.c when handling 'var_hash'\n destruction. An unauthenticated, remote attacker can\n exploit this to deference already freed memory,\n resulting in the execution of arbitrary code.\n (CVE-2016-6290)\n\n - An out-of-bounds read error exists in the\n exif_process_IFD_in_MAKERNOTE() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition or\n disclose memory contents. (CVE-2016-6291)\n\n - A NULL pointer dereference flaw exists in the\n exif_process_user_comment() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition.\n (CVE-2016-6292)\n\n - Multiple out-of-bounds read errors exist in the\n locale_accept_from_http() function within file\n ext/intl/locale/locale_methods.c. An unauthenticated,\n remote attacker can exploit these to cause a denial of\n service condition or disclose memory contents.\n (CVE-2016-6293, CVE-2016-6294)\n\n - A use-after-free error exists within file\n ext/snmp/snmp.c when handling garbage collection during\n deserialization of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n deference already freed memory, resulting in the\n execution of arbitrary code. (CVE-2016-6295)\n\n - A heap-based buffer overflow condition exists in the\n simplestring_addn() function within file simplestring.c\n due to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6296)\n\n - An integer overflow condition exists in the\n php_stream_zip_opener() function within file\n ext/zip/zip_stream.c due to improper validation of\n user-supplied input when handling zip streams. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6297)\n\n - An out-of-bounds read error exists in the GD Graphics\n Library (libgd), specifically in the\n gdImageScaleBilinearPalette() function within file\n gd_interpolation.c, when handling transparent color. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or disclose\n memory contents.\n\n - A heap-based buffer overflow condition exists in the\n mdecrypt_generic() function within file\n ext/mcrypt/mcrypt.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code.\n\n - A NULL write flaw exists in the GD Graphics Library\n (libgd) in the gdImageColorTransparent() function due to\n improper handling of negative transparent colors. A\n remote attacker can exploit this to disclose memory\n contents.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.6.24\");\n script_set_attribute(attribute:\"see_also\", value:\"https://httpoxy.org\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.6.24 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-6290\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.6)?$\")\n audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.6\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.6.x\", port);\n\nif (version =~ \"^5\\.6\\.\" && ver_compare(ver:version, fix:\"5.6.24\", strict:FALSE) < 0){\n security_report_v4(\n port : port,\n extra :\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 5.6.24' +\n '\\n',\n severity:SECURITY_HOLE\n );\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-01T05:20:09", "description": "According to its banner, the version of PHP running on the remote web\nserver is 7.0.x prior to 7.0.9. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A man-in-the-middle vulnerability exists, known as\n 'httpoxy', due to a failure to properly resolve\n namespace conflicts in accordance with RFC 3875 section\n 4.1.18. The HTTP_PROXY environment variable is set based\n on untrusted user data in the 'Proxy' header of HTTP\n requests. The HTTP_PROXY environment variable is used by\n some web client libraries to specify a remote proxy\n server. An unauthenticated, remote attacker can exploit\n this, via a crafted 'Proxy' header in an HTTP request,\n to redirect an application's internal HTTP traffic to an\n arbitrary proxy server where it may be observed or\n manipulated. (CVE-2016-5385)\n\n - An overflow condition exists in the php_bz2iop_read()\n function within file ext/bz2/bz2.c due to improper\n handling of error conditions. An unauthenticated, remote\n attacker can exploit this, via a crafted request, to\n execute arbitrary code. (CVE-2016-5399)\n\n - A flaw exists in the GD Graphics Library (libgd),\n specifically in the gdImageScaleTwoPass() function\n within file gd_interpolation.c, due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this to cause a denial of\n service condition. (CVE-2016-6207)\n\n - An integer overflow condition exists in the\n virtual_file_ex() function within file\n Zend/zend_virtual_cwd.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2016-6289)\n\n - A use-after-free error exists within the file\n ext/session/session.c when handling 'var_hash'\n destruction. An unauthenticated, remote attacker can\n exploit this to deference already freed memory,\n resulting in the execution of arbitrary code.\n (CVE-2016-6290)\n\n - An out-of-bounds read error exists in the\n exif_process_IFD_in_MAKERNOTE() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition or\n disclose memory contents. (CVE-2016-6291)\n\n - A NULL pointer dereference flaw exists in the\n exif_process_user_comment() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition.\n (CVE-2016-6292)\n\n - Multiple out-of-bounds read errors exist in the\n locale_accept_from_http() function within file\n ext/intl/locale/locale_methods.c. An unauthenticated,\n remote attacker can exploit these to cause a denial of\n service condition or disclose memory contents.\n (CVE-2016-6293, CVE-2016-6294)\n\n - A use-after-free error exists within file\n ext/snmp/snmp.c when handling garbage collection during\n deserialization of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n deference already freed memory, resulting in the\n execution of arbitrary code. (CVE-2016-6295)\n\n - A heap-based buffer overflow condition exists in the\n simplestring_addn() function within file simplestring.c\n due to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6296)\n\n - An integer overflow condition exists in the\n php_stream_zip_opener() function within file\n ext/zip/zip_stream.c due to improper validation of\n user-supplied input when handling zip streams. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6297)\n\n - An out-of-bounds read error exists in the GD Graphics\n Library (libgd), specifically in the\n gdImageScaleBilinearPalette() function within file\n gd_interpolation.c, when handling transparent color. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or disclose\n memory contents.\n\n - A heap-based buffer overflow condition exists in the\n mdecrypt_generic() function within file\n ext/mcrypt/mcrypt.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code.\n\n - A flaw exists in the curl_unescape() function within\n file ext/curl/interface.c when handling string lengths.\n An unauthenticated, remote attacker can exploit this to\n cause heap corruption, resulting in a denial of service\n condition.\n\n - A heap-based buffer overflow condition exists in the\n mcrypt_generic() function within file\n ext/mcrypt/mcrypt.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code.\n\n - A NULL write flaw exists in the GD Graphics Library\n (libgd) in the gdImageColorTransparent() function due to\n improper handling of negative transparent colors. A\n remote attacker can exploit this to disclose memory\n contents.", "edition": 30, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-07-26T00:00:00", "title": "PHP 7.0.x < 7.0.9 Multiple Vulnerabilities (httpoxy)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5399", "CVE-2016-5385", "CVE-2016-6290", "CVE-2016-6207", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-6293", "CVE-2016-6289", "CVE-2016-6294", "CVE-2016-6291", "CVE-2016-6296"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_7_0_9.NASL", "href": "https://www.tenable.com/plugins/nessus/92556", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92556);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/11/19\");\n\n script_cve_id(\n \"CVE-2016-5385\",\n \"CVE-2016-5399\",\n \"CVE-2016-6207\",\n \"CVE-2016-6289\",\n \"CVE-2016-6290\",\n \"CVE-2016-6291\",\n \"CVE-2016-6292\",\n \"CVE-2016-6293\",\n \"CVE-2016-6294\",\n \"CVE-2016-6295\",\n \"CVE-2016-6296\",\n \"CVE-2016-6297\"\n );\n script_bugtraq_id(\n 91821,\n 92051,\n 92073,\n 92074,\n 92078,\n 92094,\n 92095,\n 92097,\n 92099\n );\n script_xref(name:\"CERT\", value:\"797896\");\n script_xref(name:\"EDB-ID\", value:\"40155\");\n\n script_name(english:\"PHP 7.0.x < 7.0.9 Multiple Vulnerabilities (httpoxy)\");\n script_summary(english:\"Checks the version of PHP.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of PHP running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP running on the remote web\nserver is 7.0.x prior to 7.0.9. It is, therefore, affected by multiple\nvulnerabilities :\n\n - A man-in-the-middle vulnerability exists, known as\n 'httpoxy', due to a failure to properly resolve\n namespace conflicts in accordance with RFC 3875 section\n 4.1.18. The HTTP_PROXY environment variable is set based\n on untrusted user data in the 'Proxy' header of HTTP\n requests. The HTTP_PROXY environment variable is used by\n some web client libraries to specify a remote proxy\n server. An unauthenticated, remote attacker can exploit\n this, via a crafted 'Proxy' header in an HTTP request,\n to redirect an application's internal HTTP traffic to an\n arbitrary proxy server where it may be observed or\n manipulated. (CVE-2016-5385)\n\n - An overflow condition exists in the php_bz2iop_read()\n function within file ext/bz2/bz2.c due to improper\n handling of error conditions. An unauthenticated, remote\n attacker can exploit this, via a crafted request, to\n execute arbitrary code. (CVE-2016-5399)\n\n - A flaw exists in the GD Graphics Library (libgd),\n specifically in the gdImageScaleTwoPass() function\n within file gd_interpolation.c, due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this to cause a denial of\n service condition. (CVE-2016-6207)\n\n - An integer overflow condition exists in the\n virtual_file_ex() function within file\n Zend/zend_virtual_cwd.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2016-6289)\n\n - A use-after-free error exists within the file\n ext/session/session.c when handling 'var_hash'\n destruction. An unauthenticated, remote attacker can\n exploit this to deference already freed memory,\n resulting in the execution of arbitrary code.\n (CVE-2016-6290)\n\n - An out-of-bounds read error exists in the\n exif_process_IFD_in_MAKERNOTE() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition or\n disclose memory contents. (CVE-2016-6291)\n\n - A NULL pointer dereference flaw exists in the\n exif_process_user_comment() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition.\n (CVE-2016-6292)\n\n - Multiple out-of-bounds read errors exist in the\n locale_accept_from_http() function within file\n ext/intl/locale/locale_methods.c. An unauthenticated,\n remote attacker can exploit these to cause a denial of\n service condition or disclose memory contents.\n (CVE-2016-6293, CVE-2016-6294)\n\n - A use-after-free error exists within file\n ext/snmp/snmp.c when handling garbage collection during\n deserialization of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n deference already freed memory, resulting in the\n execution of arbitrary code. (CVE-2016-6295)\n\n - A heap-based buffer overflow condition exists in the\n simplestring_addn() function within file simplestring.c\n due to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6296)\n\n - An integer overflow condition exists in the\n php_stream_zip_opener() function within file\n ext/zip/zip_stream.c due to improper validation of\n user-supplied input when handling zip streams. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6297)\n\n - An out-of-bounds read error exists in the GD Graphics\n Library (libgd), specifically in the\n gdImageScaleBilinearPalette() function within file\n gd_interpolation.c, when handling transparent color. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or disclose\n memory contents.\n\n - A heap-based buffer overflow condition exists in the\n mdecrypt_generic() function within file\n ext/mcrypt/mcrypt.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code.\n\n - A flaw exists in the curl_unescape() function within\n file ext/curl/interface.c when handling string lengths.\n An unauthenticated, remote attacker can exploit this to\n cause heap corruption, resulting in a denial of service\n condition.\n\n - A heap-based buffer overflow condition exists in the\n mcrypt_generic() function within file\n ext/mcrypt/mcrypt.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code.\n\n - A NULL write flaw exists in the GD Graphics Library\n (libgd) in the gdImageColorTransparent() function due to\n improper handling of negative transparent colors. A\n remote attacker can exploit this to disclose memory\n contents.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-7.php#7.0.9\");\n script_set_attribute(attribute:\"see_also\", value:\"https://httpoxy.org\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 7.0.9 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-6296\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^7(\\.0)?$\")\n audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^7\\.0\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 7.0.x\", port);\n\nif (version =~ \"^7\\.0\\.\" && ver_compare(ver:version, fix:\"7.0.9\", strict:FALSE) < 0){\n security_report_v4(\n port : port,\n extra :\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 7.0.9' +\n '\\n',\n severity:SECURITY_HOLE\n );\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:30:44", "description": "Shotwell was updated to fix the following issues :\n\n - boo#958382: Shotwell did not perform TLS certificate\n verification when publishing photos to external services", "edition": 20, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-23T00:00:00", "title": "openSUSE Security Update : shotwell (openSUSE-2016-844)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5771", "CVE-2016-5772", "CVE-2016-5770", "CVE-2016-5768", "CVE-2016-5769", "CVE-2015-8935", "CVE-2016-5773", "CVE-2016-5766", "CVE-2016-5767"], "modified": "2016-03-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "cpe:/o:novell:opensuse:42.1", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "p-cpe:/a:novell:opensuse:shotwell-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-opcache", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:shotwell-lang", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:shotwell", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:php5-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-opcache-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:shotwell-debugsource", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-ldap"], "id": "OPENSUSE-2016-844.NASL", "href": "https://www.tenable.com/plugins/nessus/90108", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-844.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90108);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8935\", \"CVE-2016-5766\", \"CVE-2016-5767\", \"CVE-2016-5768\", \"CVE-2016-5769\", \"CVE-2016-5770\", \"CVE-2016-5771\", \"CVE-2016-5772\", \"CVE-2016-5773\");\n\n script_name(english:\"openSUSE Security Update : shotwell (openSUSE-2016-844)\");\n script_summary(english:\"Check for the openSUSE-2016-844 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Shotwell was updated to fix the following issues :\n\n - boo#958382: Shotwell did not perform TLS certificate\n verification when publishing photos to external services\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=958382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=986004\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=986244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=986246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=986247\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=986386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=986388\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=986391\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=986392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=986393\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected shotwell packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:shotwell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:shotwell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:shotwell-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:shotwell-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debugsource-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-devel-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pear-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-debuginfo-5.6.1-69.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"shotwell-0.22.0+git.20160103-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"shotwell-debuginfo-0.22.0+git.20160103-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"shotwell-debugsource-0.22.0+git.20160103-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"shotwell-lang-0.22.0+git.20160103-5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "f5": [{"lastseen": "2017-06-08T00:16:20", "bulletinFamily": "software", "cvelist": ["CVE-2016-6288", "CVE-2016-6289"], "edition": 1, "description": "\nF5 Product Development has assigned ID 619957 (BIG-IQ) and ID 619961 (Enterprise Manager) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H622695 on the **Diagnostics** > **Identified** > **Low** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.11 \n11.4.0 - 11.6.11 \n11.2.11 \n10.2.1 - 10.2.41| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.11 \n11.4.0 - 11.6.11| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.11 \n11.4.0 - 11.6.11| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.11 \n11.4.0 - 11.6.11 \n11.2.11| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.11 \n11.4.0 - 11.6.11 \n11.2.11 \n10.2.1 - 10.2.41| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.11 \n11.4.0 - 11.6.11 \n11.2.11 \n10.2.1 - 10.2.41| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.11| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.11 \n10.2.1 - 10.2.41| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.11 \n11.2.11 \n10.2.1 - 10.2.41| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.11 \n11.4.0 - 11.6.11 \n11.2.11 \n10.2.1 - 10.2.41| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.11 \n11.4.0 - 11.6.11| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.11 \n10.2.1 - 10.2.41| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.11 \n10.2.1 - 10.2.41| Not vulnerable| None \nBIG-IP WebSafe| None| 12.0.0 - 12.1.11 \n11.6.0 - 11.6.11| Not vulnerable \n\n| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| 3.1.1| None| Low| PHP \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Low| PHP \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Low| PHP \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Low| PHP \nBIG-IQ ADC| 4.5.0| None| Low| PHP \nBIG-IQ Centralized Management| 5.0.0 - 5.1.0 \n4.6.0| None| Low| PHP \nBIG-IQ Cloud and Orchestration| 1.0.0| None| Low| PHP \nF5 iWorkflow| None| 2.0.0 - 2.0.2| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| None| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| Not vulnerable| None \n \n1The specified products contain the affected code, though F5 identifies the vulnerability status as Not Vulnerable, because the attacker cannot exploit the code in default, standard, or recommended configurations.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\nMitigation\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "modified": "2017-04-06T16:50:00", "published": "2016-12-07T08:05:00", "href": "https://support.f5.com/csp/article/K34985231", "id": "F5:K34985231", "title": "PHP vulnerabilities CVE-2016-6288 and CVE-2016-6289", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-06-08T00:16:15", "bulletinFamily": "software", "cvelist": ["CVE-2015-8935"], "edition": 1, "description": "\nF5 Product Development has assigned ID 620684 (BIG-IP), ID 619028 (BIG-IQ), ID 619034 (Enterprise Manager), and ID 619917 (F5 iWorkflow) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H623233 on the **Diagnostics** > **Identified** > **Low** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 11.6.0 \n11.4.0 - 11.5.3 \n11.2.1 \n10.2.1 - 10.2.4| 12.0.0 - 12.1.1 \n11.6.1 \n11.5.4| Low| PHP \nBIG-IP AAM| 11.6.0 \n11.4.0 - 11.5.3| 12.0.0 - 12.1.1 \n11.6.1 \n11.5.4| Low| PHP \nBIG-IP AFM| 11.6.0 \n11.4.0 - 11.5.3| 12.0.0 - 12.1.1 \n11.6.1 \n11.5.4| Low| PHP \nBIG-IP Analytics| 11.6.0 \n11.4.0 - 11.5.3 \n11.2.1| 12.0.0 - 12.1.1 \n11.6.1 \n11.5.4| Low| PHP \nBIG-IP APM| 11.6.0 \n11.4.0 - 11.5.3 \n11.2.1 \n10.2.1 - 10.2.4| 12.0.0 - 12.1.1 \n11.6.1 \n11.5.4| Low| PHP \nBIG-IP ASM| 111.6.0 \n11.4.0 - 11.5.3 \n11.2.1 \n10.2.1 - 10.2.4| 12.0.0 - 12.1.1 \n11.6.1 \n11.5.4| Low| PHP \nBIG-IP DNS| None| 12.0.0 - 12.1.1| Not vulnerable| None \nBIG-IP Edge Gateway| 11.2.1 \n10.2.1 - 10.2.4| None| Low| PHP \nBIG-IP GTM| 11.6.0 \n11.4.0 - 11.5.3 \n11.2.1 \n10.2.1 - 10.2.4| 11.6.1 \n11.5.4| Low| PHP \nBIG-IP Link Controller| 11.6.0 \n11.4.0 - 11.5.3 \n11.2.1 \n10.2.1 - 10.2.4| 12.0.0 - 12.1.1 \n11.6.1 \n11.5.4| Low| PHP \nBIG-IP PEM| 11.6.0 \n11.4.0 - 11.5.3| 12.0.0 - 12.1.1 \n11.6.1 \n11.5.4| Low| PHP \nBIG-IP PSM| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| None| Low| PHP \nBIG-IP WebAccelerator| 11.2.1 \n10.2.1 - 10.2.4| None| Low| PHP \nBIG-IP WOM| 11.2.1 \n10.2.1 - 10.2.4| None| Low| PHP \nBIG-IP WebSafe| 11.6.0| 12.0.0 - 12.1.0 \n11.6.1| Low| PHP \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| 3.1.1| None| Medium| PHP \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Low| PHP \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Low| PHP \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Low| PHP \nBIG-IQ ADC| 4.5.0| None| Low| PHP \nBIG-IQ Centralized Management| 5.0.0 - 5.1.0 \n4.6.0| None| Low| PHP \nBIG-IQ Cloud and Orchestration| 1.0.0| None| Low| PHP \nF5 iWorkflow| 2.0.0 - 2.0.1| None| Low| PHP \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| None| 5.0.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 12.x)](<https://support.f5.com/csp/article/K13123>)\n * [K10025: Managing BIG-IP product hotfixes (10.x)](<https://support.f5.com/csp/article/K10025>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n * [K15106: Managing BIG-IQ product hotfixes](<https://support.f5.com/csp/article/K15106>)\n * [K15113: BIG-IQ hotfix matrix](<https://support.f5.com/csp/article/K15113>)\n", "modified": "2017-01-19T23:58:00", "published": "2016-10-18T22:31:00", "href": "https://support.f5.com/csp/article/K63712424", "id": "F5:K63712424", "title": "PHP vulnerability CVE-2015-8935", "type": "f5", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-06-08T00:16:29", "bulletinFamily": "software", "cvelist": ["CVE-2016-6290"], "edition": 1, "description": "\nF5 Product Development has assigned ID 619957 (BIG-IQ) and ID 619961 (Enterprise Manager) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H622694 on the **Diagnostics** > **Identified** > **Low** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable1| None \nBIG-IP AAM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable1| None \nBIG-IP AFM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable1| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable1| None \nBIG-IP APM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable1| None \nBIG-IP ASM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable1| None \nBIG-IP DNS| None| 12.0.0 - 12.1.1| Not vulnerable1| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable1| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable1| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable1| None \nBIG-IP PEM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable1| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable1| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable1| None \nBIG-IP WebSafe| None| 12.0.0 - 12.1.1 \n11.6.0 - 11.6.1| Not vulnerable2| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| 3.1.1| None| Low| PHP \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Low| PHP \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Low| PHP \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Low| PHP \nBIG-IQ ADC| 4.5.0| None| Low| PHP \nBIG-IQ Centralized Management| 5.0.0 - 5.1.0 \n4.6.0| None| Low| PHP \nBIG-IQ Cloud and Orchestration| 1.0.0| None| Low| PHP \nF5 iWorkflow| None| 2.0.0 - 2.0.2| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| None| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| Not vulnerable| None \n \n1 The specified products contain the affected code, though F5 identifies the vulnerability status as Not vulnerable because the attacker cannot exploit the code in default, standard, or recommended configurations. \n2 F5 recommends that customers upgrade the PHP software for the server operating system used with the F5 WebSafe Dashboard to address CVE-2016-6290.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\n**Mitigation**\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "modified": "2017-01-19T23:22:00", "published": "2016-12-07T23:24:00", "id": "F5:K15850913", "href": "https://support.f5.com/csp/article/K15850913", "title": "PHP vulnerability CVE-2016-6290", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-06-08T00:16:38", "bulletinFamily": "software", "cvelist": ["CVE-2016-5769"], "edition": 1, "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.1| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebSafe| None| 12.0.0 - 12.1.1 \n11.6.0 - 11.6.1| Not vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.1.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0 - 2.0.1| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| None| 5.0.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2016-10-23T18:20:00", "published": "2016-10-23T18:20:00", "id": "F5:K21042398", "href": "https://support.f5.com/csp/article/K21042398", "title": "PHP vulnerability CVE-2016-5769", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-10-18T21:24:57", "bulletinFamily": "software", "cvelist": ["CVE-2015-8935"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to SOL21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL9502: BIG-IP hotfix matrix\n * SOL15106: Managing BIG-IQ product hotfixes\n * SOL15113: BIG-IQ hotfix matrix\n", "modified": "2016-10-18T00:00:00", "published": "2016-10-18T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/63/sol63712424.html", "id": "SOL63712424", "type": "f5", "title": "SOL63712424 - PHP vulnerability CVE-2015-8935", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-04-06T22:39:41", "bulletinFamily": "software", "cvelist": ["CVE-2016-5767"], "description": "\nF5 Product Development has assigned ID 601268 (BIG-IP) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H622706 on the **Diagnostics** > **Identified** > **Low** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 \n11.2.1 \n10.2.1 - 10.2.4 | 14.0.0 \n13.0.0 - 13.1.1 \n12.1.2 HF1 - 12.1.3 \n11.6.2 - 11.6.3 \n11.5.6 - 11.5.7 | Low | PHP \nBIG-IP AAM | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 | 14.0.0 \n13.0.0 - 13.1.1 \n12.1.2 HF1 - 12.1.3 \n11.6.2 - 11.6.3 \n11.5.6 - 11.5.7 | Low | PHP \nBIG-IP AFM | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 | 14.0.0 \n13.0.0 - 13.1.1 \n12.1.2 HF1 - 12.1.3 \n11.6.2 - 11.6.3 \n11.5.6 - 11.5.7 | Low | PHP \nBIG-IP Analytics | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 \n11.2.1 | 14.0.0 \n13.0.0 - 13.1.1 \n12.1.2 HF1 - 12.1.3 \n11.6.2 - 11.6.3 \n11.5.6 - 11.5.7 | Low | PHP \nBIG-IP APM | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 \n11.2.1 \n10.2.1 - 10.2.4 | 14.0.0 \n13.0.0 - 13.1.1 \n12.1.2 HF1 - 12.1.3 \n11.6.2 - 11.6.3 \n11.5.6 - 11.5.7 | Low | PHP \nBIG-IP ASM | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 \n11.2.1 \n10.2.1 - 10.2.4 | 14.0.0 \n13.0.0 - 13.1.1 \n12.1.2 HF1 - 12.1.3 \n11.6.2 - 11.6.3 \n11.5.6 - 11.5.7 | Low | PHP \nBIG-IP DNS | 12.0.0 - 12.1.2 | 14.0.0 \n13.0.0 - 13.1.1 \n12.1.2 HF1 - 12.1.3 | Low | PHP \nBIG-IP Edge Gateway | 11.2.1 \n10.2.1 - 10.2.4 | None | Low | PHP \nBIG-IP GTM | 11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 \n11.2.1 \n10.2.1 - 10.2.4 | 11.6.2 - 11.6.3 \n11.5.6 - 11.5.7 | Low | PHP \nBIG-IP Link Controller | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 \n11.2.1 \n10.2.1 - 10.2.4 | 14.0.0 \n13.0.0 - 13.1.1 \n12.1.2 HF1 - 12.1.3 \n11.6.2 - 11.6.3 \n11.5.6 - 11.5.7 | Low | PHP \nBIG-IP PEM | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 | 14.0.0 \n13.0.0 - 13.1.1 \n12.1.2 HF1 - 12.1.3 \n11.6.2 - 11.6.3 \n11.5.6 - 11.5.7 | Low | PHP \nBIG-IP PSM | 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4 | None | Low | PHP \nBIG-IP WebAccelerator | 11.2.1 \n10.2.1 - 10.2.4 | None | Low | PHP \nBIG-IP WOM | 11.2.1 \n10.2.1 - 10.2.4 | None | Low | PHP \nBIG-IP WebSafe | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 | 14.0.0 \n13.0.0 - 13.1.1 \n12.1.2 HF1 - 12.1.3 \n11.6.2 - 11.6.3 \n11.5.6 - 11.5.7 | Low \n\n \n\n| PHP \nEnterprise Manager | None | 3.1.1 | Not vulnerable | None \nFirePass | None | 7.0.0 | Not vulnerable | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nBIG-IQ Centralized Management | None | 5.0.0 - 5.1.0 \n4.6.0 | Not vulnerable | None \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | Not vulnerable | None \nF5 iWorkflow | None | 2.0.0 - 2.0.1 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nTraffix SDC | None | 5.0.0 \n4.0.0 - 4.4.0 | Not vulnerable | None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you can revert any BIG-IP system customization to the default, standard, or recommended configurations.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "edition": 1, "modified": "2018-09-07T02:23:00", "published": "2016-10-19T20:40:00", "id": "F5:K03534020", "href": "https://support.f5.com/csp/article/K03534020", "title": "PHP vulnerability CVE-2016-5767", "type": "f5", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-31T20:03:04", "bulletinFamily": "software", "cvelist": ["CVE-2016-5766"], "description": "\nF5 Product Development has assigned ID 601268 (BIG-IP), ID 608721 (BIG-IQ), and ID 608723 (Enterprise Manager) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H620618 on the **Diagnostics** > **Identified** > **Low** screen. \n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 \n11.2.1 \n10.2.1 - 10.2.4 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 | Low | PHP \nBIG-IP AAM | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 | Low | PHP \nBIG-IP AFM | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 | Low | PHP \nBIG-IP Analytics | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 \n11.2.1 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 | Low | PHP \nBIG-IP APM | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 \n11.2.1 \n10.2.1 - 10.2.4 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 | Low | PHP \nBIG-IP ASM | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 \n11.2.1 \n10.2.1 - 10.2.4 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 | Low | PHP \nBIG-IP DNS | 12.0.0 - 12.1.2 | 13.0.0 \n12.1.2 HF1 | Low | PHP \nBIG-IP Edge Gateway | 11.2.1 \n10.2.1 - 10.2.4 | None | Low | PHP \nBIG-IP GTM | 11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 \n11.2.1 \n10.2.1 - 10.2.4 | 11.6.2 \n11.5.6 | Low | PHP \nBIG-IP Link Controller | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 \n11.2.1 \n10.2.1 - 10.2.4 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 | Low | PHP \nBIG-IP PEM | 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 \n11.4.0 - 11.5.5 | 13.0.0 \n12.1.2 HF1 \n11.6.2 \n11.5.6 | Low | PHP \nBIG-IP PSM | 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4 | None | Low | PHP \nBIG-IP WebAccelerator | 11.2.1 \n10.2.1 - 10.2.4 | None | Low | PHP \nBIG-IP WOM | 11.2.1 \n10.2.1 - 10.2.4 | None | Low | PHP \nBIG-IP WebSafe | 12.0.0 - 12.1.2 | 13.0.0 \n12.1.2 HF1 | Low | PHP \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | 3.1.1 | None | Low | PHP \nFirePass | None | 7.0.0 | Not vulnerable | None \nBIG-IQ Cloud | 4.0.0 - 4.5.0 | None | Low | PHP \nBIG-IQ Device | 4.2.0 - 4.5.0 | None | Low | PHP \nBIG-IQ Security | 4.0.0 - 4.5.0 | None | Low | PHP \nBIG-IQ ADC | 4.5.0 | None | Low | PHP \nBIG-IQ Centralized Management | 5.0.0 - 5.1.0 \n4.6.0 | None | Low | PHP \nBIG-IQ Cloud and Orchestration | 1.0.0 | None | Low | PHP \nF5 iWorkflow | None | 2.0.0 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nTraffix SDC | None | 5.0.0 \n4.0.0 - 4.4.0 | Not vulnerable | None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\nMitigation\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "edition": 1, "modified": "2018-04-16T20:18:00", "published": "2016-10-13T23:44:00", "id": "F5:K43267483", "href": "https://support.f5.com/csp/article/K43267483", "title": "PHP vulnerability CVE-2016-5766", "type": "f5", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2016-11-28T21:27:17", "bulletinFamily": "software", "cvelist": ["CVE-2016-6289"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to SOL21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems.\n\nMitigation\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL15106: Managing BIG-IQ product hotfixes\n * SOL15113: BIG-IQ hotfix matrix\n", "modified": "2016-11-18T00:00:00", "published": "2016-11-18T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/52/sol52430518.html", "id": "SOL52430518", "type": "f5", "title": "SOL52430518 - PHP vulnerability CVE-2016-6289", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-10-23T17:24:39", "bulletinFamily": "software", "cvelist": ["CVE-2016-5769"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2016-10-23T00:00:00", "published": "2016-10-23T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/21/sol21042398.html", "id": "SOL21042398", "type": "f5", "title": "SOL21042398 - PHP vulnerability CVE-2016-5769", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-06-08T00:16:19", "bulletinFamily": "software", "cvelist": ["CVE-2016-5772"], "edition": 1, "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.1| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebSafe| None| 12.0.0 - 12.1.1 \n11.6.0 - 11.6.1| Not Vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.1.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| None| 5.0.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2016-10-19T20:39:00", "published": "2016-10-07T18:14:00", "id": "F5:K67644055", "href": "https://support.f5.com/csp/article/K67644055", "title": "PHP vulnerability CVE-2016-5772", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "suse": [{"lastseen": "2016-09-04T11:31:29", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5772", "CVE-2016-5769", "CVE-2015-8935", "CVE-2016-5766", "CVE-2016-5767"], "description": "php53 was updated to fix five security issues.\n\n These security issues were fixed:\n - CVE-2016-5769: mcrypt: Heap Overflow due to integer overflows\n (bsc#986388).\n - CVE-2015-8935: XSS in header() with Internet Explorer (bsc#986004).\n - CVE-2016-5772: Double Free Courruption in wddx_deserialize (bsc#986244).\n - CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap\n overflow (bsc#986386).\n - CVE-2016-5767: Integer Overflow in gdImagePaletteToTrueColor() resulting\n in heap overflow (bsc#986393).\n\n", "edition": 1, "modified": "2016-08-09T17:37:56", "published": "2016-08-09T17:37:56", "id": "SUSE-SU-2016:2013-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html", "type": "suse", "title": "Security update for php53 (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:03:49", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5771", "CVE-2016-5772", "CVE-2016-5770", "CVE-2016-5768", "CVE-2016-5769", "CVE-2015-8935", "CVE-2016-5773", "CVE-2016-5766", "CVE-2016-5767"], "description": "php5 was updated to fix nine security issues.\n\n These security issues were fixed:\n - CVE-2016-5773: ZipArchive class Use After Free Vulnerability in PHP's GC\n algorithm and unserialize (bsc#986247).\n - CVE-2016-5772: Double Free Courruption in wddx_deserialize (bsc#986244).\n - CVE-2016-5771: Use After Free Vulnerability in PHP's GC algorithm and\n unserialize (bsc#986391).\n - CVE-2016-5770: int/size_t confusion in SplFileObject::fread (bsc#986392).\n - CVE-2016-5768: Double free in _php_mb_regex_ereg_replace_exec -\n (bsc#986246).\n - CVE-2016-5769: mcrypt: Heap Overflow due to integer overflows\n (bsc#986388).\n - CVE-2015-8935: XSS in header() with Internet Explorer (bsc#986004).\n - CVE-2016-5767: Integer Overflow in gdImagePaletteToTrueColor() resulting\n in heap overflow (bsc#986393).\n - CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap\n overflow (bsc#986386).\n\n", "edition": 1, "modified": "2016-07-07T18:08:23", "published": "2016-07-07T18:08:23", "id": "OPENSUSE-SU-2016:1761-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html", "type": "suse", "title": "Security update for php5 (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-16T20:38:55", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5399", "CVE-2016-6288", "CVE-2016-6290", "CVE-2016-7127", "CVE-2016-7131", "CVE-2014-3587", "CVE-2016-7125", "CVE-2016-7130", "CVE-2016-7129", "CVE-2016-7126", "CVE-2016-6297", "CVE-2016-3587", "CVE-2016-6289", "CVE-2016-7124", "CVE-2016-7128", "CVE-2016-7132", "CVE-2016-6291", "CVE-2016-6296"], "description": "This update for php53 fixes the following security issues:\n\n * CVE-2014-3587: Integer overflow in the cdf_read_property_info affecting\n SLES11 SP3 [bsc#987530]\n * CVE-2016-6297: Stack-based buffer overflow vulnerability in\n php_stream_zip_opener [bsc#991426]\n * CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE\n [bsc#991427]\n * CVE-2016-6289: Integer overflow leads to buffer overflow in\n virtual_file_ex [bsc#991428]\n * CVE-2016-6290: Use after free in unserialize() with Unexpected Session\n Deserialization [bsc#991429]\n * CVE-2016-5399: Improper error handling in bzread() [bsc#991430]\n * CVE-2016-6288: Buffer over-read in php_url_parse_ex [bsc#991433]\n * CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn\n in simplestring.c [bsc#991437]\n * CVE-2016-7124: Create an Unexpected Object and Don't Invoke __wakeup()\n in Deserialization\n * CVE-2016-7125: PHP Session Data Injection Vulnerability\n * CVE-2016-7126: select_colors write out-of-bounds\n * CVE-2016-7127: imagegammacorrect allowed arbitrary write access\n * CVE-2016-7128: Memory Leakage In exif_process_IFD_in_TIFF\n * CVE-2016-7129: wddx_deserialize allows illegal memory access\n * CVE-2016-7130: wddx_deserialize null dereference\n * CVE-2016-7131: wddx_deserialize null dereference with invalid xml\n * CVE-2016-7132: wddx_deserialize null dereference in php_wddx_pop_element\n\n", "edition": 1, "modified": "2016-09-16T21:09:09", "published": "2016-09-16T21:09:09", "id": "SUSE-SU-2016:2328-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00014.html", "type": "suse", "title": "Security update for php53 (important)", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-28T13:27:47", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5399", "CVE-2016-6288", "CVE-2016-6290", "CVE-2016-7127", "CVE-2016-7131", "CVE-2014-3587", "CVE-2016-7125", "CVE-2016-7134", "CVE-2016-7130", "CVE-2016-7129", "CVE-2016-6128", "CVE-2016-7126", "CVE-2016-6161", "CVE-2016-6207", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-3587", "CVE-2016-6289", "CVE-2016-7124", "CVE-2016-7128", "CVE-2016-7132", "CVE-2016-6291", "CVE-2016-6296"], "edition": 1, "description": "This update for php5 fixes the following security issues:\n\n * CVE-2016-6128: Invalid color index not properly handled [bsc#987580]\n * CVE-2016-6161: global out of bounds read when encoding gif from\n malformed input withgd2togif [bsc#988032]\n * CVE-2016-6292: Null pointer dereference in exif_process_user_comment\n [bsc#991422]\n * CVE-2016-6295: Use after free in SNMP with GC and unserialize()\n [bsc#991424]\n * CVE-2016-6297: Stack-based buffer overflow vulnerability in\n php_stream_zip_opener [bsc#991426]\n * CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE\n [bsc#991427]\n * CVE-2016-6289: Integer overflow leads to buffer overflow in\n virtual_file_ex [bsc#991428]\n * CVE-2016-6290: Use after free in unserialize() with Unexpected Session\n Deserialization [bsc#991429]\n * CVE-2016-5399: Improper error handling in bzread() [bsc#991430]\n * CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn\n in simplestring.c [bsc#991437]\n * CVE-2016-6207: Integer overflow error within _gdContributionsAlloc()\n [bsc#991434]\n * CVE-2014-3587: Integer overflow in the cdf_read_property_info affecting\n SLES11 SP3 [bsc#987530]\n * CVE-2016-6288: Buffer over-read in php_url_parse_ex [bsc#991433]\n * CVE-2016-7124: Create an Unexpected Object and Don't Invoke __wakeup()\n in Deserialization\n * CVE-2016-7125: PHP Session Data Injection Vulnerability\n * CVE-2016-7126: select_colors write out-of-bounds\n * CVE-2016-7127: imagegammacorrect allowed arbitrary write access\n * CVE-2016-7128: Memory Leakage In exif_process_IFD_in_TIFF\n * CVE-2016-7129: wddx_deserialize allowed illegal memory access\n * CVE-2016-7130: wddx_deserialize null dereference\n * CVE-2016-7131: wddx_deserialize null dereference with invalid xml\n * CVE-2016-7132: wddx_deserialize null dereference in php_wddx_pop_element\n * CVE-2016-7134: Heap overflow in the function curl_escape\n\n", "modified": "2016-09-28T15:09:48", "published": "2016-09-28T15:09:48", "id": "SUSE-SU-2016:2408-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00032.html", "type": "suse", "title": "Security update for php5 (important)", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-10-04T17:27:47", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5399", "CVE-2016-6288", "CVE-2016-6290", "CVE-2016-7127", "CVE-2016-7131", "CVE-2014-3587", "CVE-2016-7125", "CVE-2016-7134", "CVE-2016-7130", "CVE-2016-7129", "CVE-2016-6128", "CVE-2016-7126", "CVE-2016-6161", "CVE-2016-6207", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-3587", "CVE-2016-6289", "CVE-2016-7124", "CVE-2016-7128", "CVE-2016-7132", "CVE-2016-6291", "CVE-2016-6296"], "edition": 1, "description": "This update for php5 fixes the following security issues:\n\n * CVE-2016-6128: Invalid color index not properly handled [bsc#987580]\n * CVE-2016-6161: global out of bounds read when encoding gif from\n malformed input withgd2togif [bsc#988032]\n * CVE-2016-6292: Null pointer dereference in exif_process_user_comment\n [bsc#991422]\n * CVE-2016-6295: Use after free in SNMP with GC and unserialize()\n [bsc#991424]\n * CVE-2016-6297: Stack-based buffer overflow vulnerability in\n php_stream_zip_opener [bsc#991426]\n * CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE\n [bsc#991427]\n * CVE-2016-6289: Integer overflow leads to buffer overflow in\n virtual_file_ex [bsc#991428]\n * CVE-2016-6290: Use after free in unserialize() with Unexpected Session\n Deserialization [bsc#991429]\n * CVE-2016-5399: Improper error handling in bzread() [bsc#991430]\n * CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn\n in simplestring.c [bsc#991437]\n * CVE-2016-6207: Integer overflow error within _gdContributionsAlloc()\n [bsc#991434]\n * CVE-2014-3587: Integer overflow in the cdf_read_property_info affecting\n SLES11 SP3 [bsc#987530]\n * CVE-2016-6288: Buffer over-read in php_url_parse_ex [bsc#991433]\n * CVE-2016-7124: Create an Unexpected Object and Don't Invoke __wakeup()\n in Deserialization\n * CVE-2016-7125: PHP Session Data Injection Vulnerability\n * CVE-2016-7126: select_colors write out-of-bounds\n * CVE-2016-7127: imagegammacorrect allowed arbitrary write access\n * CVE-2016-7128: Memory Leakage In exif_process_IFD_in_TIFF\n * CVE-2016-7129: wddx_deserialize allowed illegal memory access\n * CVE-2016-7130: wddx_deserialize null dereference\n * CVE-2016-7131: wddx_deserialize null dereference with invalid xml\n * CVE-2016-7132: wddx_deserialize null dereference in php_wddx_pop_element\n * CVE-2016-7134: Heap overflow in the function curl_escape\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "modified": "2016-10-04T17:11:09", "published": "2016-10-04T17:11:09", "id": "OPENSUSE-SU-2016:2451-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html", "type": "suse", "title": "Security update for php5 (important)", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2021-02-02T06:21:31", "description": "The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer by leveraging (1) %0A%20 or (2) %0D%0A%20 mishandling in the header function.", "edition": 6, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-08-07T10:59:00", "title": "CVE-2015-8935", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8935"], "modified": "2018-01-05T02:30:00", "cpe": ["cpe:/a:php:php:5.6.0", "cpe:/a:php:php:5.5.10", "cpe:/a:php:php:5.5.12", "cpe:/a:php:php:5.6.3", "cpe:/a:php:php:5.6.1", "cpe:/a:php:php:5.4.37", "cpe:/a:php:php:5.5.21", "cpe:/a:php:php:5.5.13", "cpe:/a:php:php:5.5.20", "cpe:/a:php:php:5.5.4", "cpe:/a:php:php:5.5.7", "cpe:/a:php:php:5.6.4", "cpe:/a:php:php:5.5.19", "cpe:/a:php:php:5.5.3", "cpe:/a:php:php:5.5.18", "cpe:/a:php:php:5.5.0", "cpe:/a:php:php:5.5.1", "cpe:/a:php:php:5.5.5", "cpe:/a:php:php:5.5.2", "cpe:/a:php:php:5.6.5", "cpe:/a:php:php:5.5.8", "cpe:/a:php:php:5.5.11", "cpe:/a:php:php:5.5.6", "cpe:/a:php:php:5.5.14", "cpe:/a:php:php:5.5.9", "cpe:/a:php:php:5.6.2"], "id": "CVE-2015-8935", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8935", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.4.37:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:09", "description": "Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function.", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-25T14:59:00", "title": "CVE-2016-6296", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6296"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/a:php:php:5.6.0", "cpe:/a:php:php:5.6.3", "cpe:/a:php:php:7.0.3", "cpe:/a:php:php:7.0.2", "cpe:/a:php:php:5.6.1", "cpe:/a:php:php:5.6.13", "cpe:/a:php:php:5.6.20", "cpe:/a:php:php:5.6.16", "cpe:/a:php:php:5.6.21", "cpe:/a:php:php:5.6.23", "cpe:/a:php:php:7.0.5", "cpe:/a:php:php:5.6.22", "cpe:/a:php:php:5.6.7", "cpe:/a:php:php:5.6.4", "cpe:/a:php:php:5.6.15", "cpe:/a:php:php:5.6.19", "cpe:/a:php:php:5.6.8", "cpe:/a:php:php:5.6.18", "cpe:/a:php:php:7.0.0", "cpe:/a:php:php:7.0.1", "cpe:/a:php:php:7.0.8", "cpe:/a:php:php:5.6.11", "cpe:/a:php:php:5.6.6", "cpe:/a:php:php:5.6.14", "cpe:/a:php:php:7.0.4", "cpe:/a:php:php:5.6.12", "cpe:/a:php:php:5.6.5", "cpe:/a:php:php:5.6.17", "cpe:/a:php:php:5.6.10", "cpe:/a:php:php:5.6.9", "cpe:/a:php:php:5.6.2", "cpe:/a:php:php:5.5.37"], "id": "CVE-2016-6296", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6296", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.37:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.23:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:09", "description": "The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds array access and memory corruption), obtain sensitive information from process memory, or possibly have unspecified other impact via a crafted JPEG image.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-25T14:59:00", "title": "CVE-2016-6291", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6291"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/a:php:php:5.6.0", "cpe:/a:php:php:5.6.3", "cpe:/a:php:php:7.0.3", "cpe:/a:php:php:7.0.2", "cpe:/a:php:php:5.6.1", "cpe:/a:php:php:5.6.13", "cpe:/a:php:php:5.6.20", "cpe:/a:php:php:5.6.16", "cpe:/a:php:php:5.6.21", "cpe:/a:php:php:5.6.23", "cpe:/a:php:php:7.0.5", "cpe:/a:php:php:5.6.22", "cpe:/a:php:php:5.6.7", "cpe:/a:php:php:5.6.4", "cpe:/a:php:php:5.6.15", "cpe:/a:php:php:5.6.19", "cpe:/a:php:php:5.6.8", "cpe:/a:php:php:5.6.18", "cpe:/a:php:php:7.0.0", "cpe:/a:php:php:7.0.1", "cpe:/a:php:php:7.0.8", "cpe:/a:php:php:5.6.11", "cpe:/a:php:php:5.6.6", "cpe:/a:php:php:5.6.14", "cpe:/a:php:php:7.0.4", "cpe:/a:php:php:5.6.12", "cpe:/a:php:php:5.6.5", "cpe:/a:php:php:5.6.17", "cpe:/a:php:php:5.6.10", "cpe:/a:php:php:5.6.9", "cpe:/a:php:php:5.6.2", "cpe:/a:php:php:5.5.37"], "id": "CVE-2016-6291", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6291", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.37:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.23:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:09", "description": "The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via vectors involving the smart_str data type.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-25T14:59:00", "title": "CVE-2016-6288", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6288"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/a:php:php:5.5.37"], "id": "CVE-2016-6288", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6288", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.5.37:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:09", "description": "Integer overflow in the php_stream_zip_opener function in ext/zip/zip_stream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted zip:// URL.", "edition": 6, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-25T14:59:00", "title": "CVE-2016-6297", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6297"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/a:php:php:5.6.0", "cpe:/a:php:php:7.0.7", "cpe:/a:php:php:7.0.6", "cpe:/a:php:php:5.6.3", "cpe:/a:php:php:7.0.3", "cpe:/a:php:php:7.0.2", "cpe:/a:php:php:5.6.1", "cpe:/a:php:php:5.6.13", "cpe:/a:php:php:5.6.20", "cpe:/a:php:php:5.6.16", "cpe:/a:php:php:5.6.21", "cpe:/a:php:php:5.6.23", "cpe:/a:php:php:7.0.5", "cpe:/a:php:php:5.6.22", "cpe:/a:php:php:5.6.7", "cpe:/a:php:php:5.6.4", "cpe:/a:php:php:5.6.15", "cpe:/a:php:php:5.6.19", "cpe:/a:php:php:5.6.8", "cpe:/a:php:php:5.6.18", "cpe:/a:php:php:7.0.0", "cpe:/a:php:php:7.0.1", "cpe:/a:php:php:7.0.8", "cpe:/a:php:php:5.6.11", "cpe:/a:php:php:5.6.6", "cpe:/a:php:php:5.6.14", "cpe:/a:php:php:7.0.4", "cpe:/a:php:php:5.6.12", "cpe:/a:php:php:5.6.5", "cpe:/a:php:php:5.6.17", "cpe:/a:php:php:5.6.10", "cpe:/a:php:php:5.6.9", "cpe:/a:php:php:5.6.2", "cpe:/a:php:php:5.5.37"], "id": "CVE-2016-6297", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6297", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.37:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.23:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:09", "description": "ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to session deserialization.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-25T14:59:00", "title": "CVE-2016-6290", "type": "cve", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6290"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/a:php:php:5.6.0", "cpe:/a:php:php:5.6.3", "cpe:/a:php:php:7.0.3", "cpe:/a:php:php:7.0.2", "cpe:/a:php:php:5.6.1", "cpe:/a:php:php:5.6.13", "cpe:/a:php:php:5.6.20", "cpe:/a:php:php:5.6.16", "cpe:/a:php:php:5.6.21", "cpe:/a:php:php:5.6.23", "cpe:/a:php:php:7.0.5", "cpe:/a:php:php:5.6.22", "cpe:/a:php:php:5.6.7", "cpe:/a:php:php:5.6.4", "cpe:/a:php:php:5.6.15", "cpe:/a:php:php:5.6.19", "cpe:/a:php:php:5.6.8", "cpe:/a:php:php:5.6.18", "cpe:/a:php:php:7.0.0", "cpe:/a:php:php:7.0.1", "cpe:/a:php:php:7.0.8", "cpe:/a:php:php:5.6.11", "cpe:/a:php:php:5.6.6", "cpe:/a:php:php:5.6.14", "cpe:/a:php:php:7.0.4", "cpe:/a:php:php:5.6.12", "cpe:/a:php:php:5.6.5", "cpe:/a:php:php:5.6.17", "cpe:/a:php:php:5.6.10", "cpe:/a:php:php:5.6.9", "cpe:/a:php:php:5.6.2", "cpe:/a:php:php:5.5.37"], "id": "CVE-2016-6290", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6290", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.37:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.23:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:09", "description": "Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_cwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted extract operation on a ZIP archive.", "edition": 6, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-25T14:59:00", "title": "CVE-2016-6289", "type": "cve", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6289"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/a:php:php:5.6.0", "cpe:/a:php:php:5.6.3", "cpe:/a:php:php:7.0.3", "cpe:/a:php:php:7.0.2", "cpe:/a:php:php:5.6.1", "cpe:/a:php:php:5.6.13", "cpe:/a:php:php:5.6.20", "cpe:/a:php:php:5.6.16", "cpe:/a:php:php:5.6.21", "cpe:/a:php:php:5.6.23", "cpe:/a:php:php:7.0.5", "cpe:/a:php:php:5.6.22", "cpe:/a:php:php:5.6.7", "cpe:/a:php:php:5.6.4", "cpe:/a:php:php:5.6.15", "cpe:/a:php:php:5.6.19", "cpe:/a:php:php:5.6.8", "cpe:/a:php:php:5.6.18", "cpe:/a:php:php:7.0.0", "cpe:/a:php:php:7.0.1", "cpe:/a:php:php:7.0.8", "cpe:/a:php:php:5.6.11", "cpe:/a:php:php:5.6.6", "cpe:/a:php:php:5.6.14", "cpe:/a:php:php:7.0.4", "cpe:/a:php:php:5.6.12", "cpe:/a:php:php:5.6.5", "cpe:/a:php:php:5.6.17", "cpe:/a:php:php:5.6.10", "cpe:/a:php:php:5.6.9", "cpe:/a:php:php:5.6.2", "cpe:/a:php:php:5.5.37"], "id": "CVE-2016-6289", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6289", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.37:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.23:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:09", "description": "Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted length value, related to the (1) mcrypt_generic and (2) mdecrypt_generic functions.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-08-07T10:59:00", "title": "CVE-2016-5769", "type": "cve", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5769"], "modified": "2016-11-28T20:29:00", "cpe": ["cpe:/a:php:php:5.6.0", "cpe:/a:php:php:7.0.7", "cpe:/a:php:php:7.0.6", "cpe:/a:php:php:5.6.3", "cpe:/a:php:php:7.0.3", "cpe:/a:php:php:7.0.2", "cpe:/a:php:php:5.6.1", "cpe:/a:php:php:5.6.13", "cpe:/a:php:php:5.6.20", "cpe:/a:php:php:5.6.16", "cpe:/a:php:php:5.6.21", "cpe:/a:php:php:7.0.5", "cpe:/a:php:php:5.6.22", "cpe:/a:php:php:5.6.7", "cpe:/a:php:php:5.6.4", "cpe:/a:php:php:5.6.15", "cpe:/a:php:php:5.6.19", "cpe:/a:php:php:5.6.8", "cpe:/a:php:php:5.5.36", "cpe:/a:php:php:5.6.18", "cpe:/a:php:php:7.0.0", "cpe:/a:php:php:7.0.1", "cpe:/a:php:php:5.6.11", "cpe:/a:php:php:5.6.6", "cpe:/a:php:php:5.6.14", "cpe:/a:php:php:7.0.4", "cpe:/a:php:php:5.6.12", "cpe:/a:php:php:5.6.5", "cpe:/a:php:php:5.6.17", "cpe:/a:php:php:5.6.10", "cpe:/a:php:php:5.6.9", "cpe:/a:php:php:5.6.2"], "id": "CVE-2016-5769", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5769", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.36:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:08", "description": "The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted bz2 archive.", "edition": 6, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-04-21T20:59:00", "title": "CVE-2016-5399", "type": "cve", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5399"], "modified": "2018-10-09T20:00:00", "cpe": ["cpe:/a:php:php:5.6.0", "cpe:/a:php:php:7.0.7", "cpe:/a:php:php:7.0.6", "cpe:/a:php:php:5.6.3", "cpe:/a:php:php:7.0.3", "cpe:/a:php:php:7.0.2", "cpe:/a:php:php:5.6.1", "cpe:/a:php:php:7.0.9", "cpe:/a:php:php:5.6.13", "cpe:/a:php:php:5.6.20", "cpe:/a:php:php:5.6.16", "cpe:/a:php:php:5.6.21", "cpe:/a:php:php:5.6.23", "cpe:/a:php:php:7.0.5", "cpe:/a:php:php:5.6.22", "cpe:/a:php:php:5.6.7", "cpe:/a:php:php:5.6.4", "cpe:/a:php:php:5.6.15", "cpe:/a:php:php:5.6.19", "cpe:/a:php:php:5.6.8", "cpe:/a:php:php:5.6.18", "cpe:/a:php:php:7.0.0", "cpe:/a:php:php:7.0.1", "cpe:/a:php:php:7.0.8", "cpe:/a:php:php:5.6.11", "cpe:/a:php:php:5.6.6", "cpe:/a:php:php:5.6.14", "cpe:/a:php:php:7.0.4", "cpe:/a:php:php:5.6.12", "cpe:/a:php:php:5.6.5", "cpe:/a:php:php:5.6.17", "cpe:/a:php:php:5.6.10", "cpe:/a:php:php:5.6.9", "cpe:/a:php:php:5.6.2", "cpe:/a:php:php:5.5.37"], "id": "CVE-2016-5399", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5399", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.5.37:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*", "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.23:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:09", "description": "Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.", "edition": 6, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-08-07T10:59:00", "title": "CVE-2016-5767", "type": "cve", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5767"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/a:libgd:libgd:2.0.33"], "id": "CVE-2016-5767", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5767", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:libgd:libgd:2.0.33:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:35:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6288", "CVE-2016-6290", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-6289", "CVE-2016-6294", "CVE-2016-6291", "CVE-2016-6296"], "description": "This host is installed with PHP and is prone\n to multiple vulnerabilities.", "modified": "2018-10-17T00:00:00", "published": "2016-07-29T00:00:00", "id": "OPENVAS:1361412562310808634", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808634", "type": "openvas", "title": "PHP Multiple Vulnerabilities - 05 - Jul16 (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_mult_vuln05_july16_lin.nasl 11938 2018-10-17 10:08:39Z asteins $\n#\n# PHP Multiple Vulnerabilities - 05 - Jul16 (Linux)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808634\");\n script_version(\"$Revision: 11938 $\");\n script_cve_id(\"CVE-2016-6288\", \"CVE-2016-6289\", \"CVE-2016-6290\", \"CVE-2016-6291\",\n \"CVE-2016-6292\", \"CVE-2016-6294\", \"CVE-2016-6295\", \"CVE-2016-6296\",\n \"CVE-2016-6297\");\n script_bugtraq_id(92111, 92074, 92097, 92073, 92078, 92115, 92094, 92095,\n 92099);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-17 12:08:39 +0200 (Wed, 17 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-29 11:54:44 +0530 (Fri, 29 Jul 2016)\");\n script_name(\"PHP Multiple Vulnerabilities - 05 - Jul16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n\n - An integer overflow in the 'php_stream_zip_opener' function in\n 'ext/zip/zip_stream.c' script.\n\n - An integer signedness error in the 'simplestring_addn' function in\n 'simplestring.c' in xmlrpc-epi.\n\n - The 'ext/snmp/snmp.c' script improperly interacts with the unserialize\n implementation and garbage collection.\n\n - The 'locale_accept_from_http' function in 'ext/intl/locale/locale_methods.c'\n script does not properly restrict calls to the ICU 'uloc_acceptLanguageFromHTTP'\n function.\n\n - An error in the 'exif_process_user_comment' function in 'ext/exif/exif.c'\n script.\n\n - An error in the 'exif_process_IFD_in_MAKERNOTE' function in 'ext/exif/exif.c'\n script.\n\n - The 'ext/session/session.c' does not properly maintain a certain hash data\n structure.\n\n - An integer overflow in the 'virtual_file_ex' function in\n 'TSRM/tsrm_virtual_cwd.c' script.\n\n - An error in the 'php_url_parse_ex' function in 'ext/standard/url.c' script.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue may allow\n attackers to cause a denial of service obtain sensitive information from process\n memory, or possibly have unspecified other impact.\");\n\n script_tag(name:\"affected\", value:\"PHP versions before 5.5.38, 5.6.x before\n 5.6.24, and 7.x before 7.0.9 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.5.38, or 5.6.24,\n or 7.0.9, or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"http://php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://php.net/ChangeLog-7.php\");\n script_xref(name:\"URL\", value:\"http://openwall.com/lists/oss-security/2016/07/24/2\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_unixoide\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.5.38\"))\n{\n fix = '5.5.38';\n VULN = TRUE;\n}\n\nelse if(version_in_range(version:phpVer, test_version:\"5.6\", test_version2:\"5.6.23\"))\n{\n fix = \"5.6.24\";\n VULN = TRUE;\n}\n\nelse if(version_in_range(version:phpVer, test_version:\"7.0\", test_version2:\"7.0.8\"))\n{\n fix = \"7.0.9\";\n VULN = TRUE;\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6288", "CVE-2016-6290", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-6289", "CVE-2016-6294", "CVE-2016-6291", "CVE-2016-6296"], "description": "This host is installed with PHP and is prone\n to multiple vulnerabilities.", "modified": "2018-10-18T00:00:00", "published": "2016-07-29T00:00:00", "id": "OPENVAS:1361412562310808633", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808633", "type": "openvas", "title": "PHP Multiple Vulnerabilities - 05 - Jul16 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_mult_vuln05_july16_win.nasl 11961 2018-10-18 10:49:40Z asteins $\n#\n# PHP Multiple Vulnerabilities - 05 - Jul16 (Windows)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808633\");\n script_version(\"$Revision: 11961 $\");\n script_cve_id(\"CVE-2016-6288\", \"CVE-2016-6289\", \"CVE-2016-6290\", \"CVE-2016-6291\",\n \"CVE-2016-6292\", \"CVE-2016-6294\", \"CVE-2016-6295\", \"CVE-2016-6296\",\n \"CVE-2016-6297\");\n script_bugtraq_id(92111, 92074, 92097, 92073, 92078, 92115, 92094, 92095,\n 92099);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-18 12:49:40 +0200 (Thu, 18 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-29 11:54:44 +0530 (Fri, 29 Jul 2016)\");\n script_name(\"PHP Multiple Vulnerabilities - 05 - Jul16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to\n\n - An integer overflow in the 'php_stream_zip_opener' function in\n 'ext/zip/zip_stream.c' script.\n\n - An integer signedness error in the 'simplestring_addn' function in\n 'simplestring.c' in xmlrpc-epi.\n\n - The 'ext/snmp/snmp.c' script improperly interacts with the unserialize\n implementation and garbage collection.\n\n - The 'locale_accept_from_http' function in 'ext/intl/locale/locale_methods.c'\n script does not properly restrict calls to the ICU 'uloc_acceptLanguageFromHTTP'\n function.\n\n - An error in the 'exif_process_user_comment' function in 'ext/exif/exif.c'\n script.\n\n - An error in the 'exif_process_IFD_in_MAKERNOTE' function in 'ext/exif/exif.c'\n script.\n\n - The 'ext/session/session.c' does not properly maintain a certain hash data\n structure.\n\n - An integer overflow in the 'virtual_file_ex' function in\n 'TSRM/tsrm_virtual_cwd.c' script.\n\n - An error in the 'php_url_parse_ex' function in 'ext/standard/url.c' script.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue may allow\n attackers to cause a denial of service obtain sensitive information from process\n memory, or possibly have unspecified other impact.\");\n\n script_tag(name:\"affected\", value:\"PHP versions before 5.5.38, 5.6.x before\n 5.6.24, and 7.x before 7.0.9 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.5.38, or 5.6.24,\n or 7.0.9, or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://php.net/ChangeLog-7.php\");\n script_xref(name:\"URL\", value:\"http://openwall.com/lists/oss-security/2016/07/24/2\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.5.38\"))\n{\n fix = '5.5.38';\n VULN = TRUE;\n}\n\nelse if(version_in_range(version:phpVer, test_version:\"5.6\", test_version2:\"5.6.23\"))\n{\n fix = \"5.6.24\";\n VULN = TRUE;\n}\n\nelse if(version_in_range(version:phpVer, test_version:\"7.0\", test_version2:\"7.0.8\"))\n{\n fix = \"7.0.9\";\n VULN = TRUE;\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:54:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5399", "CVE-2016-5385", "CVE-2016-6290", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-6289", "CVE-2016-6294", "CVE-2016-6291", "CVE-2016-6296"], "description": "Several vulnerabilities were found in PHP,\na general-purpose scripting language commonly used for web application development.\n\nThe vulnerabilities are addressed by upgrading PHP to the new upstream\nversion 5.6.24, which includes additional bug fixes. Please refer to the\nupstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.6.24", "modified": "2017-07-07T00:00:00", "published": "2016-08-02T00:00:00", "id": "OPENVAS:703631", "href": "http://plugins.openvas.org/nasl.php?oid=703631", "type": "openvas", "title": "Debian Security Advisory DSA 3631-1 (php5 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3631.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3631-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703631);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-5385\", \"CVE-2016-5399\", \"CVE-2016-6289\", \"CVE-2016-6290\",\n \"CVE-2016-6291\", \"CVE-2016-6292\", \"CVE-2016-6294\", \"CVE-2016-6295\",\n \"CVE-2016-6296\", \"CVE-2016-6297\");\n script_name(\"Debian Security Advisory DSA 3631-1 (php5 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-02 10:57:45 +0530 (Tue, 02 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3631.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"php5 on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package is a metapackage that, when\ninstalled, guarantees that you have at least one of the four server-side versions\nof the PHP5 interpreter installed. Removing this package won't remove PHP5 from your\nsystem, however it may remove other packages that depend on this one.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these\nproblems have been fixed in version 5.6.24+dfsg-0+deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7.0.9-1 of the php7.0 source package.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were found in PHP,\na general-purpose scripting language commonly used for web application development.\n\nThe vulnerabilities are addressed by upgrading PHP to the new upstream\nversion 5.6.24, which includes additional bug fixes. Please refer to the\nupstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.6.24\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-phpdbg\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-readline\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.6.24+dfsg-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5399", "CVE-2016-5385", "CVE-2016-6290", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-6289", "CVE-2016-6294", "CVE-2016-6291", "CVE-2016-6296"], "description": "Several vulnerabilities were found in PHP,\na general-purpose scripting language commonly used for web application development.\n\nThe vulnerabilities are addressed by upgrading PHP to the new upstream\nversion 5.6.24, which includes additional bug fixes.", "modified": "2019-03-18T00:00:00", "published": "2016-08-02T00:00:00", "id": "OPENVAS:1361412562310703631", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703631", "type": "openvas", "title": "Debian Security Advisory DSA 3631-1 (php5 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3631.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3631-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703631\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-5385\", \"CVE-2016-5399\", \"CVE-2016-6289\", \"CVE-2016-6290\",\n \"CVE-2016-6291\", \"CVE-2016-6292\", \"CVE-2016-6294\", \"CVE-2016-6295\",\n \"CVE-2016-6296\", \"CVE-2016-6297\");\n script_name(\"Debian Security Advisory DSA 3631-1 (php5 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-02 10:57:45 +0530 (Tue, 02 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3631.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"php5 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), these\nproblems have been fixed in version 5.6.24+dfsg-0+deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7.0.9-1 of the php7.0 source package.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were found in PHP,\na general-purpose scripting language commonly used for web application development.\n\nThe vulnerabilities are addressed by upgrading PHP to the new upstream\nversion 5.6.24, which includes additional bug fixes.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-phpdbg\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-readline\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.6.24+dfsg-0+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-07T18:43:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8935"], "description": "The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer by leveraging (1) %0A%20 or (2) %0D%0A%20 mishandling in the header function.", "modified": "2020-04-03T00:00:00", "published": "2016-10-24T00:00:00", "id": "OPENVAS:1361412562310140013", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310140013", "type": "openvas", "title": "F5 BIG-IP - SOL63712424 - PHP vulnerability CVE-2015-8935", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# F5 BIG-IP - SOL63712424 - PHP vulnerability CVE-2015-8935\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/h:f5:big-ip\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.140013\");\n script_cve_id(\"CVE-2015-8935\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_version(\"2020-04-03T06:15:47+0000\");\n\n script_name(\"F5 BIG-IP - SOL63712424 - PHP vulnerability CVE-2015-8935\");\n\n script_xref(name:\"URL\", value:\"https://support.f5.com/kb/en-us/solutions/public/k/63/sol63712424.html\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n\n script_tag(name:\"summary\", value:\"The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer by leveraging (1) %0A%20 or (2) %0D%0A%20 mishandling in the header function.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2020-04-03 06:15:47 +0000 (Fri, 03 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-10-24 15:29:55 +0200 (Mon, 24 Oct 2016)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"F5 Local Security Checks\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_f5_big_ip_version.nasl\");\n script_mandatory_keys(\"f5/big_ip/version\", \"f5/big_ip/active_modules\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"list_array_func.inc\");\ninclude(\"f5.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) )\n exit( 0 );\n\ncheck_f5['LTM'] = make_array( 'affected', '11.6.0;11.4.0-11.5.3;11.2.1;10.2.1-10.2.4;',\n 'unaffected', '12.0.0-12.1.1;11.6.1;11.5.4;' );\n\ncheck_f5['AAM'] = make_array( 'affected', '11.6.0;11.4.0-11.5.3;',\n 'unaffected', '12.0.0-12.1.1;11.6.1;11.5.4;' );\n\ncheck_f5['AFM'] = make_array( 'affected', '11.6.0;11.4.0-11.5.3;',\n 'unaffected', '12.0.0-12.1.1;11.6.1;11.5.4;' );\n\ncheck_f5['AVR'] = make_array( 'affected', '11.6.0;11.4.0-11.5.3;11.2.1;',\n 'unaffected', '12.0.0-12.1.1;11.6.1;11.5.4;' );\n\ncheck_f5['APM'] = make_array( 'affected', '11.6.0;11.4.0-11.5.3;11.2.1;10.2.1-10.2.4;',\n 'unaffected', '12.0.0-12.1.1;11.6.1;11.5.4;' );\n\ncheck_f5['ASM'] = make_array( 'affected', '111.6.0;11.4.0-11.5.3;11.2.1;10.2.1-10.2.4;',\n 'unaffected', '12.0.0-12.1.1;11.6.1;11.5.4;' );\n\ncheck_f5['GTM'] = make_array( 'affected', '11.6.0;11.4.0-11.5.3;11.2.1;10.2.1-10.2.4;',\n 'unaffected', '11.6.1;11.5.4;' );\n\ncheck_f5['LC'] = make_array( 'affected', '11.6.0;11.4.0-11.5.3;11.2.1;10.2.1-10.2.4;',\n 'unaffected', '12.0.0-12.1.1;11.6.1;11.5.4;' );\n\ncheck_f5['PEM'] = make_array( 'affected', '11.6.0;11.4.0-11.5.3;',\n 'unaffected', '12.0.0-12.1.1;11.6.1;11.5.4;' );\n\nif( report = f5_is_vulnerable( ca:check_f5, version:version ) ) {\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5772", "CVE-2016-5768", "CVE-2016-5769", "CVE-2016-5773", "CVE-2016-5766", "CVE-2016-5767"], "description": "This host is installed with PHP and is prone\n to multiple vulnerabilities.", "modified": "2018-11-20T00:00:00", "published": "2016-08-17T00:00:00", "id": "OPENVAS:1361412562310808788", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808788", "type": "openvas", "title": "PHP Multiple Vulnerabilities - 01 - Aug16 (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_mult_vuln01_aug16_lin.nasl 12431 2018-11-20 09:21:00Z asteins $\n#\n# PHP Multiple Vulnerabilities - 01 - Aug16 (Linux)\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808788\");\n script_version(\"$Revision: 12431 $\");\n script_cve_id(\"CVE-2016-5773\", \"CVE-2016-5772\", \"CVE-2016-5769\", \"CVE-2016-5768\",\n \"CVE-2016-5766\", \"CVE-2016-5767\");\n script_bugtraq_id(91397, 91398, 91399, 91396, 91395);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-20 10:21:00 +0100 (Tue, 20 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-17 12:07:10 +0530 (Wed, 17 Aug 2016)\");\n script_name(\"PHP Multiple Vulnerabilities - 01 - Aug16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - The 'php_zip.c' script in the zip extension improperly interacts with the\n unserialize implementation and garbage collection.\n\n - The php_wddx_process_data function in 'wddx.c' script in the WDDX extension\n mishandled data in a wddx_deserialize call.\n\n - The multiple integer overflows in 'mcrypt.c' script in the mcrypt extension.\n\n - The double free vulnerability in the '_php_mb_regex_ereg_replace_exec'\n function in 'php_mbregex.c' script in the mbstring extension.\n\n - An integer overflow in the '_gd2GetHeader' function in 'gd_gd2.c' script in\n the GD Graphics Library.\n\n - An integer overflow in the 'gdImageCreate' function in 'gd.c' script in the\n GD Graphics Library.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow\n remote attackers to cause a denial of service (buffer overflow and application\n crash) or possibly execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.5.37, 5.6.x before\n 5.6.23, and 7.x before 7.0.8 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.5.37, or 5.6.23,\n or 7.0.8, or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-7.php\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_unixoide\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.5.37\"))\n{\n fix = '5.5.37';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.22\"))\n {\n fix = '5.6.23';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^7\\.0\")\n{\n if(version_in_range(version:phpVer, test_version:\"7.0\", test_version2:\"7.0.7\"))\n {\n fix = '7.0.8';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5772", "CVE-2016-5768", "CVE-2016-5769", "CVE-2016-5773", "CVE-2016-5766", "CVE-2016-5767"], "description": "This host is installed with PHP and is prone\n to multiple vulnerabilities.", "modified": "2019-03-14T00:00:00", "published": "2016-08-17T00:00:00", "id": "OPENVAS:1361412562310808787", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808787", "type": "openvas", "title": "PHP Multiple Vulnerabilities - 01 - Aug16 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_mult_vuln01_aug16_win.nasl 14181 2019-03-14 12:59:41Z cfischer $\n#\n# PHP Multiple Vulnerabilities - 01 - Aug16 (Windows)\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808787\");\n script_version(\"$Revision: 14181 $\");\n script_cve_id(\"CVE-2016-5773\", \"CVE-2016-5772\", \"CVE-2016-5769\", \"CVE-2016-5768\",\n \"CVE-2016-5766\", \"CVE-2016-5767\");\n script_bugtraq_id(91397, 91398, 91399, 91396, 91395);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:59:41 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-17 11:41:54 +0530 (Wed, 17 Aug 2016)\");\n script_name(\"PHP Multiple Vulnerabilities - 01 - Aug16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - The 'php_zip.c' script in the zip extension improperly interacts with the\n unserialize implementation and garbage collection.\n\n - The php_wddx_process_data function in 'wddx.c' script in the WDDX extension\n mishandled data in a wddx_deserialize call.\n\n - The multiple integer overflows in 'mcrypt.c' script in the mcrypt extension.\n\n - The double free vulnerability in the '_php_mb_regex_ereg_replace_exec'\n function in 'php_mbregex.c' script in the mbstring extension.\n\n - An integer overflow in the '_gd2GetHeader' function in 'gd_gd2.c' script in\n the GD Graphics Library.\n\n - An integer overflow in the 'gdImageCreate' function in 'gd.c' script in the\n GD Graphics Library.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow\n remote attackers to cause a denial of service (buffer overflow and application\n crash) or possibly execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"PHP versions prior to 5.5.37, 5.6.x before\n 5.6.23, and 7.x before 7.0.8 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.5.37, or 5.6.23,\n or 7.0.8, or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-7.php\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.5.37\"))\n{\n fix = '5.5.37';\n VULN = TRUE;\n}\n\nelse if(phpVer =~ \"^5\\.6\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.22\"))\n {\n fix = '5.6.23';\n VULN = TRUE;\n }\n}\n\nelse if(phpVer =~ \"^7\\.0\")\n{\n if(version_in_range(version:phpVer, test_version:\"7.0\", test_version2:\"7.0.7\"))\n {\n fix = '7.0.8';\n VULN = TRUE;\n }\n}\n\nif(VULN)\n{\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:36:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5771", "CVE-2016-5772", "CVE-2016-5770", "CVE-2016-5768", "CVE-2016-5769", "CVE-2015-8935", "CVE-2016-5773", "CVE-2016-5766", "CVE-2016-5767"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2016-07-08T00:00:00", "id": "OPENVAS:1361412562310851364", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851364", "type": "openvas", "title": "openSUSE: Security Advisory for php5 (openSUSE-SU-2016:1761-1)", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851364\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-07-08 05:26:30 +0200 (Fri, 08 Jul 2016)\");\n script_cve_id(\"CVE-2015-8935\", \"CVE-2016-5766\", \"CVE-2016-5767\", \"CVE-2016-5768\",\n \"CVE-2016-5769\", \"CVE-2016-5770\", \"CVE-2016-5771\", \"CVE-2016-5772\",\n \"CVE-2016-5773\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for php5 (openSUSE-SU-2016:1761-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php5'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"php5 was updated to fix nine security issues.\n\n These security issues were fixed:\n\n - CVE-2016-5773: ZipArchive class Use After Free Vulnerability in PHP's GC\n algorithm and unserialize (bsc#986247).\n\n - CVE-2016-5772: Double Free Courruption in wddx_deserialize (bsc#986244).\n\n - CVE-2016-5771: Use After Free Vulnerability in PHP's GC algorithm and\n unserialize (bsc#986391).\n\n - CVE-2016-5770: int/size_t confusion in SplFileObject::fread (bsc#986392).\n\n - CVE-2016-5768: Double free in _php_mb_regex_ereg_replace_exec -\n (bsc#986246).\n\n - CVE-2016-5769: mcrypt: Heap Overflow due to integer overflows\n (bsc#986388).\n\n - CVE-2015-8935: XSS in header() with Internet Explorer (bsc#986004).\n\n - CVE-2016-5767: Integer Overflow in gdImagePaletteToTrueColor() resulting\n in heap overflow (bsc#986393).\n\n - CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap\n overflow (bsc#986386).\");\n\n script_tag(name:\"affected\", value:\"php5 on openSUSE 13.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:1761-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\")\n{\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache2-mod_php5-debuginfo\", rpm:\"apache2-mod_php5-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bcmath-debuginfo\", rpm:\"php5-bcmath-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bz2-debuginfo\", rpm:\"php5-bz2-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-calendar-debuginfo\", rpm:\"php5-calendar-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ctype-debuginfo\", rpm:\"php5-ctype-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-curl-debuginfo\", rpm:\"php5-curl-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dba-debuginfo\", rpm:\"php5-dba-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-debuginfo\", rpm:\"php5-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-debugsource\", rpm:\"php5-debugsource~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dom-debuginfo\", rpm:\"php5-dom-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-enchant\", rpm:\"php5-enchant~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-enchant-debuginfo\", rpm:\"php5-enchant-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-exif-debuginfo\", rpm:\"php5-exif-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fastcgi-debuginfo\", rpm:\"php5-fastcgi-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fileinfo\", rpm:\"php5-fileinfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fileinfo-debuginfo\", rpm:\"php5-fileinfo-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-firebird\", rpm:\"php5-firebird~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-firebird-debuginfo\", rpm:\"php5-firebird-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fpm\", rpm:\"php5-fpm~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fpm-debuginfo\", rpm:\"php5-fpm-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ftp-debuginfo\", rpm:\"php5-ftp-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gd-debuginfo\", rpm:\"php5-gd-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gettext-debuginfo\", rpm:\"php5-gettext-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gmp-debuginfo\", rpm:\"php5-gmp-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-iconv-debuginfo\", rpm:\"php5-iconv-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-imap-debuginfo\", rpm:\"php5-imap-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-intl\", rpm:\"php5-intl~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-intl-debuginfo\", rpm:\"php5-intl-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-json-debuginfo\", rpm:\"php5-json-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ldap-debuginfo\", rpm:\"php5-ldap-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mbstring-debuginfo\", rpm:\"php5-mbstring-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mcrypt-debuginfo\", rpm:\"php5-mcrypt-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mssql\", rpm:\"php5-mssql~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mssql-debuginfo\", rpm:\"php5-mssql-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mysql-debuginfo\", rpm:\"php5-mysql-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-odbc-debuginfo\", rpm:\"php5-odbc-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-opcache\", rpm:\"php5-opcache~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-opcache-debuginfo\", rpm:\"php5-opcache-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-openssl-debuginfo\", rpm:\"php5-openssl-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pcntl-debuginfo\", rpm:\"php5-pcntl-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pdo-debuginfo\", rpm:\"php5-pdo-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pgsql-debuginfo\", rpm:\"php5-pgsql-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-phar\", rpm:\"php5-phar~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-phar-debuginfo\", rpm:\"php5-phar-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-posix-debuginfo\", rpm:\"php5-posix-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pspell-debuginfo\", rpm:\"php5-pspell-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-readline-debuginfo\", rpm:\"php5-readline-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-shmop-debuginfo\", rpm:\"php5-shmop-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-snmp-debuginfo\", rpm:\"php5-snmp-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-soap-debuginfo\", rpm:\"php5-soap-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sockets-debuginfo\", rpm:\"php5-sockets-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sqlite-debuginfo\", rpm:\"php5-sqlite-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-suhosin-debuginfo\", rpm:\"php5-suhosin-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvmsg-debuginfo\", rpm:\"php5-sysvmsg-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvsem-debuginfo\", rpm:\"php5-sysvsem-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvshm-debuginfo\", rpm:\"php5-sysvshm-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tidy-debuginfo\", rpm:\"php5-tidy-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tokenizer-debuginfo\", rpm:\"php5-tokenizer-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-wddx-debuginfo\", rpm:\"php5-wddx-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlreader-debuginfo\", rpm:\"php5-xmlreader-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlrpc-debuginfo\", rpm:\"php5-xmlrpc-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlwriter-debuginfo\", rpm:\"php5-xmlwriter-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xsl-debuginfo\", rpm:\"php5-xsl-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zip-debuginfo\", rpm:\"php5-zip-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zlib-debuginfo\", rpm:\"php5-zlib-debuginfo~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.6.1~69.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5399", "CVE-2016-5768", "CVE-2016-5766", "CVE-2016-5767"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2016-11-04T00:00:00", "id": "OPENVAS:1361412562310871700", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871700", "type": "openvas", "title": "RedHat Update for php RHSA-2016:2598-02", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2016:2598-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871700\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-04 05:42:23 +0100 (Fri, 04 Nov 2016)\");\n script_cve_id(\"CVE-2016-5399\", \"CVE-2016-5766\", \"CVE-2016-5767\", \"CVE-2016-5768\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for php RHSA-2016:2598-02\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language\ncommonly used with the Apache HTTP Server.\n\nSecurity Fix(es):\n\n * A flaw was found in the way certain error conditions were handled by\nbzread() function in PHP. An attacker could use this flaw to upload a\nspecially crafted bz2 archive which, when parsed via the vulnerable\nfunction, could cause the application to crash or execute arbitrary code\nwith the permissions of the user running the PHP application.\n(CVE-2016-5399)\n\n * An integer overflow flaw, leading to a heap-based buffer overflow was\nfound in the imagecreatefromgd2() function of PHP's gd extension. A remote\nattacker could use this flaw to crash a PHP application or execute\narbitrary code with the privileges of the user running that PHP application\nusing gd via a specially crafted GD2 image. (CVE-2016-5766)\n\n * An integer overflow flaw, leading to a heap-based buffer overflow was\nfound in the gdImagePaletteToTrueColor() function of PHP's gd extension. A\nremote attacker could use this flaw to crash a PHP application or execute\narbitrary code with the privileges of the user running that PHP application\nusing gd via a specially crafted image buffer. (CVE-2016-5767)\n\n * A double free flaw was found in the mb_ereg_replace_callback() function\nof php which is used to perform regex search. This flaw could possibly\ncause a PHP application to crash. (CVE-2016-5768)\n\nRed Hat would like to thank Hans Jerry Illikainen for reporting\nCVE-2016-5399.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.3 Release Notes linked from the References section.\");\n script_tag(name:\"affected\", value:\"php on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:2598-02\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-November/msg00034.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.4.16~42.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:34:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5399", "CVE-2016-5768", "CVE-2016-5766", "CVE-2016-5767"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220161063", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220161063", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for php (EulerOS-SA-2016-1063)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2016.1063\");\n script_version(\"2020-01-23T10:42:00+0000\");\n script_cve_id(\"CVE-2016-5399\", \"CVE-2016-5766\", \"CVE-2016-5767\", \"CVE-2016-5768\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:42:00 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:42:00 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for php (EulerOS-SA-2016-1063)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2016-1063\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1063\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'php' package(s) announced via the EulerOS-SA-2016-1063 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A flaw was found in the way certain error conditions were handled by bzread() function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vulnerable function, could cause the application to crash or execute arbitrary code with the permissions of the user running the PHP application.(CVE-2016-5399)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow was found in the imagecreatefromgd2() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application using gd via a specially crafted GD2 image.(CVE-2016-5766)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow was found in the gdImagePaletteToTrueColor() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application using gd via a specially crafted image buffer.(CVE-2016-5767)\n\nA double free flaw was found in the mb_ereg_replace_callback() function of php which is used to perform regex search. This flaw could possibly cause a PHP application to crash.(CVE-2016-5768)\");\n\n script_tag(name:\"affected\", value:\"'php' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.4.16~42.h10\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:37", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5399", "CVE-2016-6288", "CVE-2016-5385", "CVE-2016-6290", "CVE-2015-8879", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-6289", "CVE-2016-6294", "CVE-2016-6291", "CVE-2016-6296"], "description": "\nPHP reports:\n\n\nFixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns)\nFixed bug #72479 (Use After Free Vulnerability in SNMP with GC and unserialize()).\nFixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read access).\nFixed bug #72519 (imagegif/output out-of-bounds access).\nFixed bug #72520 (Stack-based buffer overflow vulnerability in php_stream_zip_opener).\nFixed bug #72533 (locale_accept_from_http out-of-bounds access).\nFixed bug #72541 (size_t overflow lead to heap corruption).\nFixed bug #72551, bug #72552 (Incorrect casting from size_t to int lead to heap overflow in mdecrypt_generic).\nFixed bug #72558 (Integer overflow error within _gdContributionsAlloc()).\nFixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and applications).\nFixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).\nFixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c).\nFixed bug #72613 (Inadequate error handling in bzread()).\nFixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).\n\n\n", "edition": 4, "modified": "2016-07-21T00:00:00", "published": "2016-07-21T00:00:00", "id": "B6402385-533B-11E6-A7BD-14DAE9D210B8", "href": "https://vuxml.freebsd.org/freebsd/b6402385-533b-11e6-a7bd-14dae9d210b8.html", "title": "php -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:40", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5771", "CVE-2016-5772", "CVE-2016-5770", "CVE-2016-5768", "CVE-2015-8874", "CVE-2016-5769", "CVE-2016-5773", "CVE-2016-5766", "CVE-2016-5767"], "description": "\nThe PHP Group reports:\n\nPlease reference CVE/URL list for details\n\n", "edition": 5, "modified": "2016-06-23T00:00:00", "published": "2016-06-23T00:00:00", "id": "66D77C58-3B1D-11E6-8E82-002590263BF5", "href": "https://vuxml.freebsd.org/freebsd/66d77c58-3b1d-11e6-8e82-002590263bf5.html", "title": "php -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-08-12T01:10:34", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5399", "CVE-2016-5385", "CVE-2016-6290", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-6289", "CVE-2016-6294", "CVE-2016-6291", "CVE-2016-6296"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3631-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJuly 26, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : php5\nCVE ID : CVE-2016-5385 CVE-2016-5399 CVE-2016-6289 CVE-2016-6290 \n CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295\n CVE-2016-6296 CVE-2016-6297\n\nSeveral vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development.\n\nThe vulnerabilities are addressed by upgrading PHP to the new upstream\nversion 5.6.24, which includes additional bug fixes. Please refer to the\nupstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.6.24\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.6.24+dfsg-0+deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7.0.9-1 of the php7.0 source package.\n\nWe recommend that you upgrade your php5 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2016-07-26T20:46:53", "published": "2016-07-26T20:46:53", "id": "DEBIAN:DSA-3631-1:30BAB", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00209.html", "title": "[SECURITY] [DSA 3631-1] php5 security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T01:05:51", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5399", "CVE-2016-5771", "CVE-2016-6290", "CVE-2016-4538", "CVE-2016-4473", "CVE-2016-5772", "CVE-2016-5770", "CVE-2016-5768", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2016-6289", "CVE-2016-5769", "CVE-2016-6294", "CVE-2016-5096", "CVE-2016-5773", "CVE-2016-6291", "CVE-2016-5114", "CVE-2016-6296", "CVE-2016-4537"], "description": "Package : php5\nVersion : 5.4.45-0+deb7u5\nCVE ID : CVE-2016-4473 CVE-2016-4538 CVE-2016-5114 CVE-2016-5399\n CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771\n CVE-2016-5772 CVE-2016-5773 CVE-2016-6289 CVE-2016-6290\n CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295\n CVE-2016-6296 CVE-2016-6297\nPHP-Bugs : 70436 72681\n\n\n * CVE-2016-4473.patch\n An invalid free may occur under certain conditions when processing\n phar-compatible archives.\n * CVE-2016-4538.patch\n The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35,\n 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer\n for the scale argument, which allows remote attackers to cause a\n denial of service or possibly have unspecified other impact via a\n crafted call.\n (already fixed with patch for CVE-2016-4537)\n * CVE-2016-5114.patch\n sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17,\n and 7.x before 7.0.2 misinterprets the semantics of the snprintf\n return value, which allows attackers to obtain sensitive information\n from process memory or cause a denial of service (out-of-bounds read\n and buffer overflow) via a long string, as demonstrated by a long URI\n in a configuration with custom REQUEST_URI logging.\n * CVE-2016-5399.patch\n Improper error handling in bzread()\n * CVE-2016-5768.patch\n Double free vulnerability in the _php_mb_regex_ereg_replace_exec\n function in php_mbregex.c in the mbstring extension in PHP before\n 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote\n attackers to execute arbitrary code or cause a denial of service\n (application crash) by leveraging a callback exception.\n * CVE-2016-5769.patch\n Multiple integer overflows in mcrypt.c in the mcrypt extension in\n PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow\n remote attackers to cause a denial of service (heap-based buffer\n overflow and application crash) or possibly have unspecified other\n impact via a crafted length value, related to the\n (1) mcrypt_generic and (2) mdecrypt_generic functions.\n * CVE-2016-5770.patch\n Integer overflow in the SplFileObject::fread function in\n spl_directory.c in the SPL extension in PHP before 5.5.37 and\n 5.6.x before 5.6.23 allows remote attackers to cause a denial\n of service or possibly have unspecified other impact via a\n large integer argument, a related issue to CVE-2016-5096.\n * CVE-2016-5771.patch\n spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x\n before 5.6.23 improperly interacts with the unserialize\n implementation and garbage collection, which allows remote\n attackers to execute arbitrary code or cause a denial of service\n (use-after-free and application crash) via crafted serialized data.\n * CVE-2016-5772.patch\n Double free vulnerability in the php_wddx_process_data function in\n wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before\n 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a\n denial of service (application crash) or possibly execute arbitrary\n code via crafted XML data that is mishandled in a wddx_deserialize\n call.\n * CVE-2016-5773.patch\n php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before\n 5.6.23, and 7.x before 7.0.8 improperly interacts with the\n unserialize implementation and garbage collection, which allows\n remote attackers to execute arbitrary code or cause a denial of\n service (use-after-free and application crash) via crafted\n serialized data containing a ZipArchive object.\n * CVE-2016-6289.patch\n Integer overflow in the virtual_file_ex function in\n TSRM/tsrm_virtual_cwd.c in PHP before 5.5.38, 5.6.x before 5.6.24,\n and 7.x before 7.0.9 allows remote attackers to cause a denial of\n service (stack-based buffer overflow) or possibly have unspecified\n other impact via a crafted extract operation on a ZIP archive.\n * CVE-2016-6290.patch\n ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24,\n and 7.x before 7.0.9 does not properly maintain a certain hash\n data structure, which allows remote attackers to cause a denial\n of service (use-after-free) or possibly have unspecified other\n impact via vectors related to session deserialization.\n * CVE-2016-6291.patch\n The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in\n PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows\n remote attackers to cause a denial of service (out-of-bounds array\n access and memory corruption), obtain sensitive information from\n process memory, or possibly have unspecified other impact via a\n crafted JPEG image.\n * CVE-2016-6292.patch\n The exif_process_user_comment function in ext/exif/exif.c in PHP\n before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows\n remote attackers to cause a denial of service (NULL pointer\n dereference and application crash) via a crafted JPEG image.\n * CVE-2016-6294.patch\n The locale_accept_from_http function in\n ext/intl/locale/locale_methods.c in PHP before 5.5.38, 5.6.x before\n 5.6.24, and 7.x before 7.0.9 does not properly restrict calls to\n the ICU uloc_acceptLanguageFromHTTP function, which allows remote\n attackers to cause a denial of service (out-of-bounds read) or\n possibly have unspecified other impact via a call with a long argument.\n * CVE-2016-6295.patch\n ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x\n before 7.0.9 improperly interacts with the unserialize implementation\n and garbage collection, which allows remote attackers to cause a\n denial of service (use-after-free and application crash) or possibly\n have unspecified other impact via crafted serialized data, a related\n issue to CVE-2016-5773.\n * CVE-2016-6296.patch\n Integer signedness error in the simplestring_addn function in\n simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before\n 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote\n attackers to cause a denial of service (heap-based buffer overflow)\n or possibly have unspecified other impact via a long first argument\n to the PHP xmlrpc_encode_request function.\n * CVE-2016-6297.patch\n Integer overflow in the php_stream_zip_opener function in\n ext/zip/zip_stream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and\n 7.x before 7.0.9 allows remote attackers to cause a denial of\n service (stack-based buffer overflow) or possibly have unspecified\n other impact via a crafted zip:// URL.\n * BUG-70436.patch\n Use After Free Vulnerability in unserialize()\n * BUG-72681.patch\n PHP Session Data Injection Vulnerability, consume data even if we're\n not storing them.\n\n", "edition": 7, "modified": "2016-09-18T15:15:24", "published": "2016-09-18T15:15:24", "id": "DEBIAN:DLA-628-1:9ADD4", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201609/msg00021.html", "title": "[SECURITY] [DLA 628-1] php5 security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:29:12", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5399", "CVE-2016-5768", "CVE-2016-5766", "CVE-2016-5767"], "description": "**CentOS Errata and Security Advisory** CESA-2016:2598\n\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es):\n\n* A flaw was found in the way certain error conditions were handled by bzread() function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vulnerable function, could cause the application to crash or execute arbitrary code with the permissions of the user running the PHP application. (CVE-2016-5399)\n\n* An integer overflow flaw, leading to a heap-based buffer overflow was found in the imagecreatefromgd2() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application using gd via a specially crafted GD2 image. (CVE-2016-5766)\n\n* An integer overflow flaw, leading to a heap-based buffer overflow was found in the gdImagePaletteToTrueColor() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application using gd via a specially crafted image buffer. (CVE-2016-5767)\n\n* A double free flaw was found in the mb_ereg_replace_callback() function of php which is used to perform regex search. This flaw could possibly cause a PHP application to crash. (CVE-2016-5768)\n\nRed Hat would like to thank Hans Jerry Illikainen for reporting CVE-2016-5399.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2016-November/003423.html\n\n**Affected packages:**\nphp\nphp-bcmath\nphp-cli\nphp-common\nphp-dba\nphp-devel\nphp-embedded\nphp-enchant\nphp-fpm\nphp-gd\nphp-intl\nphp-ldap\nphp-mbstring\nphp-mysql\nphp-mysqlnd\nphp-odbc\nphp-pdo\nphp-pgsql\nphp-process\nphp-pspell\nphp-recode\nphp-snmp\nphp-soap\nphp-xml\nphp-xmlrpc\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-2598.html", "edition": 3, "modified": "2016-11-25T15:41:35", "published": "2016-11-25T15:41:35", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2016-November/003423.html", "id": "CESA-2016:2598", "title": "php security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:46:05", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5399", "CVE-2016-5766", "CVE-2016-5767", "CVE-2016-5768"], "description": "PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es):\n\n* A flaw was found in the way certain error conditions were handled by bzread() function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vulnerable function, could cause the application to crash or execute arbitrary code with the permissions of the user running the PHP application. (CVE-2016-5399)\n\n* An integer overflow flaw, leading to a heap-based buffer overflow was found in the imagecreatefromgd2() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application using gd via a specially crafted GD2 image. (CVE-2016-5766)\n\n* An integer overflow flaw, leading to a heap-based buffer overflow was found in the gdImagePaletteToTrueColor() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application using gd via a specially crafted image buffer. (CVE-2016-5767)\n\n* A double free flaw was found in the mb_ereg_replace_callback() function of php which is used to perform regex search. This flaw could possibly cause a PHP application to crash. (CVE-2016-5768)\n\nRed Hat would like to thank Hans Jerry Illikainen for reporting CVE-2016-5399.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.", "modified": "2018-04-12T03:33:25", "published": "2016-11-03T10:07:16", "id": "RHSA-2016:2598", "href": "https://access.redhat.com/errata/RHSA-2016:2598", "type": "redhat", "title": "(RHSA-2016:2598) Moderate: php security and bug fix update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:37:16", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5399", "CVE-2016-5771", "CVE-2015-8873", "CVE-2016-6288", "CVE-2016-5385", "CVE-2016-6290", "CVE-2016-5772", "CVE-2016-5768", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2015-4116", "CVE-2016-6289", "CVE-2016-5093", "CVE-2016-5094", "CVE-2016-5769", "CVE-2016-5095", "CVE-2016-6294", "CVE-2015-8935", "CVE-2016-5096", "CVE-2016-5773", "CVE-2016-6291", "CVE-2016-5114", "CVE-2015-8876", "CVE-2016-6296"], "description": "It was discovered that PHP incorrectly handled certain SplMinHeap::compare \noperations. A remote attacker could use this issue to cause PHP to crash, \nresulting in a denial of service, or possibly execute arbitrary code. This \nissue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-4116)\n\nIt was discovered that PHP incorrectly handled recursive method calls. A \nremote attacker could use this issue to cause PHP to crash, resulting in a \ndenial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu \n14.04 LTS. (CVE-2015-8873)\n\nIt was discovered that PHP incorrectly validated certain Exception objects \nwhen unserializing data. A remote attacker could use this issue to cause \nPHP to crash, resulting in a denial of service, or possibly execute \narbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 \nLTS. (CVE-2015-8876)\n\nIt was discovered that PHP header() function performed insufficient \nfiltering for Internet Explorer. A remote attacker could possibly use this \nissue to perform a XSS attack. This issue only affected Ubuntu 12.04 LTS \nand Ubuntu 14.04 LTS. (CVE-2015-8935)\n\nIt was discovered that PHP incorrectly handled certain locale operations. \nAn attacker could use this issue to cause PHP to crash, resulting in a \ndenial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu \n14.04 LTS. (CVE-2016-5093)\n\nIt was discovered that the PHP php_html_entities() function incorrectly \nhandled certain string lengths. A remote attacker could use this issue to \ncause PHP to crash, resulting in a denial of service, or possibly execute \narbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 \nLTS. (CVE-2016-5094, CVE-2016-5095)\n\nIt was discovered that the PHP fread() function incorrectly handled certain \nlengths. An attacker could use this issue to cause PHP to crash, resulting \nin a denial of service, or possibly execute arbitrary code. This issue only \naffected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5096)\n\nIt was discovered that the PHP FastCGI Process Manager (FPM) SAPI \nincorrectly handled memory in the access logging feature. An attacker could \nuse this issue to cause PHP to crash, resulting in a denial of service, or \npossibly expose sensitive information. This issue only affected Ubuntu \n12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5114)\n\nIt was discovered that PHP would not protect applications from contents of \nthe HTTP_PROXY environment variable when based on the contents of the Proxy \nheader from HTTP requests. A remote attacker could possibly use this issue \nin combination with scripts that honour the HTTP_PROXY variable to redirect \noutgoing HTTP requests. (CVE-2016-5385)\n\nHans Jerry Illikainen discovered that the PHP bzread() function incorrectly \nperformed error handling. A remote attacker could use this issue to cause \nPHP to crash, resulting in a denial of service, or possibly execute \narbitrary code. (CVE-2016-5399)\n\nIt was discovered that certain PHP multibyte string functions incorrectly \nhandled memory. A remote attacker could use this issue to cause PHP to \ncrash, resulting in a denial of service, or possibly execute arbitrary \ncode. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-5768)\n\nIt was discovered that the PHP Mcrypt extension incorrectly handled memory. \nA remote attacker could use this issue to cause PHP to crash, resulting in \na denial of service, or possibly execute arbitrary code. This issue only \naffected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5769)\n\nIt was discovered that the PHP garbage collector incorrectly handled \ncertain objects when unserializing malicious data. A remote attacker could \nuse this issue to cause PHP to crash, resulting in a denial of service, or \npossibly execute arbitrary code. This issue was only addressed in Ubuntu \nUbuntu 14.04 LTS. (CVE-2016-5771, CVE-2016-5773)\n\nIt was discovered that PHP incorrectly handled memory when unserializing \nmalicious xml data. A remote attacker could use this issue to cause PHP to \ncrash, resulting in a denial of service, or possibly execute arbitrary \ncode. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. \n(CVE-2016-5772)\n\nIt was discovered that the PHP php_url_parse_ex() function incorrectly \nhandled string termination. A remote attacker could use this issue to cause \nPHP to crash, resulting in a denial of service, or possibly execute \narbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 \nLTS. (CVE-2016-6288)\n\nIt was discovered that PHP incorrectly handled path lengths when extracting \ncertain Zip archives. A remote attacker could use this issue to cause PHP \nto crash, resulting in a denial of service, or possibly execute arbitrary \ncode. (CVE-2016-6289)\n\nIt was discovered that PHP incorrectly handled session deserialization. A \nremote attacker could use this issue to cause PHP to crash, resulting in a \ndenial of service, or possibly execute arbitrary code. (CVE-2016-6290)\n\nIt was discovered that PHP incorrectly handled exif headers when processing \ncertain JPEG images. A remote attacker could use this issue to cause PHP to \ncrash, resulting in a denial of service, or possibly execute arbitrary \ncode. (CVE-2016-6291, CVE-2016-6292)\n\nIt was discovered that PHP incorrectly handled certain locale operations. A \nremote attacker could use this issue to cause PHP to crash, resulting in a \ndenial of service, or possibly execute arbitrary code. (CVE-2016-6294)\n\nIt was discovered that the PHP garbage collector incorrectly handled \ncertain objects when unserializing SNMP data. A remote attacker could use \nthis issue to cause PHP to crash, resulting in a denial of service, or \npossibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS \nand Ubuntu 16.04 LTS. (CVE-2016-6295)\n\nIt was discovered that the PHP xmlrpc_encode_request() function incorrectly \nhandled certain lengths. An attacker could use this issue to cause PHP to \ncrash, resulting in a denial of service, or possibly execute arbitrary \ncode. (CVE-2016-6296)\n\nIt was discovered that the PHP php_stream_zip_opener() function incorrectly \nhandled memory. An attacker could use this issue to cause PHP to crash, \nresulting in a denial of service, or possibly execute arbitrary code. \n(CVE-2016-6297)", "edition": 5, "modified": "2016-08-02T00:00:00", "published": "2016-08-02T00:00:00", "id": "USN-3045-1", "href": "https://ubuntu.com/security/notices/USN-3045-1", "title": "PHP vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:57", "bulletinFamily": "software", "cvelist": ["CVE-2016-5399", "CVE-2016-5771", "CVE-2015-8873", "CVE-2016-6288", "CVE-2016-5385", "CVE-2016-6290", "CVE-2016-5772", "CVE-2016-5768", "CVE-2016-6295", "CVE-2016-6297", "CVE-2016-6292", "CVE-2015-4116", "CVE-2016-6289", "CVE-2016-5093", "CVE-2016-5094", "CVE-2016-5769", "CVE-2016-5095", "CVE-2016-6294", "CVE-2015-8935", "CVE-2016-5096", "CVE-2016-5773", "CVE-2016-6291", "CVE-2016-5114", "CVE-2015-8876", "CVE-2016-6296"], "description": "USN-3045-1 PHP vulnerabilities\n\n# \n\nMedium\n\n# Vendor\n\nPHP\n\n# Versions Affected\n\n * Cloud Foundry PHP buildpack versions prior to 4.3.18\n * Note: The PHP buildpack is patched from upstream PHP source\n\n# Description\n\nIt was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. ([CVE-2015-4116](<http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-4116.html>))\n\nIt was discovered that PHP incorrectly handled recursive method calls. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. ([CVE-2015-8873](<http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8873.html>))\n\nIt was discovered that PHP incorrectly validated certain Exception objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2015-8876](<http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8876.html>))\n\nIt was discovered that PHP header() function performed insufficient filtering for Internet Explorer. A remote attacker could possibly use this issue to perform an XSS attack. ([CVE-2015-8935](<http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8935.html>))\n\nIt was discovered that PHP incorrectly handled certain locale operations. An attacker could use this issue to cause PHP to crash, resulting in a denial of service. ([CVE-2016-5093](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5093.html>))\n\nIt was discovered that the PHP php_html_entities() function incorrectly handled certain string lengths. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-5094](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5094.html>), [ CVE-2016-5095](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5095.html>))\n\nIt was discovered that the PHP fread() function incorrectly handled certain lengths. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-5096](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5096.html>))\n\nIt was discovered that the PHP FastCGI Process Manager (FPM) SAPI incorrectly handled memory in the access logging feature. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly expose sensitive information. ([CVE-2016-5114](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5114.html>))\n\nIt was discovered that PHP would not protect applications from contents of the HTTP_PROXY environment variable when based on the contents of the Proxy header from HTTP requests. A remote attacker could possibly use this issue in combination with scripts that honour the HTTP_PROXY variable to redirect outgoing HTTP requests. ([CVE-2016-5385](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5385.html>))\n\nHans Jerry Illikainen discovered that the PHP bzread() function incorrectly performed error handling. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-5399](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5399.html>))\n\nIt was discovered that certain PHP multibyte string functions incorrectly handled memory. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-5768](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5768.html>))\n\nIt was discovered that the PHP Mcrypt extension incorrectly handled memory. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-5769](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5769.html>))\n\nIt was discovered that the PHP garbage collector incorrectly handled certain objects when unserializing malicious data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-5771](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5771.html>), [CVE-2016-5773](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5773.html>))\n\nIt was discovered that PHP incorrectly handled memory when unserializing malicious xml data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-5772](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5772.html>))\n\nIt was discovered that the PHP php_url_parse_ex() function incorrectly handled string termination. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-6288](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6288.html>))\n\nIt was discovered that PHP incorrectly handled path lengths when extracting certain Zip archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-6289](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6289.html>))\n\nIt was discovered that PHP incorrectly handled session deserialization. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-6290](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6290.html>))\n\nIt was discovered that PHP incorrectly handled exif headers when processing certain JPEG images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-6291](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6291.html>),[ CVE-2016-6292](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6292.html>))\n\nIt was discovered that PHP incorrectly handled certain locale operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-6294](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6294.html>))\n\nIt was discovered that the PHP garbage collector incorrectly handled certain objects when unserializing SNMP data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-6295](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6295.html>))\n\nIt was discovered that the PHP xmlrpc_encode_request() function incorrectly handled certain lengths. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-6296](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6296.html>))\n\nIt was discovered that the PHP php_stream_zip_opener() function incorrectly handled memory. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. ([CVE-2016-6297](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6297.html>))\n\n# Affected Products and Versions\n\n * Cloud Foundry PHP buildpack versions prior to 4.3.18\n\n# Mitigation\n\nUsers of affected versions should apply the following mitigation:\n\n * For existing deployments, upgrade the PHP Buildpack to v4.3.18 or later [2] and restage all applications that use automated buildpack detection.\n\n# Credit\n\nHans Jerry Illikainen et. al.\n\n# References\n\n * [1] <http://www.ubuntu.com/usn/usn-3045-1/>\n * [2] <https://github.com/cloudfoundry/php-buildpack/releases>\n", "edition": 5, "modified": "2016-09-09T00:00:00", "published": "2016-09-09T00:00:00", "id": "CFOUNDRY:0207AE2406224805196D7BD19402D596", "href": "https://www.cloudfoundry.org/blog/usn-3045-1/", "title": "USN-3045-1 PHP vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5766", "CVE-2016-5767", "CVE-2016-5768", "CVE-2016-5769", "CVE-2016-5770", "CVE-2016-5771", "CVE-2016-5772"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server. ", "modified": "2016-07-02T15:45:25", "published": "2016-07-02T15:45:25", "id": "FEDORA:1851F608780A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: php-5.6.23-1.fc24", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5766", "CVE-2016-5767", "CVE-2016-5768", "CVE-2016-5769", "CVE-2016-5770", "CVE-2016-5771", "CVE-2016-5772"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server. ", "modified": "2016-07-02T19:34:49", "published": "2016-07-02T19:34:49", "id": "FEDORA:D4D5A605E1F0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: php-5.6.23-1.fc23", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5766", "CVE-2016-5767", "CVE-2016-5768", "CVE-2016-5769", "CVE-2016-5770", "CVE-2016-5771", "CVE-2016-5772"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server. ", "modified": "2016-07-02T19:28:47", "published": "2016-07-02T19:28:47", "id": "FEDORA:4BD9160779B7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: php-5.6.23-1.fc22", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8874", "CVE-2016-5766", "CVE-2016-5767"], "description": "The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the formats accepted for inline images by most browsers. Note that gd is not a paint program. ", "modified": "2016-06-27T18:41:03", "published": "2016-06-27T18:41:03", "id": "FEDORA:BB1106070D49", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: gd-2.2.2-1.fc24", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2020-10-22T17:13:42", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5399", "CVE-2016-5385", "CVE-2016-5768", "CVE-2016-5766", "CVE-2016-5767"], "description": "[5.4.16-42]\n- bz2: fix improper error handling in bzread() CVE-2016-5399\n[5.4.16-41]\n- gd: fix integer overflow in _gd2GetHeader() resulting in\n heap overflow CVE-2016-5766\n- gd: fix integer overflow in gdImagePaletteToTrueColor()\n resulting in heap overflow CVE-2016-5767\n- mbstring: fix double free in _php_mb_regex_ereg_replace_exec\n CVE-2016-5768\n[5.4.16-40]\n- don't set environmental variable based on user supplied Proxy\n request header CVE-2016-5385\n[5.4.16-39]\n- fix segmentation fault in header_register_callback #1344578\n[5.4.16-38]\n- curl: add options to enable TLS #1291667\n- mysqli: fix segfault in mysqli_stmt::bind_result() when\n link is closed #1096800\n- fpm: fix incorrectly defined SCRIPT_NAME variable when\n using Apache #1138563\n- core: fix segfault when a zend_extension is loaded twice #1289457\n- openssl: change default_md algo from MD5 to SHA1 #1073388\n- wddx: fix segfault in php_wddx_serialize_var #1131979\n[5.4.16-37]\n- session: fix segfault in session with rfc1867 #1297179", "edition": 5, "modified": "2016-11-09T00:00:00", "published": "2016-11-09T00:00:00", "id": "ELSA-2016-2598", "href": "http://linux.oracle.com/errata/ELSA-2016-2598.html", "title": "php security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2020-10-25T16:36:23", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5766", "CVE-2016-5767", "CVE-2016-5768", "CVE-2016-5769", "CVE-2016-5770", "CVE-2016-5771", "CVE-2016-5772", "CVE-2016-5773"], "description": "New php packages are available for Slackware 14.0, 14.1, and -current to\nfix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/php-5.6.23-i486-1_slack14.1.txz: Upgraded.\n This release fixes bugs and security issues.\n For more information, see:\n http://php.net/ChangeLog-5.php#5.6.23\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5769\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5770\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5771\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5772\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5773\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.6.23-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.6.23-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.6.23-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.6.23-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.23-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.23-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\na51eef975745d34e53d7e4ad557a30bd php-5.6.23-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n570eba652e318a534b295eae365ec618 php-5.6.23-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\na5dc5f87f125fb81751d24e1d3186e85 php-5.6.23-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n2060624414855fedcb573dc606af1fdb php-5.6.23-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n6560a5b693dd9ff900a1ba14af2f4e24 n/php-5.6.23-i586-1.txz\n\nSlackware x86_64 -current package:\nd4f24a63d270bd5c1f841bdfa226eb25 n/php-5.6.23-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg php-5.6.23-i486-1_slack14.1.txz\n\nThen, restart Apache httpd:\n > /etc/rc.d/rc.httpd stop\n > /etc/rc.d/rc.httpd start", "modified": "2016-06-24T23:46:10", "published": "2016-06-24T23:46:10", "id": "SSA-2016-176-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.418295", "type": "slackware", "title": "[slackware-security] php", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:37:33", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5771", "CVE-2016-5385", "CVE-2016-5772", "CVE-2016-5770", "CVE-2016-5768", "CVE-2015-8874", "CVE-2016-5769", "CVE-2016-5773", "CVE-2016-5766", "CVE-2016-5767"], "description": "**Issue Overview:**\n\nA stack consumption vulnerability in GD in PHP allows remote attackers to cause a denial of service via a crafted imagefilltoborder call. ([CVE-2015-8874 __](<https://access.redhat.com/security/cve/CVE-2015-8874>))\n\nAn integer overflow, leading to a heap-based buffer overflow was found in the imagecreatefromgd2() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application, using gd via a specially crafted GD2 image. ([CVE-2016-5766 __](<https://access.redhat.com/security/cve/CVE-2016-5766>))\n\nAn integer overflow, leading to a heap-based buffer overflow was found in the gdImagePaletteToTrueColor() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application, using gd via a specially crafted image buffer. ([CVE-2016-5767 __](<https://access.redhat.com/security/cve/CVE-2016-5767>))\n\nA double free flaw was found in the mb_ereg_replace_callback() function of php which is used to perform regex search. This flaw could possibly cause a PHP application to crash. ([CVE-2016-5768 __](<https://access.redhat.com/security/cve/CVE-2016-5768>))\n\nThe mcrypt_generic() and mdecrypt_generic() functions are prone to integer overflows, resulting in a heap-based overflow. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application. ([CVE-2016-5769 __](<https://access.redhat.com/security/cve/CVE-2016-5769>))\n\nA type confusion issue was found in the SPLFileObject fread() function. A remote attacker able to submit a specially crafted input to a PHP application, which uses this function, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application. ([CVE-2016-5770 __](<https://access.redhat.com/security/cve/CVE-2016-5770>))\n\nA use-after-free vulnerability that can occur when calling unserialize() on untrusted input was discovered. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application if the application unserializes untrusted input. ([CVE-2016-5771 __](<https://access.redhat.com/security/cve/CVE-2016-5771>), [CVE-2016-5773 __](<https://access.redhat.com/security/cve/CVE-2016-5773>))\n\nA double free can occur in wddx_deserialize() when trying to deserialize malicious XML input from user's request. This flaw could possibly cause a PHP application to crash. ([CVE-2016-5772 __](<https://access.redhat.com/security/cve/CVE-2016-5772>))\n\nIt was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request. ([CVE-2016-5385 __](<https://access.redhat.com/security/cve/CVE-2016-5385>))\n\n(Updated on 2016-08-17: [CVE-2016-5385 __](<https://access.redhat.com/security/cve/CVE-2016-5385>) was fixed in this release but was not previously part of this errata)\n\n \n**Affected Packages:** \n\n\nphp55, php56\n\n \n**Issue Correction:** \nRun _yum update php55_ to update your system. \nRun _yum update php56_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n php55-mbstring-5.5.38-1.116.amzn1.i686 \n php55-tidy-5.5.38-1.116.amzn1.i686 \n php55-cli-5.5.38-1.116.amzn1.i686 \n php55-xmlrpc-5.5.38-1.116.amzn1.i686 \n php55-pdo-5.5.38-1.116.amzn1.i686 \n php55-debuginfo-5.5.38-1.116.amzn1.i686 \n php55-opcache-5.5.38-1.116.amzn1.i686 \n php55-odbc-5.5.38-1.116.amzn1.i686 \n php55-recode-5.5.38-1.116.amzn1.i686 \n php55-enchant-5.5.38-1.116.amzn1.i686 \n php55-dba-5.5.38-1.116.amzn1.i686 \n php55-fpm-5.5.38-1.116.amzn1.i686 \n php55-embedded-5.5.38-1.116.amzn1.i686 \n php55-gmp-5.5.38-1.116.amzn1.i686 \n php55-soap-5.5.38-1.116.amzn1.i686 \n php55-mcrypt-5.5.38-1.116.amzn1.i686 \n php55-pgsql-5.5.38-1.116.amzn1.i686 \n php55-imap-5.5.38-1.116.amzn1.i686 \n php55-pspell-5.5.38-1.116.amzn1.i686 \n php55-snmp-5.5.38-1.116.amzn1.i686 \n php55-5.5.38-1.116.amzn1.i686 \n php55-ldap-5.5.38-1.116.amzn1.i686 \n php55-xml-5.5.38-1.116.amzn1.i686 \n php55-devel-5.5.38-1.116.amzn1.i686 \n php55-bcmath-5.5.38-1.116.amzn1.i686 \n php55-mysqlnd-5.5.38-1.116.amzn1.i686 \n php55-common-5.5.38-1.116.amzn1.i686 \n php55-process-5.5.38-1.116.amzn1.i686 \n php55-mssql-5.5.38-1.116.amzn1.i686 \n php55-gd-5.5.38-1.116.amzn1.i686 \n php55-intl-5.5.38-1.116.amzn1.i686 \n php56-5.6.24-1.126.amzn1.i686 \n php56-embedded-5.6.24-1.126.amzn1.i686 \n php56-intl-5.6.24-1.126.amzn1.i686 \n php56-cli-5.6.24-1.126.amzn1.i686 \n php56-gd-5.6.24-1.126.amzn1.i686 \n php56-soap-5.6.24-1.126.amzn1.i686 \n php56-fpm-5.6.24-1.126.amzn1.i686 \n php56-tidy-5.6.24-1.126.amzn1.i686 \n php56-snmp-5.6.24-1.126.amzn1.i686 \n php56-enchant-5.6.24-1.126.amzn1.i686 \n php56-mbstring-5.6.24-1.126.amzn1.i686 \n php56-debuginfo-5.6.24-1.126.amzn1.i686 \n php56-gmp-5.6.24-1.126.amzn1.i686 \n php56-dbg-5.6.24-1.126.amzn1.i686 \n php56-mssql-5.6.24-1.126.amzn1.i686 \n php56-bcmath-5.6.24-1.126.amzn1.i686 \n php56-pspell-5.6.24-1.126.amzn1.i686 \n php56-opcache-5.6.24-1.126.amzn1.i686 \n php56-ldap-5.6.24-1.126.amzn1.i686 \n php56-common-5.6.24-1.126.amzn1.i686 \n php56-imap-5.6.24-1.126.amzn1.i686 \n php56-process-5.6.24-1.126.amzn1.i686 \n php56-recode-5.6.24-1.126.amzn1.i686 \n php56-pgsql-5.6.24-1.126.amzn1.i686 \n php56-devel-5.6.24-1.126.amzn1.i686 \n php56-mcrypt-5.6.24-1.126.amzn1.i686 \n php56-xmlrpc-5.6.24-1.126.amzn1.i686 \n php56-odbc-5.6.24-1.126.amzn1.i686 \n php56-pdo-5.6.24-1.126.amzn1.i686 \n php56-xml-5.6.24-1.126.amzn1.i686 \n php56-dba-5.6.24-1.126.amzn1.i686 \n php56-mysqlnd-5.6.24-1.126.amzn1.i686 \n \n src: \n php55-5.5.38-1.116.amzn1.src \n php56-5.6.24-1.126.amzn1.src \n \n x86_64: \n php55-odbc-5.5.38-1.116.amzn1.x86_64 \n php55-mysqlnd-5.5.38-1.116.amzn1.x86_64 \n php55-cli-5.5.38-1.116.amzn1.x86_64 \n php55-soap-5.5.38-1.116.amzn1.x86_64 \n php55-mssql-5.5.38-1.116.amzn1.x86_64 \n php55-pgsql-5.5.38-1.116.amzn1.x86_64 \n php55-gmp-5.5.38-1.116.amzn1.x86_64 \n php55-xmlrpc-5.5.38-1.116.amzn1.x86_64 \n php55-mcrypt-5.5.38-1.116.amzn1.x86_64 \n php55-opcache-5.5.38-1.116.amzn1.x86_64 \n php55-5.5.38-1.116.amzn1.x86_64 \n php55-ldap-5.5.38-1.116.amzn1.x86_64 \n php55-enchant-5.5.38-1.116.amzn1.x86_64 \n php55-process-5.5.38-1.116.amzn1.x86_64 \n php55-fpm-5.5.38-1.116.amzn1.x86_64 \n php55-mbstring-5.5.38-1.116.amzn1.x86_64 \n php55-tidy-5.5.38-1.116.amzn1.x86_64 \n php55-xml-5.5.38-1.116.amzn1.x86_64 \n php55-devel-5.5.38-1.116.amzn1.x86_64 \n php55-pdo-5.5.38-1.116.amzn1.x86_64 \n php55-intl-5.5.38-1.116.amzn1.x86_64 \n php55-dba-5.5.38-1.116.amzn1.x86_64 \n php55-gd-5.5.38-1.116.amzn1.x86_64 \n php55-recode-5.5.38-1.116.amzn1.x86_64 \n php55-imap-5.5.38-1.116.amzn1.x86_64 \n php55-debuginfo-5.5.38-1.116.amzn1.x86_64 \n php55-snmp-5.5.38-1.116.amzn1.x86_64 \n php55-common-5.5.38-1.116.amzn1.x86_64 \n php55-pspell-5.5.38-1.116.amzn1.x86_64 \n php55-bcmath-5.5.38-1.116.amzn1.x86_64 \n php55-embedded-5.5.38-1.116.amzn1.x86_64 \n php56-ldap-5.6.24-1.126.amzn1.x86_64 \n php56-gmp-5.6.24-1.126.amzn1.x86_64 \n php56-odbc-5.6.24-1.126.amzn1.x86_64 \n php56-common-5.6.24-1.126.amzn1.x86_64 \n php56-xml-5.6.24-1.126.amzn1.x86_64 \n php56-mbstring-5.6.24-1.126.amzn1.x86_64 \n php56-intl-5.6.24-1.126.amzn1.x86_64 \n php56-opcache-5.6.24-1.126.amzn1.x86_64 \n php56-snmp-5.6.24-1.126.amzn1.x86_64 \n php56-mssql-5.6.24-1.126.amzn1.x86_64 \n php56-xmlrpc-5.6.24-1.126.amzn1.x86_64 \n php56-embedded-5.6.24-1.126.amzn1.x86_64 \n php56-5.6.24-1.126.amzn1.x86_64 \n php56-pdo-5.6.24-1.126.amzn1.x86_64 \n php56-pgsql-5.6.24-1.126.amzn1.x86_64 \n php56-soap-5.6.24-1.126.amzn1.x86_64 \n php56-bcmath-5.6.24-1.126.amzn1.x86_64 \n php56-cli-5.6.24-1.126.amzn1.x86_64 \n php56-tidy-5.6.24-1.126.amzn1.x86_64 \n php56-recode-5.6.24-1.126.amzn1.x86_64 \n php56-debuginfo-5.6.24-1.126.amzn1.x86_64 \n php56-pspell-5.6.24-1.126.amzn1.x86_64 \n php56-imap-5.6.24-1.126.amzn1.x86_64 \n php56-mcrypt-5.6.24-1.126.amzn1.x86_64 \n php56-dba-5.6.24-1.126.amzn1.x86_64 \n php56-dbg-5.6.24-1.126.amzn1.x86_64 \n php56-process-5.6.24-1.126.amzn1.x86_64 \n php56-fpm-5.6.24-1.126.amzn1.x86_64 \n php56-enchant-5.6.24-1.126.amzn1.x86_64 \n php56-gd-5.6.24-1.126.amzn1.x86_64 \n php56-mysqlnd-5.6.24-1.126.amzn1.x86_64 \n php56-devel-5.6.24-1.126.amzn1.x86_64 \n \n \n", "edition": 5, "modified": "2016-08-01T13:30:00", "published": "2016-08-01T13:30:00", "id": "ALAS-2016-728", "href": "https://alas.aws.amazon.com/ALAS-2016-728.html", "title": "Medium: php55, php56", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "hackerone": [{"lastseen": "2018-08-31T00:39:16", "bulletinFamily": "bugbounty", "bounty": 0.0, "cvelist": ["CVE-2015-8935"], "description": "Hi,\nI noticed that the `redirect_uri` used to redirect users to any location on the page, passes in all data into a `header(\"Location..` without any validation. The problem is that PHP (current PHP-versions of Debian/Ubuntu, there seem to be a patch properly in place in other dists) actually built the header-function according to RFC1945 which says:\n\n```\nHTTP/1.0 headers may be folded onto multiple lines if each\ncontinuation line begins with a space or horizontal tab. All linear\nwhitespace, including folding, has the same semantics as SP.\n```\nRef: https://tools.ietf.org/html/rfc1945#page-11\n\nThis means that doing the following request:\n\nhttp://nextcloud/index.php?redirect_url=/%3f%0d%0a%09set-cookie:+hello=yoyoo\n\nWill result in the following response:\n```\nLocation: http://nextcloud/?\n\tset-cookie: hello=yoyoo\n```\n\nThe problem is that IE is actually not caring at all about that rule from RFC1945 and will strip the tab-character from that header and listen to it:\n\n{F99965}\n\nYou should most likely disallow this character sequence completely so the failed backported versions of PHP won't do this. Properly secured PHP versions will fail doing the request due to new-lines in the header.\n\nRegards,\nFrans", "modified": "2016-08-17T07:27:52", "published": "2016-06-17T13:20:10", "id": "H1:145392", "href": "https://hackerone.com/reports/145392", "type": "hackerone", "title": "Nextcloud: Response Header injection using redirect_uri together with PHP that utilizes Header Folding according to RFC1945 and Internet Explorer 11", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}
