Vulnerabilities > CVE-2009-2626 - Unspecified vulnerability in PHP

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
php
nessus
exploit available

Summary

The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable.

Vulnerable Configurations

Part Description Count
Application
Php
369

Exploit-Db

  • descriptionPHP 5.2.10/5.3 'ini_restore()' Memory Information Disclosure Vulnerability (2). CVE-2009-2626. Remote exploit for php platform
    idEDB-ID:33163
    last seen2016-02-03
    modified2009-08-10
    published2009-08-10
    reporterMaksymilian Arciemowicz
    sourcehttps://www.exploit-db.com/download/33163/
    titlePHP 5.2.10/5.3 - 'ini_restore' Memory Information Disclosure Vulnerability 2
  • descriptionPHP 'ini_restore()' Memory Information Disclosure Vulnerability. CVE-2009-2626. Local exploit for php platform
    idEDB-ID:10296
    last seen2016-02-01
    modified2009-12-03
    published2009-12-03
    reporterMaksymilian Arciemowicz
    sourcehttps://www.exploit-db.com/download/10296/
    titlePHP 'ini_restore' Memory Information Disclosure Vulnerability
  • descriptionPHP 5.2.10/5.3 'ini_restore()' Memory Information Disclosure Vulnerability (1). CVE-2009-2626. Remote exploit for php platform
    idEDB-ID:33162
    last seen2016-02-03
    modified2009-08-10
    published2009-08-10
    reporterMaksymilian Arciemowicz
    sourcehttps://www.exploit-db.com/download/33162/
    titlePHP 5.2.10/5.3 - 'ini_restore' Memory Information Disclosure Vulnerability 1

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2010-008.NASL
    descriptionMultiple vulnerabilities has been found and corrected in php : The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable (CVE-2009-2626). The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character (CVE-2009-4142). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id44041
    published2010-01-18
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44041
    titleMandriva Linux Security Advisory : php (MDVSA-2010:008)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2010:008. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44041);
      script_version("1.12");
      script_cvs_date("Date: 2019/08/02 13:32:53");
    
      script_cve_id("CVE-2009-2626", "CVE-2009-4142");
      script_xref(name:"MDVSA", value:"2010:008");
    
      script_name(english:"Mandriva Linux Security Advisory : php (MDVSA-2010:008)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple vulnerabilities has been found and corrected in php :
    
    The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0,
    5.2.10, and earlier versions allows context-specific attackers to
    obtain sensitive information (memory contents) and cause a PHP crash
    by using the ini_set function to declare a variable, then using the
    ini_restore function to restore the variable (CVE-2009-2626).
    
    The htmlspecialchars function in PHP before 5.2.12 does not properly
    handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences,
    and (3) invalid EUC-JP sequences, which allows remote attackers to
    conduct cross-site scripting (XSS) attacks by placing a crafted byte
    sequence before a special character (CVE-2009-4142).
    
    Packages for 2008.0 are provided for Corporate Desktop 2008.0
    customers.
    
    The updated packages have been patched to correct these issues."
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
      script_cwe_id(79);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64php5_common5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libphp5_common5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-cgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-dbase");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-fcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-filter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-hash");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mhash");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mime_magic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ming");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mssql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mysqli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ncurses");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_dblib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-readline");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-recode");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-session");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-simplexml");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sybase");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xml");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-zlib");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/15");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/18");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64php5_common5-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libphp5_common5-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-bcmath-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-bz2-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-calendar-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-cgi-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-cli-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-ctype-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-curl-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-dba-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-dbase-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-devel-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-dom-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-exif-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-fcgi-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-filter-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-ftp-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-gd-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-gettext-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-gmp-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-hash-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-iconv-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-imap-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-json-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-ldap-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-mbstring-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-mcrypt-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-mhash-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-mime_magic-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-ming-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-mssql-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-mysql-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-mysqli-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-ncurses-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-odbc-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-openssl-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-pcntl-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-pdo-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-pdo_dblib-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-pdo_mysql-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-pdo_odbc-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-pdo_pgsql-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-pdo_sqlite-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-pgsql-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-posix-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-pspell-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-readline-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-recode-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-session-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-shmop-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-simplexml-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-snmp-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-soap-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-sockets-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-sqlite-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-sysvmsg-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-sysvsem-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-sysvshm-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-tidy-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-tokenizer-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-wddx-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-xml-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-xmlreader-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-xmlrpc-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-xmlwriter-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-xsl-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-zlib-5.2.4-3.7mdv2008.0", yank:"mdv")) flag++;
    
    if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64php5_common5-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libphp5_common5-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-bcmath-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-bz2-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-calendar-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-cgi-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-cli-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-ctype-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-curl-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-dba-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-dbase-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-devel-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-dom-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-exif-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-fcgi-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-filter-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-ftp-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-gd-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-gettext-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-gmp-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-hash-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-iconv-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-imap-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-json-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-ldap-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-mbstring-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-mcrypt-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-mhash-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-mime_magic-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-ming-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-mssql-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-mysql-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-mysqli-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-ncurses-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-odbc-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-openssl-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-pcntl-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-pdo-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-pdo_dblib-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-pdo_mysql-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-pdo_odbc-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-pdo_pgsql-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-pdo_sqlite-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-pgsql-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-posix-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-pspell-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-readline-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-recode-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-session-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-shmop-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-snmp-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-soap-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-sockets-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-sqlite-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-sybase-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-sysvmsg-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-sysvsem-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-sysvshm-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-tidy-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-tokenizer-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-wddx-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-xml-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-xmlreader-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-xmlrpc-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-xmlwriter-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-xsl-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"php-zlib-5.2.6-18.10mdv2009.0", yank:"mdv")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201001-03.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201001-03 (PHP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below and the associated PHP release notes for details. Impact : A context-dependent attacker could execute arbitrary code via a specially crafted string containing an HTML entity when the mbstring extension is enabled. Furthermore a remote attacker could execute arbitrary code via a specially crafted GD graphics file. A remote attacker could also cause a Denial of Service via a malformed string passed to the json_decode() function, via a specially crafted ZIP file passed to the php_zip_make_relative_path() function, via a malformed JPEG image passed to the exif_read_data() function, or via temporary file exhaustion. It is also possible for an attacker to spoof certificates, bypass various safe_mode and open_basedir restrictions when certain criteria are met, perform Cross-site scripting attacks, more easily perform SQL injection attacks, manipulate settings of other virtual hosts on the same server via a malicious .htaccess entry when running on Apache, disclose memory portions, and write arbitrary files via a specially crafted ZIP archive. Some vulnerabilities with unknown impact and attack vectors have been reported as well. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id44892
    published2010-02-25
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/44892
    titleGLSA-201001-03 : PHP: Multiple vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201001-03.
    #
    # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44892);
      script_version("1.17");
      script_cvs_date("Date: 2019/08/02 13:32:45");
    
      script_cve_id("CVE-2008-5498", "CVE-2008-5514", "CVE-2008-5557", "CVE-2008-5624", "CVE-2008-5625", "CVE-2008-5658", "CVE-2008-5814", "CVE-2008-5844", "CVE-2008-7002", "CVE-2009-0754", "CVE-2009-1271", "CVE-2009-1272", "CVE-2009-2626", "CVE-2009-2687", "CVE-2009-3291", "CVE-2009-3292", "CVE-2009-3293", "CVE-2009-3546", "CVE-2009-3557", "CVE-2009-3558", "CVE-2009-4017", "CVE-2009-4142", "CVE-2009-4143");
      script_bugtraq_id(32625, 32948, 32958, 33002, 33542, 35440, 36449, 36712, 37079, 37390);
      script_xref(name:"GLSA", value:"201001-03");
    
      script_name(english:"GLSA-201001-03 : PHP: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201001-03
    (PHP: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in PHP. Please review the
        CVE identifiers referenced below and the associated PHP release notes
        for details.
      
    Impact :
    
        A context-dependent attacker could execute arbitrary code via a
        specially crafted string containing an HTML entity when the mbstring
        extension is enabled. Furthermore a remote attacker could execute
        arbitrary code via a specially crafted GD graphics file.
        A remote attacker could also cause a Denial of Service via a malformed
        string passed to the json_decode() function, via a specially crafted
        ZIP file passed to the php_zip_make_relative_path() function, via a
        malformed JPEG image passed to the exif_read_data() function, or via
        temporary file exhaustion. It is also possible for an attacker to spoof
        certificates, bypass various safe_mode and open_basedir restrictions
        when certain criteria are met, perform Cross-site scripting attacks,
        more easily perform SQL injection attacks, manipulate settings of other
        virtual hosts on the same server via a malicious .htaccess entry when
        running on Apache, disclose memory portions, and write arbitrary files
        via a specially crafted ZIP archive. Some vulnerabilities with unknown
        impact and attack vectors have been reported as well.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/200911-03"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201001-03"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All PHP users should upgrade to the latest version. As PHP is
        statically linked against a vulnerable version of the c-client library
        when the imap or kolab USE flag is enabled (GLSA 200911-03), users
        should upgrade net-libs/c-client beforehand:
        # emerge --sync
        # emerge --ask --oneshot --verbose '>=net-libs/c-client-2007e'
        # emerge --ask --oneshot --verbose '>=dev-lang/php-5.2.12'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(16, 20, 22, 79, 119, 134, 200, 264);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:php");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/25");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"dev-lang/php", unaffected:make_list("ge 5.2.12"), vulnerable:make_list("lt 5.2.12"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "PHP");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_APACHE2-MOD_PHP5-6846.NASL
    descriptionThis update of PHP5 fixes : - CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264) CVE-2008-5814: CVSS v2 Base Score: 2.6 (LOW) (AV:N/AC:H/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79) CVE-2009-2626: CVSS v2 Base Score: 6.4 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:P): Other (CWE-Other) CVE-2009-2687: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input Validation (CWE-20) CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate) (AV:L/AC:M/Au:N/C:P/I:P/A:P): Other (CWE-Other) CVE-2009-4017: CVSS v2 Base Score: 5.0 (moderate) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Other (CWE-Other) CVE-2009-4142: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS). (CWE-79). (CVE-2008-5624: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264))
    last seen2020-06-01
    modified2020-06-02
    plugin id44687
    published2010-02-23
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44687
    titleSuSE 10 Security Update : PHP5 (ZYPP Patch Number 6846)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44687);
      script_version ("1.11");
      script_cvs_date("Date: 2019/10/25 13:36:40");
    
      script_cve_id("CVE-2008-5624", "CVE-2008-5625", "CVE-2008-5814", "CVE-2009-2626", "CVE-2009-2687", "CVE-2009-3546", "CVE-2009-4017", "CVE-2009-4142");
    
      script_name(english:"SuSE 10 Security Update : PHP5 (ZYPP Patch Number 6846)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of PHP5 fixes :
    
      - CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH)
        (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges,
        and Access Control (CWE-264) CVE-2008-5814: CVSS v2 Base
        Score: 2.6 (LOW) (AV:N/AC:H/Au:N/C:N/I:P/A:N):
        Cross-Site Scripting (XSS) (CWE-79) CVE-2009-2626: CVSS
        v2 Base Score: 6.4 (MEDIUM)
        (AV:N/AC:L/Au:N/C:P/I:N/A:P): Other (CWE-Other)
        CVE-2009-2687: CVSS v2 Base Score: 4.3 (MEDIUM)
        (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input Validation (CWE-20)
        CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate)
        (AV:L/AC:M/Au:N/C:P/I:P/A:P): Other (CWE-Other)
        CVE-2009-4017: CVSS v2 Base Score: 5.0 (moderate)
        (AV:N/AC:L/Au:N/C:N/I:N/A:P): Other (CWE-Other)
        CVE-2009-4142: CVSS v2 Base Score: 4.3 (MEDIUM)
        (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting
        (XSS). (CWE-79). (CVE-2008-5624: CVSS v2 Base Score: 7.5
        (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions,
        Privileges, and Access Control (CWE-264))"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-5624.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-5625.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-5814.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-2626.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-2687.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3546.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4017.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4142.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6846.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(20, 79, 264);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLES10", sp:2, reference:"apache2-mod_php5-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-bcmath-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-bz2-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-calendar-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-ctype-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-curl-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-dba-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-dbase-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-devel-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-dom-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-exif-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-fastcgi-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-ftp-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-gd-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-gettext-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-gmp-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-hash-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-iconv-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-imap-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-json-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-ldap-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-mbstring-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-mcrypt-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-mhash-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-mysql-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-ncurses-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-odbc-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-openssl-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-pcntl-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-pdo-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-pear-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-pgsql-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-posix-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-pspell-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-shmop-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-snmp-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-soap-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-sockets-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-sqlite-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-suhosin-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-sysvmsg-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-sysvsem-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-sysvshm-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-tokenizer-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-wddx-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-xmlreader-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-xmlrpc-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-xsl-5.2.5-9.23.3")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"php5-zlib-5.2.5-9.23.3")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-882-1.NASL
    descriptionMaksymilian Arciemowicz discovered that PHP did not properly handle the ini_restore function. An attacker could exploit this issue to obtain random memory contents or to cause the PHP server to crash, resulting in a denial of service. (CVE-2009-2626) It was discovered that the htmlspecialchars function did not properly handle certain character sequences, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. (CVE-2009-4142) Stefan Esser discovered that PHP did not properly handle session data. An attacker could exploit this issue to bypass safe_mode or open_basedir restrictions. (CVE-2009-4143). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id43897
    published2010-01-14
    reporterUbuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/43897
    titleUbuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : php5 vulnerabilities (USN-882-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-882-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(43897);
      script_version("1.13");
      script_cvs_date("Date: 2019/09/19 12:54:26");
    
      script_cve_id("CVE-2009-2626", "CVE-2009-4142", "CVE-2009-4143");
      script_bugtraq_id(37390);
      script_xref(name:"USN", value:"882-1");
    
      script_name(english:"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : php5 vulnerabilities (USN-882-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Maksymilian Arciemowicz discovered that PHP did not properly handle
    the ini_restore function. An attacker could exploit this issue to
    obtain random memory contents or to cause the PHP server to crash,
    resulting in a denial of service. (CVE-2009-2626)
    
    It was discovered that the htmlspecialchars function did not properly
    handle certain character sequences, which could result in browsers
    becoming vulnerable to cross-site scripting attacks when processing
    the output. With cross-site scripting vulnerabilities, if a user were
    tricked into viewing server output during a crafted server request, a
    remote attacker could exploit this to modify the contents, or steal
    confidential data (such as passwords), within the same domain.
    (CVE-2009-4142)
    
    Stefan Esser discovered that PHP did not properly handle session data.
    An attacker could exploit this issue to bypass safe_mode or
    open_basedir restrictions. (CVE-2009-4143).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/882-1/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(79);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5filter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php-pear");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-mhash");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-mysqli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-recode");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-sybase");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-xsl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.10");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/12/01");
      script_set_attribute(attribute:"patch_publication_date", value:"2010/01/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/14");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(6\.06|8\.04|8\.10|9\.04|9\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.06 / 8.04 / 8.10 / 9.04 / 9.10", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"6.06", pkgname:"libapache2-mod-php5", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php-pear", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-cgi", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-cli", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-common", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-curl", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-dev", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-gd", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-ldap", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-mhash", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-mysql", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-mysqli", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-odbc", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-pgsql", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-recode", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-snmp", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-sqlite", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-sybase", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-xmlrpc", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"php5-xsl", pkgver:"5.1.2-1ubuntu3.18")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"libapache2-mod-php5", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php-pear", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-cgi", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-cli", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-common", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-curl", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-dev", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-gd", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-gmp", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-ldap", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-mhash", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-mysql", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-odbc", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-pgsql", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-pspell", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-recode", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-snmp", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-sqlite", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-sybase", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-tidy", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-xmlrpc", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"php5-xsl", pkgver:"5.2.4-2ubuntu5.10")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"libapache2-mod-php5", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"libapache2-mod-php5filter", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php-pear", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-cgi", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-cli", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-common", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-curl", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-dbg", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-dev", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-gd", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-gmp", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-ldap", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-mhash", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-mysql", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-odbc", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-pgsql", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-pspell", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-recode", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-snmp", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-sqlite", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-sybase", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-tidy", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-xmlrpc", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"php5-xsl", pkgver:"5.2.6-2ubuntu4.6")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"libapache2-mod-php5", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"libapache2-mod-php5filter", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php-pear", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-cgi", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-cli", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-common", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-curl", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-dbg", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-dev", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-gd", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-gmp", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-ldap", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-mhash", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-mysql", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-odbc", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-pgsql", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-pspell", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-recode", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-snmp", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-sqlite", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-sybase", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-tidy", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-xmlrpc", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.04", pkgname:"php5-xsl", pkgver:"5.2.6.dfsg.1-3ubuntu4.5")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"libapache2-mod-php5", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"libapache2-mod-php5filter", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php-pear", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-cgi", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-cli", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-common", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-curl", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-dbg", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-dev", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-gd", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-gmp", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-ldap", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-mhash", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-mysql", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-odbc", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-pgsql", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-pspell", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-recode", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-snmp", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-sqlite", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-sybase", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-tidy", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-xmlrpc", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    if (ubuntu_check(osver:"9.10", pkgname:"php5-xsl", pkgver:"5.2.10.dfsg.1-2ubuntu6.4")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libapache2-mod-php5 / libapache2-mod-php5filter / php-pear / php5 / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_APACHE2-MOD_PHP5-100212.NASL
    descriptionThis update of php5 fixes: CVE-2008-5624: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264) CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264) CVE-2008-5814: CVSS v2 Base Score: 2.6 (LOW) (AV:N/AC:H/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79) CVE-2009-2626: CVSS v2 Base Score: 6.4 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:P): Other (CWE-Other) CVE-2009-2687: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input Validation (CWE-20) CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate) (AV:L/AC:M/Au:N/C:P/I:P/A:P): Other (CWE-Other) CVE-2009-4017: CVSS v2 Base Score: 5.0 (moderate) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Other (CWE-Other) CVE-2009-4142: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79)
    last seen2020-06-01
    modified2020-06-02
    plugin id44678
    published2010-02-23
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44678
    titleopenSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-1993)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update apache2-mod_php5-1993.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44678);
      script_version("1.10");
      script_cvs_date("Date: 2019/10/25 13:36:37");
    
      script_cve_id("CVE-2008-5624", "CVE-2008-5625", "CVE-2008-5814", "CVE-2009-2626", "CVE-2009-2687", "CVE-2009-3546", "CVE-2009-4017", "CVE-2009-4142");
    
      script_name(english:"openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-1993)");
      script_summary(english:"Check for the apache2-mod_php5-1993 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of php5 fixes: CVE-2008-5624: CVSS v2 Base Score: 7.5
    (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and
    Access Control (CWE-264) CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH)
    (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access
    Control (CWE-264) CVE-2008-5814: CVSS v2 Base Score: 2.6 (LOW)
    (AV:N/AC:H/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79)
    CVE-2009-2626: CVSS v2 Base Score: 6.4 (MEDIUM)
    (AV:N/AC:L/Au:N/C:P/I:N/A:P): Other (CWE-Other) CVE-2009-2687: CVSS v2
    Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input
    Validation (CWE-20) CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate)
    (AV:L/AC:M/Au:N/C:P/I:P/A:P): Other (CWE-Other) CVE-2009-4017: CVSS v2
    Base Score: 5.0 (moderate) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Other
    (CWE-Other) CVE-2009-4142: CVSS v2 Base Score: 4.3 (MEDIUM)
    (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=none"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=557157"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected apache2-mod_php5 packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(20, 79, 264);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dbase");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-hash");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ncurses");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.0", reference:"apache2-mod_php5-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-bcmath-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-bz2-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-calendar-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-ctype-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-curl-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-dba-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-dbase-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-devel-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-dom-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-exif-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-fastcgi-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-ftp-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-gd-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-gettext-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-gmp-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-hash-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-iconv-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-imap-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-json-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-ldap-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-mbstring-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-mcrypt-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-mysql-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-ncurses-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-odbc-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-openssl-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-pcntl-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-pdo-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-pear-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-pgsql-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-posix-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-pspell-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-readline-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-shmop-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-snmp-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-soap-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-sockets-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-sqlite-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-suhosin-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-sysvmsg-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-sysvsem-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-sysvshm-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-tidy-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-tokenizer-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-wddx-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-xmlreader-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-xmlrpc-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-xmlwriter-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-xsl-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-zip-5.2.12-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"php5-zlib-5.2.12-0.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php5");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_APACHE2-MOD_PHP5-100212.NASL
    descriptionThis update of php5 fixes: CVE-2008-5624: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264) CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264) CVE-2008-5814: CVSS v2 Base Score: 2.6 (LOW) (AV:N/AC:H/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79) CVE-2009-2626: CVSS v2 Base Score: 6.4 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:P): Other (CWE-Other) CVE-2009-2687: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input Validation (CWE-20) CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate) (AV:L/AC:M/Au:N/C:P/I:P/A:P): Other (CWE-Other) CVE-2009-4017: CVSS v2 Base Score: 5.0 (moderate) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Other (CWE-Other) CVE-2009-4142: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79)
    last seen2020-06-01
    modified2020-06-02
    plugin id44680
    published2010-02-23
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44680
    titleopenSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-1993)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update apache2-mod_php5-1993.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44680);
      script_version("1.10");
      script_cvs_date("Date: 2019/10/25 13:36:37");
    
      script_cve_id("CVE-2008-5624", "CVE-2008-5625", "CVE-2008-5814", "CVE-2009-2626", "CVE-2009-2687", "CVE-2009-3546", "CVE-2009-4017", "CVE-2009-4142");
    
      script_name(english:"openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-1993)");
      script_summary(english:"Check for the apache2-mod_php5-1993 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of php5 fixes: CVE-2008-5624: CVSS v2 Base Score: 7.5
    (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and
    Access Control (CWE-264) CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH)
    (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access
    Control (CWE-264) CVE-2008-5814: CVSS v2 Base Score: 2.6 (LOW)
    (AV:N/AC:H/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79)
    CVE-2009-2626: CVSS v2 Base Score: 6.4 (MEDIUM)
    (AV:N/AC:L/Au:N/C:P/I:N/A:P): Other (CWE-Other) CVE-2009-2687: CVSS v2
    Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input
    Validation (CWE-20) CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate)
    (AV:L/AC:M/Au:N/C:P/I:P/A:P): Other (CWE-Other) CVE-2009-4017: CVSS v2
    Base Score: 5.0 (moderate) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Other
    (CWE-Other) CVE-2009-4142: CVSS v2 Base Score: 4.3 (MEDIUM)
    (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=none"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=557157"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected apache2-mod_php5 packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(20, 79, 264);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dbase");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-hash");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ncurses");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.1", reference:"apache2-mod_php5-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-bcmath-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-bz2-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-calendar-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-ctype-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-curl-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-dba-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-dbase-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-devel-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-dom-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-exif-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-fastcgi-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-ftp-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-gd-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-gettext-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-gmp-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-hash-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-iconv-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-imap-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-json-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-ldap-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-mbstring-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-mcrypt-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-mysql-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-ncurses-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-odbc-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-openssl-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-pcntl-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-pdo-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-pear-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-pgsql-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-posix-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-pspell-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-readline-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-shmop-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-snmp-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-soap-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-sockets-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-sqlite-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-suhosin-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-sysvmsg-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-sysvsem-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-sysvshm-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-tidy-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-tokenizer-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-wddx-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-xmlreader-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-xmlrpc-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-xmlwriter-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-xsl-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-zip-5.2.12-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.1", reference:"php5-zlib-5.2.12-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php5");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_APACHE2-MOD_PHP5-100215.NASL
    descriptionThis update of php5 fixes: CVE-2008-5624: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264) CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264) CVE-2008-5814: CVSS v2 Base Score: 2.6 (LOW) (AV:N/AC:H/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79) CVE-2009-2626: CVSS v2 Base Score: 6.4 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:P): Other (CWE-Other) CVE-2009-2687: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input Validation (CWE-20) CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate) (AV:L/AC:M/Au:N/C:P/I:P/A:P): Other (CWE-Other) CVE-2009-4017: CVSS v2 Base Score: 5.0 (moderate) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Other (CWE-Other) CVE-2009-4142: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79)
    last seen2020-06-01
    modified2020-06-02
    plugin id44683
    published2010-02-23
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44683
    titleopenSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-1993)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update apache2-mod_php5-1993.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44683);
      script_version("1.10");
      script_cvs_date("Date: 2019/10/25 13:36:38");
    
      script_cve_id("CVE-2008-5624", "CVE-2008-5625", "CVE-2008-5814", "CVE-2009-2626", "CVE-2009-2687", "CVE-2009-3546", "CVE-2009-4017", "CVE-2009-4142");
    
      script_name(english:"openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-1993)");
      script_summary(english:"Check for the apache2-mod_php5-1993 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of php5 fixes: CVE-2008-5624: CVSS v2 Base Score: 7.5
    (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and
    Access Control (CWE-264) CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH)
    (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access
    Control (CWE-264) CVE-2008-5814: CVSS v2 Base Score: 2.6 (LOW)
    (AV:N/AC:H/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79)
    CVE-2009-2626: CVSS v2 Base Score: 6.4 (MEDIUM)
    (AV:N/AC:L/Au:N/C:P/I:N/A:P): Other (CWE-Other) CVE-2009-2687: CVSS v2
    Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input
    Validation (CWE-20) CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate)
    (AV:L/AC:M/Au:N/C:P/I:P/A:P): Other (CWE-Other) CVE-2009-4017: CVSS v2
    Base Score: 5.0 (moderate) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Other
    (CWE-Other) CVE-2009-4142: CVSS v2 Base Score: 4.3 (MEDIUM)
    (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=none"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=557157"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected apache2-mod_php5 packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(20, 79, 264);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-hash");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/15");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.2", reference:"apache2-mod_php5-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-bcmath-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-bz2-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-calendar-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-ctype-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-curl-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-dba-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-devel-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-dom-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-enchant-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-exif-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-fastcgi-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-fileinfo-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-ftp-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-gd-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-gettext-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-gmp-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-hash-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-iconv-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-imap-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-intl-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-json-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-ldap-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-mbstring-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-mcrypt-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-mysql-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-odbc-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-openssl-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-pcntl-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-pdo-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-pear-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-pgsql-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-phar-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-posix-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-pspell-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-readline-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-shmop-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-snmp-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-soap-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-sockets-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-sqlite-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-suhosin-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-sysvmsg-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-sysvsem-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-sysvshm-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-tidy-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-tokenizer-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-wddx-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-xmlreader-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-xmlrpc-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-xmlwriter-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-xsl-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-zip-5.3.1-0.1.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-zlib-5.3.1-0.1.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php5");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_APACHE2-MOD_PHP5-100212.NASL
    descriptionThis update of PHP5 fixes : - CVE-2008-5624: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) : Permissions, Privileges, and Access Control (CWE-264) - CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) : Permissions, Privileges, and Access Control (CWE-264) - Cross-Site Scripting (XSS). (CWE-79). (CVE-2008-5814: CVSS v2 Base Score: 2.6 (LOW) (AV:N/AC:H/Au:N/C:N/I:P/A:N)) - CVE-2009-2626: CVSS v2 Base Score: 6.4 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:P) : Other (CWE-Other) - CVE-2009-2687: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P) : Input Validation (CWE-20) - CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate) (AV:L/AC:M/Au:N/C:P/I:P/A:P) : Other (CWE-Other) - CVE-2009-4017: CVSS v2 Base Score: 5.0 (moderate) (AV:N/AC:L/Au:N/C:N/I:N/A:P) : Other (CWE-Other) - Cross-Site Scripting (XSS) (CWE-79). (CVE-2009-4142: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N))
    last seen2020-06-01
    modified2020-06-02
    plugin id44686
    published2010-02-23
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44686
    titleSuSE 11 Security Update : PHP5 (SAT Patch Number 1978)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44686);
      script_version("1.11");
      script_cvs_date("Date: 2019/10/25 13:36:39");
    
      script_cve_id("CVE-2008-5624", "CVE-2008-5625", "CVE-2008-5814", "CVE-2009-2626", "CVE-2009-2687", "CVE-2009-3546", "CVE-2009-4017", "CVE-2009-4142");
    
      script_name(english:"SuSE 11 Security Update : PHP5 (SAT Patch Number 1978)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of PHP5 fixes :
    
      - CVE-2008-5624: CVSS v2 Base Score: 7.5 (HIGH)
        (AV:N/AC:L/Au:N/C:P/I:P/A:P) : Permissions, Privileges,
        and Access Control (CWE-264)
    
      - CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH)
        (AV:N/AC:L/Au:N/C:P/I:P/A:P) : Permissions, Privileges,
        and Access Control (CWE-264)
    
      - Cross-Site Scripting (XSS). (CWE-79). (CVE-2008-5814:
        CVSS v2 Base Score: 2.6 (LOW)
        (AV:N/AC:H/Au:N/C:N/I:P/A:N))
    
      - CVE-2009-2626: CVSS v2 Base Score: 6.4 (MEDIUM)
        (AV:N/AC:L/Au:N/C:P/I:N/A:P) : Other (CWE-Other)
    
      - CVE-2009-2687: CVSS v2 Base Score: 4.3 (MEDIUM)
        (AV:N/AC:M/Au:N/C:N/I:N/A:P) : Input Validation (CWE-20)
    
      - CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate)
        (AV:L/AC:M/Au:N/C:P/I:P/A:P) : Other (CWE-Other)
    
      - CVE-2009-4017: CVSS v2 Base Score: 5.0 (moderate)
        (AV:N/AC:L/Au:N/C:N/I:N/A:P) : Other (CWE-Other)
    
      - Cross-Site Scripting (XSS) (CWE-79). (CVE-2009-4142:
        CVSS v2 Base Score: 4.3 (MEDIUM)
        (AV:N/AC:M/Au:N/C:N/I:P/A:N))"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=none"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=557157"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-5624.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-5625.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-5814.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-2626.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-2687.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3546.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4017.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4142.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 1978.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(20, 79, 264);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:apache2-mod_php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-dbase");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-hash");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-pear");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-suhosin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:php5-zlib");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0");
    
    
    flag = 0;
    if (rpm_check(release:"SLES11", sp:0, reference:"apache2-mod_php5-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-bcmath-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-bz2-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-calendar-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-ctype-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-curl-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-dba-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-dbase-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-dom-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-exif-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-fastcgi-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-ftp-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-gd-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-gettext-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-gmp-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-hash-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-iconv-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-json-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-ldap-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-mbstring-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-mcrypt-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-mysql-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-odbc-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-openssl-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-pcntl-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-pdo-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-pear-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-pgsql-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-pspell-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-shmop-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-snmp-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-soap-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-suhosin-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-sysvmsg-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-sysvsem-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-sysvshm-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-tokenizer-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-wddx-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-xmlreader-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-xmlrpc-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-xmlwriter-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-xsl-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-zip-5.2.6-50.24.1")) flag++;
    if (rpm_check(release:"SLES11", sp:0, reference:"php5-zlib-5.2.6-50.24.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_APACHE2-MOD_PHP5-6847.NASL
    descriptionThis update of PHP5 fixes : - CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264) CVE-2008-5814: CVSS v2 Base Score: 2.6 (LOW) (AV:N/AC:H/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS) (CWE-79) CVE-2009-2626: CVSS v2 Base Score: 6.4 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:P): Other (CWE-Other) CVE-2009-2687: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input Validation (CWE-20) CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate) (AV:L/AC:M/Au:N/C:P/I:P/A:P): Other (CWE-Other) CVE-2009-4017: CVSS v2 Base Score: 5.0 (moderate) (AV:N/AC:L/Au:N/C:N/I:N/A:P): Other (CWE-Other) CVE-2009-4142: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting (XSS). (CWE-79). (CVE-2008-5624: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges, and Access Control (CWE-264))
    last seen2020-06-01
    modified2020-06-02
    plugin id49829
    published2010-10-11
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/49829
    titleSuSE 10 Security Update : PHP5 (ZYPP Patch Number 6847)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(49829);
      script_version ("1.8");
      script_cvs_date("Date: 2019/10/25 13:36:40");
    
      script_cve_id("CVE-2008-5624", "CVE-2008-5625", "CVE-2008-5814", "CVE-2009-2626", "CVE-2009-2687", "CVE-2009-3546", "CVE-2009-4017", "CVE-2009-4142");
    
      script_name(english:"SuSE 10 Security Update : PHP5 (ZYPP Patch Number 6847)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update of PHP5 fixes :
    
      - CVE-2008-5625: CVSS v2 Base Score: 7.5 (HIGH)
        (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions, Privileges,
        and Access Control (CWE-264) CVE-2008-5814: CVSS v2 Base
        Score: 2.6 (LOW) (AV:N/AC:H/Au:N/C:N/I:P/A:N):
        Cross-Site Scripting (XSS) (CWE-79) CVE-2009-2626: CVSS
        v2 Base Score: 6.4 (MEDIUM)
        (AV:N/AC:L/Au:N/C:P/I:N/A:P): Other (CWE-Other)
        CVE-2009-2687: CVSS v2 Base Score: 4.3 (MEDIUM)
        (AV:N/AC:M/Au:N/C:N/I:N/A:P): Input Validation (CWE-20)
        CVE-2009-3546: CVSS v2 Base Score: 4.4 (moderate)
        (AV:L/AC:M/Au:N/C:P/I:P/A:P): Other (CWE-Other)
        CVE-2009-4017: CVSS v2 Base Score: 5.0 (moderate)
        (AV:N/AC:L/Au:N/C:N/I:N/A:P): Other (CWE-Other)
        CVE-2009-4142: CVSS v2 Base Score: 4.3 (MEDIUM)
        (AV:N/AC:M/Au:N/C:N/I:P/A:N): Cross-Site Scripting
        (XSS). (CWE-79). (CVE-2008-5624: CVSS v2 Base Score: 7.5
        (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P): Permissions,
        Privileges, and Access Control (CWE-264))"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-5624.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-5625.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-5814.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-2626.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-2687.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3546.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4017.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4142.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6847.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(20, 79, 264);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/02/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/10/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLES10", sp:3, reference:"apache2-mod_php5-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-bcmath-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-bz2-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-calendar-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-ctype-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-curl-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-dba-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-dbase-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-devel-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-dom-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-exif-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-fastcgi-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-ftp-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-gd-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-gettext-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-gmp-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-hash-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-iconv-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-imap-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-json-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-ldap-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-mbstring-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-mcrypt-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-mhash-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-mysql-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-ncurses-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-odbc-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-openssl-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-pcntl-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-pdo-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-pear-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-pgsql-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-posix-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-pspell-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-shmop-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-snmp-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-soap-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-sockets-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-sqlite-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-suhosin-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-sysvmsg-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-sysvsem-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-sysvshm-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-tokenizer-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-wddx-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-xmlreader-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-xmlrpc-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-xsl-5.2.5-9.25.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-zlib-5.2.5-9.25.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1940.NASL
    descriptionSeveral remote vulnerabilities have been discovered in the PHP 5 hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems : The following issues have been fixed in both the stable (lenny) and the oldstable (etch) distributions : - CVE-2009-2687 CVE-2009-3292 The exif module did not properly handle malformed jpeg files, allowing an attacker to cause a segfault, resulting in a denial of service. - CVE-2009-3291 The php_openssl_apply_verification_policy() function did not properly perform certificate validation. - No CVE id yet Bogdan Calin discovered that a remote attacker could cause a denial of service by uploading a large number of files in using multipart/ form-data requests, causing the creation of a large number of temporary files. To address this issue, the max_file_uploads option introduced in PHP 5.3.1 has been backported. This option limits the maximum number of files uploaded per request. The default value for this new option is 50. See NEWS.Debian for more information. The following issue has been fixed in the stable (lenny) distribution : - CVE-2009-2626 A flaw in the ini_restore() function could lead to a memory disclosure, possibly leading to the disclosure of sensitive data. In the oldstable (etch) distribution, this update also fixes a regression introduced by the fix for CVE-2008-5658 in DSA-1789-1 (bug #527560).
    last seen2020-06-01
    modified2020-06-02
    plugin id44805
    published2010-02-24
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/44805
    titleDebian DSA-1940-1 : php5 - multiple issues
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-1940. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(44805);
      script_version("1.13");
      script_cvs_date("Date: 2019/08/02 13:32:22");
    
      script_cve_id("CVE-2008-5658", "CVE-2009-2626", "CVE-2009-2687", "CVE-2009-3291", "CVE-2009-3292");
      script_bugtraq_id(35440, 36449, 37079);
      script_xref(name:"DSA", value:"1940");
    
      script_name(english:"Debian DSA-1940-1 : php5 - multiple issues");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several remote vulnerabilities have been discovered in the PHP 5
    hypertext preprocessor. The Common Vulnerabilities and Exposures
    project identifies the following problems :
    
    The following issues have been fixed in both the stable (lenny) and
    the oldstable (etch) distributions :
    
      - CVE-2009-2687 CVE-2009-3292
        The exif module did not properly handle malformed jpeg
        files, allowing an attacker to cause a segfault,
        resulting in a denial of service.
    
      - CVE-2009-3291
        The php_openssl_apply_verification_policy() function did
        not properly perform certificate validation.
    
      - No CVE id yet
    
        Bogdan Calin discovered that a remote attacker could
        cause a denial of service by uploading a large number of
        files in using multipart/ form-data requests, causing
        the creation of a large number of temporary files.
    
      To address this issue, the max_file_uploads option introduced in PHP
      5.3.1 has been backported. This option limits the maximum number of
      files uploaded per request. The default value for this new option is
      50. See NEWS.Debian for more information.
    
    The following issue has been fixed in the stable (lenny) distribution
    :
    
      - CVE-2009-2626
        A flaw in the ini_restore() function could lead to a
        memory disclosure, possibly leading to the disclosure of
        sensitive data.
    
    In the oldstable (etch) distribution, this update also fixes a
    regression introduced by the fix for CVE-2008-5658 in DSA-1789-1 (bug
    #527560)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535888"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540605"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=527560"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2009-2687"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2009-3292"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2009-3291"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2009-2626"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-5658"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2009/dsa-1940"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the php5 packages.
    
    For the stable distribution (lenny), these problems have been fixed in
    version 5.2.6.dfsg.1-1+lenny4.
    
    The oldstable distribution (etch), these problems have been fixed in
    version 5.2.0+dfsg-8+etch16."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(20, 22);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/11/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"4.0", prefix:"libapache-mod-php5", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"libapache2-mod-php5", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php-pear", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-cgi", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-cli", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-common", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-curl", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-dev", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-gd", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-imap", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-interbase", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-ldap", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-mcrypt", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-mhash", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-mysql", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-odbc", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-pgsql", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-pspell", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-recode", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-snmp", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-sqlite", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-sybase", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-tidy", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-xmlrpc", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"php5-xsl", reference:"5.2.0+dfsg-8+etch16")) flag++;
    if (deb_check(release:"5.0", prefix:"libapache2-mod-php5", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"libapache2-mod-php5filter", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php-pear", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-cgi", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-cli", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-common", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-curl", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-dbg", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-dev", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-gd", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-gmp", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-imap", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-interbase", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-ldap", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-mcrypt", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-mhash", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-mysql", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-odbc", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-pgsql", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-pspell", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-recode", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-snmp", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-sqlite", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-sybase", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-tidy", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-xmlrpc", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    if (deb_check(release:"5.0", prefix:"php5-xsl", reference:"5.2.6.dfsg.1-1+lenny4")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/83441/phpinirestore-disclose.txt
idPACKETSTORM:83441
last seen2016-12-05
published2009-12-04
reporterMaksymilian Arciemowicz
sourcehttps://packetstormsecurity.com/files/83441/PHP-ini_restore-Memory-Disclosure.html
titlePHP ini_restore Memory Disclosure

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 36009 CVE ID: CVE-2009-2626 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 在使用ini_restore()函数重置PHP配置环境时PG()类中的变量会显示任意部分的内存。如果要利用这个漏洞,攻击者必须要通过ini_set()函数声明变量。 - ---zend_ini.c--- static int zend_restore_ini_entry_cb(zend_ini_entry *ini_entry, int stage TSRMLS_DC) /* {{{ */ { if (ini_entry-&gt;modified) { if (ini_entry-&gt;on_modify) { zend_try { /* even if on_modify bails out, we have to continue on with restoring, since there can be allocated variables that would be freed on MM shutdown and would lead to memory corruption later ini entry is modified again */ ini_entry-&gt;on_modify(ini_entry, ini_entry-&gt;orig_value, ini_entry-&gt;orig_value_length, ini_entry-&gt;mh_arg1, ini_entry-&gt;mh_arg2, ini_entry-&gt;mh_arg3, stage TSRMLS_CC); } zend_end_try(); } if (ini_entry-&gt;value != ini_entry-&gt;orig_value) { efree(ini_entry-&gt;value); } ini_entry-&gt;value = ini_entry-&gt;orig_value; ini_entry-&gt;value_length = ini_entry-&gt;orig_value_length; ini_entry-&gt;modified = 0; ini_entry-&gt;orig_value = NULL; ini_entry-&gt;orig_value_length = 0; if (ini_entry-&gt;modifiable &gt;= (1 &lt;&lt; 3)) { ini_entry-&gt;modifiable &gt;&gt;= 3; } } return 0; } - ---zend_ini.c--- 所修改的标记会被重置。由于没有检查ini_entry-&gt;on_modify()的值,PG()会超出内存范围。 PHP PHP 5.3.0 PHP PHP 5.2.10 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1940-1)以及相应补丁: DSA-1940-1:New php5 packages fix several issues 链接:http://www.debian.org/security/2009/dsa-1940 补丁下载: Source archives: http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg.orig.tar.gz Size/MD5 checksum: 8431973 956486a588c577616a5008d185e84968 http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg-8+etch16.dsc Size/MD5 checksum: 2002 7b5aa6deaeba26e4c5cf3bb6ae33c27b http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg-8+etch16.diff.gz Size/MD5 checksum: 134709 612732624d30561ad7dea430903a2807 Architecture independent packages: http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg-8+etch16_all.deb Size/MD5 checksum: 1044 64a93759ca8a44ce1499fb425af5ba7d http://security.debian.org/pool/updates/main/p/php5/php-pear_5.2.0+dfsg-8+etch16_all.deb Size/MD5 checksum: 310830 7919b140eee8f8f2e10fedd41fd14fd6 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 5318 a07734d09bbc26ceb28ebcd9b1ffc1f1 http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 24970 5d6004f15fe242fccd6c4a182025bcca http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 13476 1ec0f17e50e295fca526dfe06a362f92 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 18610 92848fda2bdb624c9f3a7056077867cc http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 2488466 96a5738358c120ddc413bc953d365623 http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 40292 51458abe32e534379fa70daa94a1be66 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 9052 dd0be76eb4566fa6ee6a814e9b2396a5 http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 38544 037e4dd443d68eb25435e4b245f5bae1 http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 2412676 1ae4f6ba6f50e2c216876c485eeb108a http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 4948 4e19e8a2376c9a24f27cada6cdc9b0d1 http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 4790194 0ba2321b5a2c43b08be044ee2c015228 http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 36514 1c5ecae2bd1dd1c8d51739f686929d6f http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 70746 130c3501ffc77604dd8db9a4ce0d2197 http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 17542 a8380c6c895c2fdbd0b53d5afe304da0 http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 19594 24b726bd51ccf6298f252f632df66fae http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 36112 34b76e78b7242d2ac990aae3f53d92d0 http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 55668 b95a6625bb267e790770191ef0dc3128 http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 2487774 cefb2da57c7effcd314cf511f4e17db4 http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 11840 a5b02752d2b7a771833d1520ad908d5b http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 13378 3d2e2b49489c07aac66e0164eac51f01 http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 36656 f9f1d4bf23fd249b2cc9521824e7771a http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 221502 261df523100f0509f5a2c5475f1178a8 http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_alpha.deb Size/MD5 checksum: 342192 e6519637a9221e3adc6b468de2c5bb98 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 2434276 771b474b437c79d99c618b26fe37947a http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 344546 d3bb651649ba842036cc8ac3659a78a5 http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 36710 346f128adf65b8a11fa2d8a870ffafe6 http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 36432 4dab2ccdcca8f327dd937bb1726baa09 http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 24968 ee88dda46b28cc8fb95368df225d1cbd http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 17562 1367309ced589b7e431e208d08c05d4c http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 18648 1c4cdef714b95add864534d00e307b9e http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 13476 642f1853e66c40ba001d9259a0935a55 http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 38442 3a4a23a7b9b44034ad431a1bc97c9b43 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 2434744 7df76c20d0638c48fb50ff9837fa2e39 http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 37110 3ddb2d6f43bf48d9d39a65be726b0758 http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 4898 97b59510d3c93098377f7ce3d035678f http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 71764 df871b2cc8536d86cb98b1deaba12175 http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 46768 c2b07344538b5a844d2b9d71b2a0af0a http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 4718064 fe712913c6b77092a1232b12e6c253bb http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 12052 a1903f82b61820a26c9dda7539c67256 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 9396 93efa8754c0651aefdd5274a12d080e6 http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 2380798 09a2b12cb5b45d0091155b3164814539 http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 217832 3996c8de414790cbf69f63b58eb83f3e http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 39156 2b214fc86b2a97dcdbf3bca165eb8082 http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 19420 f4c3bbdb831244db2bdd5335efd3edd5 http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 13022 4b4c9d4850a1e333ee06890f74af6c7f http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 53950 16daf5e82a9290de8a47bd1322851c70 http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_amd64.deb Size/MD5 checksum: 5254 b4ea03d4ee1403fd58ce7911e8014cc5 arm architecture (ARM) http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 33664 dae843d051382e33477c546dc1b17fef http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 4860 b1fa710c79e35f07d8145f5225115a0e http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 24074 1ed613d17e45bdb307e1cc1ee9197140 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 8748 678e85d43e7c2b072086ebe7eda86a4a http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 63830 89fd8a16a38e5422288a255c24dc99b4 http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 33754 6bc2e86523dd31e99146cfdff9342ebe http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 11876 c7744360e2fe35758726203f7d7939b3 http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 33032 b9bc2d01341a65067db6ba85f6972657 http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 218168 448c06872b6b8748d58446c87a625718 http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 49458 9bbe16b2389be190bd62c3978e214242 http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 33658 46890c77b5e44a2caa00103335b94b54 http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 2310596 67a3f80e614d671e74beaf4efe0f308c http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 4634 a174a9be31b05476a3c691d8cd48d02b http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 15836 c1721c65f6f2efaff3b144dd75ac0cca http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 10922 bf0551cbe5780f47e1fb983b6640e8e7 http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 33628 eac84953c3c683c11395fbc4672a69a4 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 17076 610841d9f054965028f32f345a371e73 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 2311228 b35fa9a592ce4253f3b48f52fd3a0596 http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 17932 80af51b198bd6eee454ab5d276d82d87 http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 2304412 bf37c5c338dd12f777b06ccd01661b79 http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 4574286 84018b4aa03cd7ec37808837e00bf6f9 http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 346624 4efb7f4b43cd76f9fee022e1784734e5 http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_arm.deb Size/MD5 checksum: 12444 136e8b2d74a618ae25bbbfb2c0a4e4c1 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 2538134 395e4f23913f0473a61cdbf610463072 http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 58144 809b3d3489bf894c0171a458729160af http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 346682 1fb4ff12b932f3c622a6b85d631ec137 http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 15554 9c86477e663592c81e0e3946483985dd http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 5828 c863a1d79a314b4cf6482335c0bf4493 http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 2636726 b6f9767e272499dbbab318d1e324bdc4 http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 5500 e33306bada012281838cc47644e6e270 http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 12566 bbfbab3fa98a9c01f56686e64fc6f61b http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 75424 a31a53821873d00f008e2aae00355800 http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 42130 70efa89890134950479a8633c4c085bf http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 39990 5e53335257ae9d905fdfa8d4b5e276c0 http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 28246 13fcc197f0e0bc6846abc3f8e02d9357 http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 5036032 7081bd1e68c44a4fe89d2d5f1025dd2a http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 39546 8edb59eacb189a40f3bb52572cad42ff http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 14102 e38c4575055508f9768c3920d6772768 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 9752 a9a32b5958ef64d64e2c0a2b5b6df8b4 http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 19590 9059b304df9bab6839a8e20d6071d706 http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 224758 e72f41be256c4a9a088ab186782e69d3 http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 38274 909e3a3e96acaef143477617539c102f http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 40966 f5a79ab2588446d4441e2310832bef25 http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 21124 bbd739683199d65c24e60bcf28ffd15c http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 2636816 73c8b75aaacb6b6b04288d04a40320d5 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_hppa.deb Size/MD5 checksum: 20322 bbd9be70bfbbde086c94de1d48b721ff i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 24456 cf35fd3486528755a489d919f5282b67 http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 50688 c998895656808d474defb1092f6dfb13 http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 34084 dcbb9738d1c5a4a9acff1d70347a9c91 http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 16466 7f385824b87318dcd35a23403a3a2500 http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 34452 fe3c3515e024463f4e896873b79a4bc8 http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 2339286 72b234c3640a6df2aad10c69a0f8dfe4 http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 346104 3df62142ddcbcc49e15a19de9b879d63 http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 11290 497cdb7245cff2b1066fde84179ff2fb http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 4613124 8e8d3b7def6574fe720e79ef98ab6fb3 http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 64858 4e5c2a00ee49040841b3646c119438c9 http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 12246 fb358b972aecb710bca7b2a2cb631445 http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 33524 875c9a5c173b088710bb2c56963093bf http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 44374 07a7d24fe9310d7bd263cd4d44f43059 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 2339884 5643ab1279e6412aca57bee3f30a3c70 http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 4762 a533020de317f5fd4b314c52dfbed2f4 http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 5038 b1cf04e50a8377be0e303b46a63f54ea http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 12816 02d756a05b3f14f1fde896d6d824633d http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 216260 ef7c751d89f5eaedcb53037b2fe12705 http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 36448 880d6ac9a57f777d474a2e0473c6ca8d http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 18388 ea5ff2538f81ecf98b4cec6e94d94698 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 8618 3078e90c875e6ed3f5baf1423e259b69 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 17230 e426661709b814cfd860f920f6994792 http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 2325162 61c4b2b50e07c2a39276945f79bd4b9f http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_i386.deb Size/MD5 checksum: 34542 bd0d1be2d82bbd7834212fa305edc61f ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 6259582 3d5375c501a26ad6ea4dea0448c00af9 http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 3198244 f77bd7b0b646f31738c78819be8922af http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 50650 16f80c37b82b26497e15a2b32522284e http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 236650 8165e88c029aa383c2de8e93c82392c6 http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 15436 37b2eb669995db49e672cd23a8e5d843 http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 342166 61a661798785c7ae7bb2c11aea8c1a9d http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 76618 9cb83c4bc231bade7184e0ee70486968 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 12012 4bf71b184f6e1c705690baa4cdbde35e http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 6502 3667f95d6ad22016857553df793fe272 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 3199296 1c72d0431f744e4c3c5f48772274b0c1 http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 95634 dfdc9e95298840bc92f651c95adecf27 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 24866 a434bf6a52ad51913f2f12134c627ac7 http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 25088 9cfb6b47f74723dfd90db2439ef30b2e http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 27146 da115f332ad5629536ea3048f9d9c6cc http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 34408 5dc989369358752ae96d6aa0091886e5 http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 54518 c63fa927d47be4ac27a090efc90245fd http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 48404 761b87efe93f3436127f585c7967e5e3 http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 3151862 23ebf641671d07e52fe39a9ce95386ba http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 6150 83e8d323f342ee99bcbe7ef152671c78 http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 54674 f3ab55e33d7b2b11ebd902fd5c051faa http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 17770 ba86313dd68a72319ad8a68dd0a8a6b5 http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 17554 e12e126bb529e29d9b10b374db9de59c http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_ia64.deb Size/MD5 checksum: 50242 e5767c446ae9a72b46a678f89f4a8a26 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 5250 2adcdd4cf4b9ad0ab5505455c0669c0e http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 4908 7b0e17a304d90cbc8d8fae662ef92b20 http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 35600 f061d038844877e045431adfc1217402 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 17316 24657b31ff82a1a27151395b28b432d5 http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 31610 2deca61c78a278b2bbe9b9baeb039fa5 http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 12222 4586d11c610f15bc88f7bc1e0bbec344 http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 11350 05005a3f93ab1737bbd752432381fd39 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 2414744 fe305917ab4c5157bff749de8d643f93 http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 2388420 d1f897a8b8bd63924a01a7de1777aba6 http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 63876 a71f64d866732b19a2b2ec79e44f8fbd http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 15732 c7772b1c4e7aebf0ca832feaba178377 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 8280 47dce2b991a5658b06126386050db44b http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 33182 ae8f2414e988be684bc30dc10695a9f6 http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 4736866 5c06712f122aa5f8a4b6992033a44ba6 http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 2414240 8a0d0eeb3ecfa24b9bd40033862eee7f http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 32766 16b20c8fcc252883b4dc35d2ff284e55 http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 12470 57b8c232fbc6deff7319607fe81487c6 http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 18504 c37b2ffc3de93308d180a99e7b992a85 http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 23356 2bbfb3c09797542afa52df7f6add0163 http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 49508 2aad97731fe8768344d22e81299bb2db http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 35260 8997d142d3e05a91cfb7bbd91eb4792f http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 345428 93df600fdcdc87ba609c6a8da5ddd9b2 http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_mips.deb Size/MD5 checksum: 218086 d151a6431b9673cd261d2466e28ec683 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 33096 bac9fcdde64fa312553a981edcf4bc25 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 8206 4f173f5c397825c2f013e6767213de59 http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 4688168 466cb837e25d88ebcb9e1f39b96c7a9f http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 17256 fa6c6d2b04723abd97ca07b6492b6faf http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 31556 dbcf00dcfe9ced18c7ba1c376d5d48cf http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 32300 179ad76c714800b3ed25a42d3571fb50 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 2370122 3841febdc489245d3e98816961df6c81 http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 4900 fd5d441737f2993ab9ceff107303094f http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 12140 bf2ef1cdb56906f6e944f5ccb8d9d7ca http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 342238 e4453c6faba3421f48975a0f28b038fe http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 2361064 fae1aa64a85c1dd03a0f89cd37f38af8 http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 23368 7410b76ed8935732fa513f52eeeadd18 http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 35566 607f39063ac660f277e63929b973d2c0 http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 18462 5df5661ab217cb34260d76cb95571cad http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 5234 efdf40378e9adfda2716820e66b28532 http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 12430 99938c3c2b69d8544ef3597f4adfb21f http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 2369670 40b4242baf2106b18442b52d10277958 http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 49446 123a361ca889ba182de99d715b40dfb5 http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 11260 4786eb4877b948ea47ced84ab597c2b4 http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 15648 380b6ecaf3adda197254e6076777faec http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 63420 01cde33df9dd5aa1dbb4d2860a2d552d http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 34960 032bf522e8f4d650a9028b9ea5da0df6 http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_mipsel.deb Size/MD5 checksum: 217366 0dbb1962a33193dadebfdbd411c92c16 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 6744 67259178bf49b2173acd17bee2b0cf0c http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 36002 ed7c290dab79a3d964f64a6dedfc602e http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 4752474 465a9ad1238796ae9fd6d336c1a42b22 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 2443108 c2526968e31ac17e254d0210dd022926 http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 342292 6c73de3ca4c191544862aaa3771a37e3 http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 37714 88c4d9f2faa2062b69e52a1c8553e005 http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 220284 459907137ffb3be31443ed5abc3197bd http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 36480 a055a7d0507090b08be4ea25bb162feb http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 2393974 3c3ba2168e23ec8731397c2031c618e4 http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 13756 477f4b7219c2a93fddd27b530058e050 http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 18464 712dee6c962985ed08d4202a62c68886 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 19186 039739727c969ae6c25c348bd584f308 http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 14748 195f6978bf4394c85ff29e6fa6e6b62e http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 26794 f6444569a73747e3af80ff9a29d1d83f http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 20248 f08b3c2c32dfa446597e2e547d369165 http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 2442822 a5e8104d5220100ae63c2fa8be88ff1d http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 38020 144dec220e3b04d64529366003e64160 http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 70372 3df17ffe299b4f732a241eac4b4be86d http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 37104 a0a82ea304f529c99a01991ff433c258 http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 6358 6cf2471c4684a7d8cdf442e47b6eecc6 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 10120 184db6b188224ddabd99e02b99d42656 http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 12706 bf2487d7133fb20a786798ea966439d9 http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_powerpc.deb Size/MD5 checksum: 54070 7d4da5803bcec2b8687971d4f826f272 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 72606 bb53ebeb6d65b15005186f192b77332f http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 13440 9d20d8ec53d583b78af04c845716dea4 http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 4894934 b445a7233feb1a8285dc4f87e46aa1d9 http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 19578 77ddd8c5eedb176c19bb82edeb16c3d7 http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 40520 f033a73a6c669beb1189b016d7210e42 http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 39220 4c7dfb5a9a8eb13ba7ee5fdab08203c0 http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 37180 a9760ec96826ef65daa6b9cb779d6e99 http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 2536020 4559ac57af97f5988efa4570c77fb745 http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 5472 83c382dacd87173219abc1a9543af799 http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 18178 ee440d491a3d656d1d28ce203021cec7 http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 37272 50f97cab1e56bfd5b129a934566a6447 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 2537052 5de9a94cebf414fe23d373f23221eaf8 http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 222178 9fa9899c68f61293c3a83156fde47d6d http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 342138 2fe9217a1b163ccf6389c68fe64f1029 http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 25034 501e91a5589aa6d7b4c5cb9a08c66528 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 9186 029a0c56c6192852104f25ce2502d364 http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 2466010 c79086d9f7f8a4ccb94882b88de82f4e http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 11952 378f76c9ec6476bd364c755c826d194d http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 19324 253c859ad559f472a175f90ef39f85d7 http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 36168 135fadc4f0170dc0e916e8ac07726caf http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 13392 e9caa124604abe127e3f8e26cce6285d http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 56348 f69f6d27de79f0319c379d2ee3e24b1c http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_s390.deb Size/MD5 checksum: 5128 30ed87f0fa3cec857d61b4a81913c982 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 47972 6257d4cf3f47f1ed1d25931415bd2ba1 http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 32608 1a8b314a54080ec3434594b2c3dc7a55 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 8276 b383dfabe124b614db8c4cb9e43e8ad7 http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 33304 ccdcd515bba4b0af5018f4c0c47c48d5 http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 11682 46820ee8d403abcab89012b399608acb http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 4874 fcdedd828dfeaad9b080013299a3c0f8 http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 217762 fd9a30ba4d8229705db1f75c485dea44 http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 34924 6757f07e78caf4a711aa8c59f6c1b5ab http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 4652 f25f72b067ae1a31b6e2aa1a451845ff http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 12632 5fcc1542c1d08b059fb660660575f4c1 http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 24658 ff5ac84362babb6d566032efd1189676 http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 61848 683a404b8e4bc0e1f8f077d03ac478d4 http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 345116 9d302a8d9835e1eb69e58e0b4246b77c http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 16250 79ab057b5b3ec5618cc5864a6e4a4004 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 16586 71f02e0d46f51ddb3ed48c39bbac8d17 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 2334202 793e4680be0b5a56dd884842e3a3d27b http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 10770 f4e8b018c5494ef25ec7382a55e35abc http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 2282048 b8cf51abebd3d4a2d3a4c7aed6dc6f4b http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 31550 c6b59b4ce39133184358efdbf4adec78 http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 33090 8e32de2c0c13526753b38b55162dedf5 http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 2333728 6d0d0f21b1fb819efa89fab8c8a51d33 http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 4526406 e38e3132025a9cdc16c08b4b29b8360d http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0+dfsg-8+etch16_sparc.deb Size/MD5 checksum: 17462 ebc3f06aafc04f49fb68adab118bbfe9 Debian GNU/Linux 5.0 (stable) alias lenny - ----------------------------------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/p/php5/php5_5.2.6.dfsg.1-1+lenny4.diff.gz Size/MD5 checksum: 164099 957d5e45ad5a1e96d92a864b29590e7b http://security.debian.org/pool/updates/main/p/php5/php5_5.2.6.dfsg.1.orig.tar.gz Size/MD5 checksum: 12173741 b80fcee38363f031229368ceff8ced58 http://security.debian.org/pool/updates/main/p/php5/php5_5.2.6.dfsg.1-1+lenny4.dsc Size/MD5 checksum: 2529 a437a2a7a18fd20140862ca43030f388 Architecture independent packages: http://security.debian.org/pool/updates/main/p/php5/php-pear_5.2.6.dfsg.1-1+lenny4_all.deb Size/MD5 checksum: 334532 14c1cefa63a25bc9d47f2b613c79a658 http://security.debian.org/pool/updates/main/p/php5/php5_5.2.6.dfsg.1-1+lenny4_all.deb Size/MD5 checksum: 1080 285cecdbe24061cfa77e62f36ae78e99 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 39398 caa273c524b79c59672fbcae753a26ee http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 8928 f414f1c129483b8fe8cbc318a5eedb6e http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 36650 bcc4676043009ca54e18af9dd27e345e http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 37516 4f550822c831649ac425ae22d58a60b8 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 19676 29a0e716656bf8d60f9fd2e1edf2eb0e http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 362784 e3c1ab92a9f1dc91070a8395a9b105d7 http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 24996 b34349f14e52b5ac097987585b476175 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 2674430 c3d9f1778f9a74d05501d6520ef16879 http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 5080 831374f23d9bd03486b5d85203d086d6 http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 12334 c8dad6976ecd6bccdfcb00d62c6e7c0c http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 37164 97d3efa37a7349abd11a562b07d0d3f1 http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 41630 02b132c756ed5123aa870b411dfa4287 http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 14054 e86232b73c9a6830a0113989917ee4a4 http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 2598730 41c38a0d06bf46b566775d92f3137c3a http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 15820 e9bcff8457e6384e8bd74053a7fad687 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 2673700 a03612222ffe9f28c4b43d0d5a7a99a8 http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 27604 fff003a8549d23afea2869dbcfc9a4d5 http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 19512564 6e8253c7ef2885fd55bc7c69aced60da http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 71714 4d1d39bbeef361c88d848fe23120ea2d http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 57870 fcf66bcb2eb2219b0871d41e8118a00a http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 13802 0a23d4c322b3f5c99e7c31437ff6bec9 http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 5412 1d7f872cc8fe84ca92e46087cc49653c http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 17670 dc82380d58f2dc09b6512c238be39688 http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 5164256 2c73dc67889c06f055e57f916b7e465a http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_alpha.deb Size/MD5 checksum: 369570 3b3d5088cb3117006cbc08b91bfca793 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 5085904 b4f9755926b38c5bbf750130b46c8c36 http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 27828 2dd7f5f19633ec3b95edaa32cd1e1a41 http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 364864 4e1e7c037801fe32e53ef59a494302a7 http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 367114 8e3e12d22761beb6614da92ce72a2e9c http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 5094 24bec334c129f1b8935079be7cb552ab http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 25242 9891b2748fa85b59fd8b104ae8309cea http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 2561414 fe49df2df47d3d7dca2bf88cf20c2a4c http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 48442 75c148c766532dce89889ba3d2238f31 http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 73538 9eabc5c2efc8c0608c5df1f36cd90a71 http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 12326 4ece26705bc6ebfb0ae0eac0d276bb1d http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 38078 ea04ff4ef5701c42535af6db2dee4d03 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 20144 d1a105aa743105a98ceba0ae83192c03 http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 39864 d371d0d7d9681278d957b446eeeb984f http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 5430 362ccffa64f9f88d69400dc184611d74 http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 8289420 76c467707bd7c4d0d418cb0dd2608d35 http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 37030 50b827bc1caff8183b41481c2383d62e http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 40912 fd85bc423f585b3cff9255f1b6776237 http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 13928 250ffb692df9fc9ef7d4dae23fa7bdb0 http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 56858 bf0c5930e3f91ffb34c464b018231046 http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 16504 14698f0330637137b9dbb8f04f42e81f http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 2615932 2ae52b06befad28fa728331e74a69205 http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 18124 332b7c10b6ce3b3857a16f43ebbb3347 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 2614644 a1d8a234b347ec857a3e5ac7addeecd8 http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 14178 16cc5493c3cfb2895dbc5329e6f63c6c http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 37864 22965210129ba0b90f70a9853eb36508 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_amd64.deb Size/MD5 checksum: 9464 c6feec4b12661790a01d0907bbeb339d arm architecture (ARM) http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 11264 21b09079dc8345b064fee70347c14712 http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 12462578 0d5c8891db819dbc4ba754c967aa7dad http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 24964 6966d1135dc769f79c9cf0a0f50d62e2 http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 2439754 78c88915cfa23ab952e0ae911eb7686e http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 4966 5b5d6a3c8e2c6ee906dd8b7507b9df43 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 18024 4532987cf1c53d08befd9bf3d49033a3 http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 34476 9081a54f847584db79422fc0ffc458ab http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 2447176 45fb35183c6c62bdd695d8c84224c4a5 http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 23648 36353d6341c50ee59d815e115c4208ad http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 4748 66349a6f625201d6f408df225c816ea9 http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 34030 2367c64fc75c0d3c82136a3d873a904d http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 34218 f92a97953e10588f74fd65e8cd704c7d http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 63744 f07e0cbd756bb94a306c4d247255d258 http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 13852 621dc08b6b5d9198d47d92aaf80b3f6c http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 12790 1ee052caad8fb06cc38c70371cdb1bab http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 34762 b6f021ff248d64188ffde62e8969047f http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 2448492 b887c7658886a987342caedabbe46e4f http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 8366 d189e7c467b55a61286fb5c637031e28 http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 16076 b1b5182781a8bb8720e643a134f02a5b http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 367074 cf9afcb9eddb67e676a418ac276b7593 http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 12492 1ae0d8ac8dca6b87ebb4f2537cf9ffb9 http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 32776 b965920dcf30d35d9239c6dbba47bf63 http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 4847110 62e6c494c80fc2c8e77e375b9f72137f http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 366360 20e2c35199b44ff9bdc94fe7cae56da9 http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_arm.deb Size/MD5 checksum: 51394 532f55af789f67e48884c12210340cc0 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 12605948 15a6d11310f7914fcb448436b6cd77aa http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 8374 04941fececb944a7144a8abad2caa863 http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 14340 3ec6c153108015b9ed148dea2df47fb8 http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 36148 52122d7fa391e15bbdb82ba5d9f1c3f2 http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 25914 cafcab8d11d7ba94303e227e5ad36f2c http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 4847648 a3529551fa0e4dbc7dc2302a678e37f6 http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 14692 876464c3794ca133f0fc6723c36ecdaa http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 2448278 41aecffb318a317ecf022de8a7cdbdd5 http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 4704 85cfd4d6dcc9f734475d6214cfda5fcc http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 367530 89d077076a7bf4c40f78cd711d2342cc http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 4936 c4097ce8218bd33112f54429614551af http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 2449350 042e29d3ab7120fdf9c17fdd3cf3e617 http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 34454 4a9b1aa02da12182a08536476becd257 http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 33930 f62d352a5958f3427f08f5d1f0a170e0 http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 2440376 4897d22468f259ee9be12e758ca9a0da http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 63818 60772d52fc57e124177a63d26874cb7b http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 51044 b15c349b1db9cb2a8760d14bbe2b2fa7 http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 35808 4a06e70291d6c1d87660a98b8a989c91 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 18076 67d05122ccbde4ae855469717ee2cb0d http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 11292 3a7548995eb38f48ba58c0d464f53691 http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 366810 818d293089ddb77973fb76269cb119f3 http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 12296 542683b324f44cb25b00a6e8c940f6ca http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 16058 32ccdd921eedaf696b342dca5236e8bd http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 34304 bb66943fc47d9f08cdc6d5ba7c27e091 http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_armel.deb Size/MD5 checksum: 24428 f328cf1256aafd4e120796f9828941e4 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 59412 757873eada94e035c42b40a8223976d0 http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 19984 8763715a424bbd34708e5d8294adaf38 http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 5248936 56655248faaa50ad3993c80f84e829ae http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 366718 5b1efaaf13e5b149c20a1fd4892d5a12 http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 371012 aecfc9e61895739ceb75c0bc4bf55481 http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 5602 66ce546286311947f9da8373f6d8f09c http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 39150 330126acd68b112da8645cd1ec6acf96 http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 14692 140f15ca96cc15c002901239c6d8293c http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 28974 d15bc6ef572f7ba5b3b90918c1139312 http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 12966 017321dd7354698cc2524e22f6f8b2a2 http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 40144 4e56fd9f6770f08f20ed28883f2c0fb6 http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 16696 84c8f0d176ab76055c4ef6889359773b http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 8825224 65d8084843019118237e3aab5c70bf22 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 21306 d5a2f8f95d1afccdb3bb4907e30daa50 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 2749888 971152f013557ddaefb4070fd0f2e627 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 9726 4f63963cd922f8ac6fedbbbfd1b95b37 http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 2642228 7680b8efeb1b256e3276fbbd3cdefe03 http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 15678 a73f543734806b1e3f66e061dc9ed23c http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 28010 74e2546c35064930ec2cf55f5ba78638 http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 5900 280db1b396a121f74fbee0d1ecaa6963 http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 40704 bc0429fdd2e16e91fd966b56404a3f9a http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 41564 0b976a157afa3a07979ef957aedb46b4 http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 39008 405c7ccba92d9598d0386d5cc7b24e8f http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 74380 8078c8e674137ecf20433b26247922de http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_hppa.deb Size/MD5 checksum: 2748624 bbc0b53b3bd706c43b8ef300d6afe3c6 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 2482922 208f37e972ef75ec8f523b0d23fd96c9 http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 52366 3707092cee43aedcde4ce319285497ab http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 33548 c3a037fe3763dd678650f8ecf155d5b1 http://security.debian.org/pool/updates/main/p/php5/php5-gmp_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 14202 ce163ac3822488ee9a983486ebf4a562 http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 45164 6e34b5c552ed4078ba2f030ccf813837 http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 11602 2223164ddbe8a6a49844d95aa5626d14 http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 4911000 92362c5cb984c325520a55e1e002ebcf http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 4850 12262df32db3978db628398d300ae3a7 http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 65752 04adcc201acbc00217f45234cb77f6c6 http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 34600 0150f3c3acf9a56aa1c50799d7a48340 http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 2484322 fa5e02bfc4a02d6eeaa78b6c7311da62 http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 365082 4392cd0a81f4476fdd9742acc7bd6c93 http://security.debian.org/pool/updates/main/p/php5/php5-dbg_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 8470280 72de688ddc3ccd2cd608c2e484f54171 http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 12816 90c17f509e3c6fa6572576a0800e461c http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 32390 5744d41850736ea9b996c6cb66e9d837 http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 12924 828d2c034635500f64f5b098f7cbb7fb http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 5158 071eaa0a8b2199d592a1797d5e4d5883 http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 18236 e5bc99009e981fccf50c904a0052936e http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 37674 e5a88b469517b3e0f934fab003622d43 http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.6.dfsg.1-1+lenny4_i386.deb Size/MD5 checksum: 34518 ef1ece7435c66eee3c1c85fd35a493d9 http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.6.dfsg.1-1+lenny PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/Zend/zend_ini.c http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/main/main.c http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_ini.c http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/main/main.c
idSSV:14997
last seen2017-11-19
modified2009-11-30
published2009-11-30
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-14997
titlePHP ini_restore()内存信息泄露漏洞

Statements

contributorTomas Hoger
lastmodified2009-12-02
organizationRed Hat
statementRed Hat does not consider this flaw to be a security issue. The bug can only be triggered by the PHP script author, which does not cross trust boundary.