Vulnerabilities > CVE-2010-0397 - Remote Denial of Service vulnerability in PHP 5.3.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument. Per: http://cwe.mitre.org/data/slices/2000.html Improper Check for Unusual or Exceptional Conditions CWE-754
Exploit-Db
| description | PHP 5.3.2 xmlrpc Extension Multiple Remote Denial of Service Vulnerabilities. CVE-2010-0397 . Dos exploit for php platform |
| id | EDB-ID:33755 |
| last seen | 2016-02-03 |
| modified | 2010-03-12 |
| published | 2010-03-12 |
| reporter | Auke van Slooten |
| source | https://www.exploit-db.com/download/33755/ |
| title | PHP <= 5.3.2 xmlrpc Extension Multiple Remote Denial of Service Vulnerabilities |
Nessus
NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2010-007.NASL description The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2010-007 applied. This security update contains fixes for the following products : - AFP Server - Apache mod_perl - ATS - CFNetwork - CoreGraphics - CoreText - CUPS - Directory Services - diskdev_cmds - Disk Images - Flash Player plug-in - gzip - ImageIO - Image RAW - MySQL - Password Server - PHP - Printing - python - QuickLook - Safari RSS - Wiki Server - X11 last seen 2020-06-01 modified 2020-06-02 plugin id 50549 published 2010-11-10 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50549 title Mac OS X Multiple Vulnerabilities (Security Update 2010-007) code # # (C) Tenable Network Security, Inc. # if (!defined_func("bn_random")) exit(0); if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(50549); script_version("1.48"); script_cvs_date("Date: 2018/07/14 1:59:35"); script_cve_id( "CVE-2008-4546", "CVE-2009-0796", "CVE-2009-0946", "CVE-2009-2624", "CVE-2009-3793", "CVE-2009-4134", "CVE-2010-0105", "CVE-2010-0205", "CVE-2010-0209", "CVE-2010-0397", "CVE-2010-1205", "CVE-2010-1297", "CVE-2010-1449", "CVE-2010-1450", "CVE-2010-1752", "CVE-2010-1811", "CVE-2010-1828", "CVE-2010-1829", "CVE-2010-1830", "CVE-2010-1831", "CVE-2010-1832", "CVE-2010-1836", "CVE-2010-1837", "CVE-2010-1838", "CVE-2010-1840", "CVE-2010-1841", "CVE-2010-1845", "CVE-2010-1846", "CVE-2010-1848", "CVE-2010-1849", "CVE-2010-1850", "CVE-2010-2160", "CVE-2010-2161", "CVE-2010-2162", "CVE-2010-2163", "CVE-2010-2164", "CVE-2010-2165", "CVE-2010-2166", "CVE-2010-2167", "CVE-2010-2169", "CVE-2010-2170", "CVE-2010-2171", "CVE-2010-2172", "CVE-2010-2173", "CVE-2010-2174", "CVE-2010-2175", "CVE-2010-2176", "CVE-2010-2177", "CVE-2010-2178", "CVE-2010-2179", "CVE-2010-2180", "CVE-2010-2181", "CVE-2010-2182", "CVE-2010-2183", "CVE-2010-2184", "CVE-2010-2185", "CVE-2010-2186", "CVE-2010-2187", "CVE-2010-2188", "CVE-2010-2189", "CVE-2010-2213", "CVE-2010-2214", "CVE-2010-2215", "CVE-2010-2216", "CVE-2010-2249", "CVE-2010-2484", "CVE-2010-2497", "CVE-2010-2498", "CVE-2010-2499", "CVE-2010-2500", "CVE-2010-2519", "CVE-2010-2520", "CVE-2010-2531", "CVE-2010-2805", "CVE-2010-2806", "CVE-2010-2807", "CVE-2010-2808", "CVE-2010-2884", "CVE-2010-2941", "CVE-2010-3053", "CVE-2010-3054", "CVE-2010-3636", "CVE-2010-3638", "CVE-2010-3639", "CVE-2010-3640", "CVE-2010-3641", "CVE-2010-3642", "CVE-2010-3643", "CVE-2010-3644", "CVE-2010-3645", "CVE-2010-3646", "CVE-2010-3647", "CVE-2010-3648", "CVE-2010-3649", "CVE-2010-3650", "CVE-2010-3652", "CVE-2010-3654", "CVE-2010-3783", "CVE-2010-3784", "CVE-2010-3785", "CVE-2010-3796", "CVE-2010-3797", "CVE-2010-3976", "CVE-2010-4010" ); script_bugtraq_id( 31537, 34383, 34550, 38478, 39658, 40361, 40363, 40365, 40586, 40779, 40780, 40781, 40782, 40783, 40784, 40785, 40786, 40787, 40788, 40789, 40790, 40791, 40792, 40793, 40794, 40795, 40796, 40797, 40798, 40799, 40800, 40801, 40802, 40803, 40805, 40806, 40807, 40808, 40809, 41049, 41174, 42285, 42621, 42624, 44504, 44530, 44671, 44729, 44800, 44802, 44804, 44806, 44807, 44808, 44812, 44814, 44815, 44816, 44817, 44819, 44822, 44829, 44832, 44833, 44835, 99999 ); script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2010-007)"); script_summary(english:"Check for the presence of Security Update 2010-007"); script_set_attribute( attribute:"synopsis", value: "The remote host is missing a Mac OS X update that fixes security issues." ); script_set_attribute( attribute:"description", value: "The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2010-007 applied. This security update contains fixes for the following products : - AFP Server - Apache mod_perl - ATS - CFNetwork - CoreGraphics - CoreText - CUPS - Directory Services - diskdev_cmds - Disk Images - Flash Player plug-in - gzip - ImageIO - Image RAW - MySQL - Password Server - PHP - Printing - python - QuickLook - Safari RSS - Wiki Server - X11" ); script_set_attribute( attribute:"see_also", value:"http://support.apple.com/kb/HT4435" ); script_set_attribute( attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2010/Nov/msg00000.html" ); script_set_attribute( attribute:"solution", value:"Install Security Update 2010-007 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploithub_sku", value:"EH-11-164"); script_set_attribute(attribute:"exploit_framework_exploithub", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player "Button" Remote Code Execution'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(20, 79, 189, 399); script_set_attribute(attribute:"vuln_publication_date", value:"2010/11/10"); script_set_attribute(attribute:"patch_publication_date", value:"2010/11/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/11/10"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/MacOSX/packages", "Host/uname"); exit(0); } uname = get_kb_item("Host/uname"); if (!uname) exit(0, "The 'Host/uname' KB item is missing."); pat = "^.+Darwin.* ([0-9]+\.[0-9.]+).*$"; if (!ereg(pattern:pat, string:uname)) exit(0, "Can't identify the Darwin kernel version from the uname output ("+uname+")."); darwin = ereg_replace(pattern:pat, replace:"\1", string:uname); if (ereg(pattern:"^9\.[0-8]\.", string:darwin)) { packages = get_kb_item("Host/MacOSX/packages/boms"); if (!packages) exit(1, "The 'Host/MacOSX/packages/boms' KB item is missing."); if (egrep(pattern:"^com\.apple\.pkg\.update\.security\.(2010\.00[7-9]|201[1-9]\.[0-9]+)(\.leopard)?\.bom", string:packages)) exit(0, "The host has Security Update 2010-007 or later installed and therefore is not affected."); else security_hole(0); } else exit(0, "The host is running Darwin kernel version "+darwin+" and therefore is not affected.");NASL family SuSE Local Security Checks NASL id SUSE_11_3_APACHE2-MOD_PHP5-100812.NASL description PHP was updated to version 5.3.3 to fix serveral security issues. (CVE-2010-0397, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-1866, CVE-2010-1914, CVE-2010-1915, CVE-2010-1917, CVE-2010-2093, CVE-2010-2094, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2225, CVE-2010-2531, CVE-2010-2950, CVE-2010-3062, CVE-2010-3063, CVE-2010-3064, CVE-2010-3065) last seen 2020-06-01 modified 2020-06-02 plugin id 75429 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75429 title openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0599-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update apache2-mod_php5-2929. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(75429); script_version("1.4"); script_cvs_date("Date: 2019/10/25 13:36:39"); script_cve_id("CVE-2010-0397", "CVE-2010-1860", "CVE-2010-1862", "CVE-2010-1864", "CVE-2010-1866", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917", "CVE-2010-2093", "CVE-2010-2094", "CVE-2010-2097", "CVE-2010-2100", "CVE-2010-2101", "CVE-2010-2190", "CVE-2010-2191", "CVE-2010-2225", "CVE-2010-2531", "CVE-2010-2950", "CVE-2010-3062", "CVE-2010-3063", "CVE-2010-3064", "CVE-2010-3065"); script_name(english:"openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0599-1)"); script_summary(english:"Check for the apache2-mod_php5-2929 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "PHP was updated to version 5.3.3 to fix serveral security issues. (CVE-2010-0397, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-1866, CVE-2010-1914, CVE-2010-1915, CVE-2010-1917, CVE-2010-2093, CVE-2010-2094, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2225, CVE-2010-2531, CVE-2010-2950, CVE-2010-3062, CVE-2010-3063, CVE-2010-3064, CVE-2010-3065)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=588975" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=604315" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=604652" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=604654" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=604656" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=605097" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=605100" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=609763" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=609766" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=609768" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=609769" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=612555" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=612556" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=616232" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=619483" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=619486" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=619487" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=619489" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=633932" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=633934" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=636923" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2010-09/msg00013.html" ); script_set_attribute( attribute:"solution", value:"Update the affected apache2-mod_php5 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-hash"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3"); script_set_attribute(attribute:"patch_publication_date", value:"2010/08/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.3", reference:"apache2-mod_php5-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-bcmath-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-bz2-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-calendar-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-ctype-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-curl-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-dba-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-devel-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-dom-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-enchant-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-exif-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-fastcgi-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-fileinfo-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-ftp-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-gd-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-gettext-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-gmp-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-hash-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-iconv-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-imap-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-intl-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-json-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-ldap-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-mbstring-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-mcrypt-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-mysql-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-odbc-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-openssl-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-pcntl-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-pdo-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-pear-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-pgsql-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-phar-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-posix-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-pspell-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-readline-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-shmop-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-snmp-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-soap-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-sockets-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-sqlite-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-suhosin-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-sysvmsg-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-sysvsem-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-sysvshm-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-tidy-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-tokenizer-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-wddx-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-xmlreader-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-xmlrpc-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-xmlwriter-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-xsl-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-zip-5.3.3-0.1.2") ) flag++; if ( rpm_check(release:"SUSE11.3", reference:"php5-zlib-5.3.3-0.1.2") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2-mod_php5 / php5 / php5-bcmath / php5-bz2 / php5-calendar / etc"); }NASL family Scientific Linux Local Security Checks NASL id SL_20101129_PHP_ON_SL4_X.NASL description An input validation flaw was discovered in the PHP session serializer. If a PHP script generated session variable names from untrusted user input, a remote attacker could use this flaw to inject an arbitrary variable into the PHP session. (CVE-2010-3065) An information leak flaw was discovered in the PHP var_export() function implementation. If some fatal error occurred during the execution of this function (such as the exhaustion of memory or script execution time limit), part of the function last seen 2020-06-01 modified 2020-06-02 plugin id 60908 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60908 title Scientific Linux Security Update : php on SL4.x, SL5.x i386/x86_64 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(60908); script_version("1.5"); script_cvs_date("Date: 2019/10/25 13:36:19"); script_cve_id("CVE-2009-5016", "CVE-2010-0397", "CVE-2010-1128", "CVE-2010-1917", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870"); script_name(english:"Scientific Linux Security Update : php on SL4.x, SL5.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An input validation flaw was discovered in the PHP session serializer. If a PHP script generated session variable names from untrusted user input, a remote attacker could use this flaw to inject an arbitrary variable into the PHP session. (CVE-2010-3065) An information leak flaw was discovered in the PHP var_export() function implementation. If some fatal error occurred during the execution of this function (such as the exhaustion of memory or script execution time limit), part of the function's output was sent to the user as script output, possibly leading to the disclosure of sensitive information. (CVE-2010-2531) A numeric truncation error and an input validation flaw were found in the way the PHP utf8_decode() function decoded partial multi-byte sequences for some multi-byte encodings, sending them to output without them being escaped. An attacker could use these flaws to perform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870) It was discovered that the PHP lcg_value() function used insufficient entropy to seed the pseudo-random number generator. A remote attacker could possibly use this flaw to predict values returned by the function, which are used to generate session identifiers by default. This update changes the function's implementation to use more entropy during seeding. (CVE-2010-1128) It was discovered that the PHP fnmatch() function did not restrict the length of the pattern argument. A remote attacker could use this flaw to crash the PHP interpreter where a script used fnmatch() on untrusted matching patterns. (CVE-2010-1917) A NULL pointer dereference flaw was discovered in the PHP XML-RPC extension. A malicious XML-RPC client or server could use this flaw to crash the PHP interpreter via a specially crafted XML-RPC request. (CVE-2010-0397) After installing the updated packages, the httpd daemon must be restarted for the update to take effect." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1011&L=scientific-linux-errata&T=0&P=1564 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?a48d3681" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2010/11/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL4", reference:"php-4.3.9-3.31")) flag++; if (rpm_check(release:"SL4", reference:"php-devel-4.3.9-3.31")) flag++; if (rpm_check(release:"SL4", reference:"php-domxml-4.3.9-3.31")) flag++; if (rpm_check(release:"SL4", reference:"php-gd-4.3.9-3.31")) flag++; if (rpm_check(release:"SL4", reference:"php-imap-4.3.9-3.31")) flag++; if (rpm_check(release:"SL4", reference:"php-ldap-4.3.9-3.31")) flag++; if (rpm_check(release:"SL4", reference:"php-mbstring-4.3.9-3.31")) flag++; if (rpm_check(release:"SL4", reference:"php-mysql-4.3.9-3.31")) flag++; if (rpm_check(release:"SL4", reference:"php-ncurses-4.3.9-3.31")) flag++; if (rpm_check(release:"SL4", reference:"php-odbc-4.3.9-3.31")) flag++; if (rpm_check(release:"SL4", reference:"php-pear-4.3.9-3.31")) flag++; if (rpm_check(release:"SL4", reference:"php-pgsql-4.3.9-3.31")) flag++; if (rpm_check(release:"SL4", reference:"php-snmp-4.3.9-3.31")) flag++; if (rpm_check(release:"SL4", reference:"php-xmlrpc-4.3.9-3.31")) flag++; if (rpm_check(release:"SL5", reference:"php-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-bcmath-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-cli-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-common-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-dba-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-devel-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-gd-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-imap-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-ldap-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-mbstring-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-mysql-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-ncurses-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-odbc-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-pdo-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-pgsql-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-snmp-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-soap-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-xml-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"SL5", reference:"php-xmlrpc-5.1.6-27.el5_5.3")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family MacOS X Local Security Checks NASL id MACOSX_10_6_5.NASL description The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.5. Mac OS X 10.6.5 contains security fixes for the following products : - AFP Server - Apache mod_perl - Apache - AppKit - ATS - CFNetwork - CoreGraphics - CoreText - CUPS - Directory Services - diskdev_cmds - Disk Images - Flash Player plug-in - gzip - Image Capture - ImageIO - Image RAW - Kernel - MySQL - neon - Networking - OpenLDAP - OpenSSL - Password Server - PHP - Printing - python - QuickLook - QuickTime - Safari RSS - Time Machine - Wiki Server - X11 - xar last seen 2020-06-01 modified 2020-06-02 plugin id 50548 published 2010-11-10 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50548 title Mac OS X 10.6.x < 10.6.5 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # if (!defined_func("bn_random")) exit(0); if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(50548); script_version("1.52"); script_cvs_date("Date: 2018/07/14 1:59:35"); script_cve_id( "CVE-2008-4546", "CVE-2009-0796", "CVE-2009-0946", "CVE-2009-2473", "CVE-2009-2474", "CVE-2009-2624", "CVE-2009-3793", "CVE-2009-4134", "CVE-2010-0001", "CVE-2010-0105", "CVE-2010-0205", "CVE-2010-0209", "CVE-2010-0211", "CVE-2010-0212", "CVE-2010-0397", "CVE-2010-0408", "CVE-2010-0434", "CVE-2010-1205", "CVE-2010-1297", "CVE-2010-1378", "CVE-2010-1449", "CVE-2010-1450", "CVE-2010-1752", "CVE-2010-1803", "CVE-2010-1811", "CVE-2010-1828", "CVE-2010-1829", "CVE-2010-1830", "CVE-2010-1831", "CVE-2010-1832", "CVE-2010-1833", "CVE-2010-1834", "CVE-2010-1836", "CVE-2010-1837", "CVE-2010-1838", "CVE-2010-1840", "CVE-2010-1841", "CVE-2010-1842", "CVE-2010-1843", "CVE-2010-1844", "CVE-2010-1845", "CVE-2010-1846", "CVE-2010-1847", "CVE-2010-1848", "CVE-2010-1849", "CVE-2010-1850", "CVE-2010-2160", "CVE-2010-2161", "CVE-2010-2162", "CVE-2010-2163", "CVE-2010-2164", "CVE-2010-2165", "CVE-2010-2166", "CVE-2010-2167", "CVE-2010-2169", "CVE-2010-2170", "CVE-2010-2171", "CVE-2010-2172", "CVE-2010-2173", "CVE-2010-2174", "CVE-2010-2175", "CVE-2010-2176", "CVE-2010-2177", "CVE-2010-2178", "CVE-2010-2179", "CVE-2010-2180", "CVE-2010-2181", "CVE-2010-2182", "CVE-2010-2183", "CVE-2010-2184", "CVE-2010-2185", "CVE-2010-2186", "CVE-2010-2187", "CVE-2010-2188", "CVE-2010-2189", "CVE-2010-2213", "CVE-2010-2214", "CVE-2010-2215", "CVE-2010-2216", "CVE-2010-2249", "CVE-2010-2497", "CVE-2010-2498", "CVE-2010-2499", "CVE-2010-2500", "CVE-2010-2519", "CVE-2010-2520", "CVE-2010-2531", "CVE-2010-2805", "CVE-2010-2806", "CVE-2010-2807", "CVE-2010-2808", "CVE-2010-2884", "CVE-2010-2941", "CVE-2010-3053", "CVE-2010-3054", "CVE-2010-3636", "CVE-2010-3638", "CVE-2010-3639", "CVE-2010-3640", "CVE-2010-3641", "CVE-2010-3642", "CVE-2010-3643", "CVE-2010-3644", "CVE-2010-3645", "CVE-2010-3646", "CVE-2010-3647", "CVE-2010-3648", "CVE-2010-3649", "CVE-2010-3650", "CVE-2010-3652", "CVE-2010-3654", "CVE-2010-3783", "CVE-2010-3784", "CVE-2010-3785", "CVE-2010-3786", "CVE-2010-3787", "CVE-2010-3788", "CVE-2010-3789", "CVE-2010-3790", "CVE-2010-3791", "CVE-2010-3792", "CVE-2010-3793", "CVE-2010-3794", "CVE-2010-3795", "CVE-2010-3796", "CVE-2010-3797", "CVE-2010-3798", "CVE-2010-3976" ); script_bugtraq_id( 31537, 34383, 34550, 36079, 38478, 38491, 38494, 38708, 39658, 40361, 40363, 40365, 40586, 40779, 40780, 40781, 40782, 40783, 40784, 40785, 40786, 40787, 40788, 40789, 40790, 40791, 40792, 40793, 40794, 40795, 40796, 40797, 40798, 40799, 40800, 40801, 40802, 40803, 40805, 40806, 40807, 40808, 40809, 41049, 41174, 41770, 42285, 42621, 42624, 44504, 44530, 44671, 44784, 44785, 44787, 44789, 44790, 44792, 44794, 44795, 44796, 44798, 44799, 44800, 44802, 44803, 44804, 44805, 44806, 44807, 44808, 44811, 44812, 44813, 44814, 44815, 44816, 44817, 44819, 44822, 44828, 44829, 44831, 44832, 44833, 44834, 44835, 44840 ); script_name(english:"Mac OS X 10.6.x < 10.6.5 Multiple Vulnerabilities"); script_summary(english:"Check the version of Mac OS X"); script_set_attribute( attribute:"synopsis", value: "The remote host is missing a Mac OS X update that fixes various security issues." ); script_set_attribute( attribute:"description", value: "The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.5. Mac OS X 10.6.5 contains security fixes for the following products : - AFP Server - Apache mod_perl - Apache - AppKit - ATS - CFNetwork - CoreGraphics - CoreText - CUPS - Directory Services - diskdev_cmds - Disk Images - Flash Player plug-in - gzip - Image Capture - ImageIO - Image RAW - Kernel - MySQL - neon - Networking - OpenLDAP - OpenSSL - Password Server - PHP - Printing - python - QuickLook - QuickTime - Safari RSS - Time Machine - Wiki Server - X11 - xar" ); script_set_attribute( attribute:"see_also", value:"http://support.apple.com/kb/HT4435" ); script_set_attribute( attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2010/Nov/msg00000.html" ); script_set_attribute( attribute:"solution", value:"Upgrade to Mac OS X 10.6.5 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploithub_sku", value:"EH-11-164"); script_set_attribute(attribute:"exploit_framework_exploithub", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player "Button" Remote Code Execution'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(20, 79, 189, 200, 310, 399); script_set_attribute(attribute:"vuln_publication_date", value:"2010/11/10"); script_set_attribute(attribute:"patch_publication_date", value:"2010/11/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/11/10"); script_set_attribute(attribute:"plugin_type", value:"combined"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc."); script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl"); exit(0); } os = get_kb_item("Host/MacOSX/Version"); if (!os) { os = get_kb_item("Host/OS"); if (isnull(os)) exit(0, "The 'Host/OS' KB item is missing."); if ("Mac OS X" >!< os) exit(0, "The host does not appear to be running Mac OS X."); c = get_kb_item("Host/OS/Confidence"); if (c <= 70) exit(1, "Can't determine the host's OS with sufficient confidence."); } if (!os) exit(0, "The host does not appear to be running Mac OS X."); if (ereg(pattern:"Mac OS X 10\.6($|\.[0-4]([^0-9]|$))", string:os)) security_hole(0); else exit(0, "The host is not affected as it is running "+os+".");NASL family Fedora Local Security Checks NASL id FEDORA_2010-11481.NASL description Update to PHP 5.3.3 Security Enhancements and Fixes in PHP 5.3.3: * Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). * Fixed a possible resource destruction issues in shm_put_var(). * Fixed a possible information leak because of interruption of XOR operator. * Fixed a possible memory corruption because of unexpected call-time pass by refernce and following memory clobbering through callbacks. * Fixed a possible memory corruption in ArrayObject::uasort(). * Fixed a possible memory corruption in parse_str(). * Fixed a possible memory corruption in pack(). * Fixed a possible memory corruption in substr_replace(). * Fixed a possible memory corruption in addcslashes(). * Fixed a possible stack exhaustion inside fnmatch(). * Fixed a possible dechunking filter buffer overflow. * Fixed a possible arbitrary memory access inside sqlite extension. * Fixed string format validation inside phar extension. * Fixed handling of session variable serialization on certain prefix characters. * Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). * Fixed SplObjectStorage unserialization problems (CVE-2010-2225). * Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. * Fixed possible buffer overflows when handling error packets in mysqlnd. Full upstream Changelog: http://www.php.net/ChangeLog-5.php#5.3.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 48412 published 2010-08-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/48412 title Fedora 13 : maniadrive-1.2-22.fc13 / php-5.3.3-1.fc13 / php-eaccelerator-0.9.6.1-2.fc13 (2010-11481) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2010-11481. # include("compat.inc"); if (description) { script_id(48412); script_version("1.12"); script_cvs_date("Date: 2019/08/02 13:32:31"); script_cve_id("CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917", "CVE-2010-2190", "CVE-2010-2225"); script_bugtraq_id(38708, 40948, 41991); script_xref(name:"FEDORA", value:"2010-11481"); script_name(english:"Fedora 13 : maniadrive-1.2-22.fc13 / php-5.3.3-1.fc13 / php-eaccelerator-0.9.6.1-2.fc13 (2010-11481)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Update to PHP 5.3.3 Security Enhancements and Fixes in PHP 5.3.3: * Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). * Fixed a possible resource destruction issues in shm_put_var(). * Fixed a possible information leak because of interruption of XOR operator. * Fixed a possible memory corruption because of unexpected call-time pass by refernce and following memory clobbering through callbacks. * Fixed a possible memory corruption in ArrayObject::uasort(). * Fixed a possible memory corruption in parse_str(). * Fixed a possible memory corruption in pack(). * Fixed a possible memory corruption in substr_replace(). * Fixed a possible memory corruption in addcslashes(). * Fixed a possible stack exhaustion inside fnmatch(). * Fixed a possible dechunking filter buffer overflow. * Fixed a possible arbitrary memory access inside sqlite extension. * Fixed string format validation inside phar extension. * Fixed handling of session variable serialization on certain prefix characters. * Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). * Fixed SplObjectStorage unserialization problems (CVE-2010-2225). * Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. * Fixed possible buffer overflows when handling error packets in mysqlnd. Full upstream Changelog: http://www.php.net/ChangeLog-5.php#5.3.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"http://www.php.net/ChangeLog-5.php#5.3.3" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=601897" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=605641" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=617180" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=617211" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=617232" ); # https://lists.fedoraproject.org/pipermail/package-announce/2010-August/046021.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?55eac0ed" ); # https://lists.fedoraproject.org/pipermail/package-announce/2010-August/046022.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?6846dc20" ); # https://lists.fedoraproject.org/pipermail/package-announce/2010-August/046023.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?dc90da11" ); script_set_attribute( attribute:"solution", value: "Update the affected maniadrive, php and / or php-eaccelerator packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:maniadrive"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:php"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:php-eaccelerator"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:13"); script_set_attribute(attribute:"patch_publication_date", value:"2010/07/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/08/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^13([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 13.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC13", reference:"maniadrive-1.2-22.fc13")) flag++; if (rpm_check(release:"FC13", reference:"php-5.3.3-1.fc13")) flag++; if (rpm_check(release:"FC13", reference:"php-eaccelerator-0.9.6.1-2.fc13")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "maniadrive / php / php-eaccelerator"); }NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-140.NASL description This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Security Enhancements and Fixes in PHP 5.3.3 : - Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). - Fixed a possible resource destruction issues in shm_put_var(). - Fixed a possible information leak because of interruption of XOR operator. - Fixed a possible memory corruption because of unexpected call-time pass by refernce and following memory clobbering through callbacks. - Fixed a possible memory corruption in ArrayObject::uasort(). - Fixed a possible memory corruption in parse_str(). - Fixed a possible memory corruption in pack(). - Fixed a possible memory corruption in substr_replace(). - Fixed a possible memory corruption in addcslashes(). - Fixed a possible stack exhaustion inside fnmatch(). - Fixed a possible dechunking filter buffer overflow. - Fixed a possible arbitrary memory access inside sqlite extension. - Fixed string format validation inside phar extension. - Fixed handling of session variable serialization on certain prefix characters. - Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). - Fixed SplObjectStorage unserialization problems (CVE-2010-2225). - Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. - Fixed possible buffer overflows when handling error packets in mysqlnd. Additionally some of the third-party extensions and required dependencies has been upgraded and/or rebuilt for the new php version. last seen 2020-06-01 modified 2020-06-02 plugin id 48198 published 2010-07-30 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/48198 title Mandriva Linux Security Advisory : php (MDVSA-2010:140) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2010:140. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(48198); script_version("1.10"); script_cvs_date("Date: 2019/08/02 13:32:53"); script_cve_id("CVE-2010-0397", "CVE-2010-2225", "CVE-2010-2531"); script_xref(name:"MDVSA", value:"2010:140"); script_name(english:"Mandriva Linux Security Advisory : php (MDVSA-2010:140)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Security Enhancements and Fixes in PHP 5.3.3 : - Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). - Fixed a possible resource destruction issues in shm_put_var(). - Fixed a possible information leak because of interruption of XOR operator. - Fixed a possible memory corruption because of unexpected call-time pass by refernce and following memory clobbering through callbacks. - Fixed a possible memory corruption in ArrayObject::uasort(). - Fixed a possible memory corruption in parse_str(). - Fixed a possible memory corruption in pack(). - Fixed a possible memory corruption in substr_replace(). - Fixed a possible memory corruption in addcslashes(). - Fixed a possible stack exhaustion inside fnmatch(). - Fixed a possible dechunking filter buffer overflow. - Fixed a possible arbitrary memory access inside sqlite extension. - Fixed string format validation inside phar extension. - Fixed handling of session variable serialization on certain prefix characters. - Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). - Fixed SplObjectStorage unserialization problems (CVE-2010-2225). - Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. - Fixed possible buffer overflows when handling error packets in mysqlnd. Additionally some of the third-party extensions and required dependencies has been upgraded and/or rebuilt for the new php version." ); script_set_attribute( attribute:"see_also", value:"http://www.php.net/ChangeLog-5.php#5.3.3" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache-mod_php"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mbfl-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mbfl1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64php5_common5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmbfl-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libmbfl1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libphp5_common5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-apc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-apc-admin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-bz2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-calendar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-cgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ctype"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-dio"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-dom"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-eaccelerator"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-eaccelerator-admin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-exif"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-fam"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-fileinfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-filepro"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-filter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ftp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gearman"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gettext"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-hash"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-iconv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-idn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ini"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mailparse"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mcal"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mssql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mysqli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-optimizer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pcntl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_dblib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_sqlite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pinba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-posix"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-readline"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-recode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sasl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-session"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-shmop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sockets"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sphinx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sqlite3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ssh2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-suhosin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sybase_ct"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sysvmsg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sysvsem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sysvshm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-tclink"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-timezonedb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-tokenizer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-translit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-vld"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-wddx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xattr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xdebug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xmlreader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xmlwriter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xsl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-zip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-zlib"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.1"); script_set_attribute(attribute:"patch_publication_date", value:"2010/07/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/07/30"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2010.0", reference:"apache-mod_php-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64mbfl-devel-1.1.0-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64mbfl1-1.1.0-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", cpu:"x86_64", reference:"lib64php5_common5-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libmbfl-devel-1.1.0-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libmbfl1-1.1.0-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libphp5_common5-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-apc-3.1.3p1-2.4mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-apc-admin-3.1.3p1-2.4mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-bcmath-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-bz2-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-calendar-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-cgi-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-cli-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-ctype-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-curl-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-dba-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-devel-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-dio-0.0.2-6.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-doc-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-dom-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-eaccelerator-0.9.6.1-0.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-eaccelerator-admin-0.9.6.1-0.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-enchant-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-exif-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-fam-5.0.1-10.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-fileinfo-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-filepro-5.1.6-20.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-filter-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-fpm-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-ftp-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-gd-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-gettext-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-gmp-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-hash-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-iconv-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-idn-1.2b-18.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-imap-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-ini-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-intl-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-json-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-ldap-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-mailparse-2.1.5-3.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-mbstring-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-mcal-0.6-30.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-mcrypt-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-mssql-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-mysql-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-mysqli-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-odbc-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-openssl-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-optimizer-0.1-0.alpha2.3.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-pcntl-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-pdo-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-pdo_dblib-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-pdo_mysql-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-pdo_odbc-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-pdo_pgsql-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-pdo_sqlite-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-pgsql-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-posix-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-pspell-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-readline-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-recode-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-sasl-0.1.0-28.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-session-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-shmop-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-snmp-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-soap-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-sockets-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-sqlite3-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-ssh2-0.11.1-0.20090208.4.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-suhosin-0.9.32.1-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-sybase_ct-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-sysvmsg-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-sysvsem-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-sysvshm-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-tclink-3.4.5-1.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-tidy-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-timezonedb-2010.9-0.3mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-tokenizer-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-translit-0.6.0-10.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-vld-0.10.1-0.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-wddx-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-xattr-1.1.0-9.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-xdebug-2.1.0-0.2mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-xml-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-xmlreader-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-xmlrpc-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-xmlwriter-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-xsl-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-zip-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.0", reference:"php-zlib-5.3.3-0.1mdv2010.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"apache-mod_php-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64mbfl-devel-1.1.0-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64mbfl1-1.1.0-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"x86_64", reference:"lib64php5_common5-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libmbfl-devel-1.1.0-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libmbfl1-1.1.0-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", cpu:"i386", reference:"libphp5_common5-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-apc-3.1.3p1-8.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-apc-admin-3.1.3p1-8.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-bcmath-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-bz2-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-calendar-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-cgi-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-cli-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-ctype-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-curl-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-dba-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-devel-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-doc-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-dom-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-eaccelerator-0.9.6.1-1.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-eaccelerator-admin-0.9.6.1-1.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-enchant-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-exif-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-fileinfo-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-filter-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-fpm-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-ftp-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-gd-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-gearman-0.7.0-0.0.r295852.1.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-gettext-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-gmp-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-hash-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-iconv-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-imap-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-ini-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-intl-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-json-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-ldap-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-mailparse-2.1.5-8.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-mbstring-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-mcal-0.6-35.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-mcrypt-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-mssql-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-mysql-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-mysqli-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-odbc-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-openssl-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-optimizer-0.1-0.alpha2.8.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-pcntl-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-pdo-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-pdo_dblib-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-pdo_mysql-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-pdo_odbc-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-pdo_pgsql-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-pdo_sqlite-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-pgsql-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-pinba-0.0.5-2.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-posix-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-pspell-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-readline-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-recode-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-sasl-0.1.0-33.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-session-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-shmop-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-snmp-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-soap-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-sockets-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-sphinx-1.0.4-2.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-sqlite3-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-ssh2-0.11.1-0.20090208.8.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-suhosin-0.9.32.1-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-sybase_ct-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-sysvmsg-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-sysvsem-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-sysvshm-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-tclink-3.4.5-7.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-tidy-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-timezonedb-2010.9-1.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-tokenizer-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-translit-0.6.0-15.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-vld-0.10.1-1.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-wddx-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-xattr-1.1.0-13.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-xdebug-2.1.0-0.2mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-xml-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-xmlreader-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-xmlrpc-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-xmlwriter-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-xsl-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-zip-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2010.1", reference:"php-zlib-5.3.3-0.1mdv2010.1", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0919.NASL description Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An input validation flaw was discovered in the PHP session serializer. If a PHP script generated session variable names from untrusted user input, a remote attacker could use this flaw to inject an arbitrary variable into the PHP session. (CVE-2010-3065) An information leak flaw was discovered in the PHP var_export() function implementation. If some fatal error occurred during the execution of this function (such as the exhaustion of memory or script execution time limit), part of the function last seen 2020-06-01 modified 2020-06-02 plugin id 50841 published 2010-11-30 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50841 title RHEL 4 / 5 : php (RHSA-2010:0919) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2010:0919. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(50841); script_version ("1.20"); script_cvs_date("Date: 2019/10/25 13:36:15"); script_cve_id("CVE-2009-5016", "CVE-2010-0397", "CVE-2010-1128", "CVE-2010-1917", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870"); script_bugtraq_id(38430, 38708, 41991, 44605, 44889); script_xref(name:"RHSA", value:"2010:0919"); script_name(english:"RHEL 4 / 5 : php (RHSA-2010:0919)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An input validation flaw was discovered in the PHP session serializer. If a PHP script generated session variable names from untrusted user input, a remote attacker could use this flaw to inject an arbitrary variable into the PHP session. (CVE-2010-3065) An information leak flaw was discovered in the PHP var_export() function implementation. If some fatal error occurred during the execution of this function (such as the exhaustion of memory or script execution time limit), part of the function's output was sent to the user as script output, possibly leading to the disclosure of sensitive information. (CVE-2010-2531) A numeric truncation error and an input validation flaw were found in the way the PHP utf8_decode() function decoded partial multi-byte sequences for some multi-byte encodings, sending them to output without them being escaped. An attacker could use these flaws to perform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870) It was discovered that the PHP lcg_value() function used insufficient entropy to seed the pseudo-random number generator. A remote attacker could possibly use this flaw to predict values returned by the function, which are used to generate session identifiers by default. This update changes the function's implementation to use more entropy during seeding. (CVE-2010-1128) It was discovered that the PHP fnmatch() function did not restrict the length of the pattern argument. A remote attacker could use this flaw to crash the PHP interpreter where a script used fnmatch() on untrusted matching patterns. (CVE-2010-1917) A NULL pointer dereference flaw was discovered in the PHP XML-RPC extension. A malicious XML-RPC client or server could use this flaw to crash the PHP interpreter via a specially crafted XML-RPC request. (CVE-2010-0397) All php users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-5016" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0397" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-1128" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-1917" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-2531" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-3065" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-3870" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2010:0919" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-domxml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-ncurses"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-pear"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.8"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2010/03/16"); script_set_attribute(attribute:"patch_publication_date", value:"2010/11/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/11/30"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x / 5.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2010:0919"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL4", reference:"php-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL4", reference:"php-devel-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL4", reference:"php-domxml-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL4", reference:"php-gd-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL4", reference:"php-imap-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL4", reference:"php-ldap-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL4", reference:"php-mbstring-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL4", reference:"php-mysql-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL4", reference:"php-ncurses-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL4", reference:"php-odbc-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL4", reference:"php-pear-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL4", reference:"php-pgsql-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL4", reference:"php-snmp-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL4", reference:"php-xmlrpc-4.3.9-3.31")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-bcmath-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-bcmath-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-bcmath-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-cli-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-cli-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-cli-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-common-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-common-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-common-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-dba-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-dba-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-dba-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-devel-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-devel-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-devel-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-gd-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-gd-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-gd-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-imap-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-imap-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-imap-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-ldap-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-ldap-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-ldap-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-mbstring-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-mbstring-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-mbstring-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-mysql-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-mysql-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-mysql-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-ncurses-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-ncurses-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-ncurses-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-odbc-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-odbc-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-odbc-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-pdo-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-pdo-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-pdo-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-pgsql-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-pgsql-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-pgsql-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-snmp-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-snmp-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-snmp-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-soap-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-soap-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-soap-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-xml-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-xml-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-xml-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"php-xmlrpc-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"php-xmlrpc-5.1.6-27.el5_5.3")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"php-xmlrpc-5.1.6-27.el5_5.3")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc"); } }NASL family SuSE Local Security Checks NASL id SUSE_11_APACHE2-MOD_PHP5-100805.NASL description PHP was updated to version 5.2.14 to fix serveral security issues : - CVE-2010-1860 - CVE-2010-1862 - CVE-2010-1864 - CVE-2010-1914 - CVE-2010-1915 - CVE-2010-1917 - CVE-2010-2093 - CVE-2010-2094 - CVE-2010-2097 - CVE-2010-2100 - CVE-2010-2101 - CVE-2010-2190 - CVE-2010-2191 - CVE-2010-2225 - CVE-2010-2484 - CVE-2010-2531 - CVE-2010-3062 - CVE-2010-3063 - CVE-2010-3064 - CVE-2010-3065 last seen 2020-06-01 modified 2020-06-02 plugin id 50890 published 2010-12-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50890 title SuSE 11 / 11.1 Security Update : Apache 2 (SAT Patch Numbers 2880 / 2881) NASL family Fedora Local Security Checks NASL id FEDORA_2010-11428.NASL description Update to PHP 5.3.3 Security Enhancements and Fixes in PHP 5.3.3: * Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). * Fixed a possible resource destruction issues in shm_put_var(). * Fixed a possible information leak because of interruption of XOR operator. * Fixed a possible memory corruption because of unexpected call-time pass by refernce and following memory clobbering through callbacks. * Fixed a possible memory corruption in ArrayObject::uasort(). * Fixed a possible memory corruption in parse_str(). * Fixed a possible memory corruption in pack(). * Fixed a possible memory corruption in substr_replace(). * Fixed a possible memory corruption in addcslashes(). * Fixed a possible stack exhaustion inside fnmatch(). * Fixed a possible dechunking filter buffer overflow. * Fixed a possible arbitrary memory access inside sqlite extension. * Fixed string format validation inside phar extension. * Fixed handling of session variable serialization on certain prefix characters. * Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). * Fixed SplObjectStorage unserialization problems (CVE-2010-2225). * Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. * Fixed possible buffer overflows when handling error packets in mysqlnd. Full upstream Changelog: http://www.php.net/ChangeLog-5.php#5.3.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 48411 published 2010-08-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/48411 title Fedora 12 : maniadrive-1.2-22.fc12 / php-5.3.3-1.fc12 / php-eaccelerator-0.9.6.1-2.fc12 (2010-11428) NASL family SuSE Local Security Checks NASL id SUSE_11_2_APACHE2-MOD_PHP5-100506.NASL description Incomplete XML RPC requests could crash the php interpreter (CVE-2010-0397). PHP was updated to version 5.3.2 to fix the problem. last seen 2020-06-01 modified 2020-06-02 plugin id 46356 published 2010-05-18 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46356 title openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0255-1) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-068.NASL description A vulnerability has been found and corrected in php : The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument (CVE-2010-0397). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 45370 published 2010-03-29 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/45370 title Mandriva Linux Security Advisory : php (MDVSA-2010:068) NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2010-005.NASL description The remote host is running a version of Mac OS X 10.6 or 10.5 that does not have Security Update 2010-005 applied. This security update contains fixes for the following products : - ATS - CFNetwork - ClamAV - CoreGraphics - libsecurity - PHP - Samba last seen 2020-06-01 modified 2020-06-02 plugin id 48424 published 2010-08-24 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/48424 title Mac OS X Multiple Vulnerabilities (Security Update 2010-005) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0919.NASL description Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An input validation flaw was discovered in the PHP session serializer. If a PHP script generated session variable names from untrusted user input, a remote attacker could use this flaw to inject an arbitrary variable into the PHP session. (CVE-2010-3065) An information leak flaw was discovered in the PHP var_export() function implementation. If some fatal error occurred during the execution of this function (such as the exhaustion of memory or script execution time limit), part of the function last seen 2020-06-01 modified 2020-06-02 plugin id 50862 published 2010-12-02 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50862 title CentOS 4 / 5 : php (CESA-2010:0919) NASL family SuSE Local Security Checks NASL id SUSE_11_2_APACHE2-MOD_PHP5-100813.NASL description PHP was updated to version 5.3.3 to fix serveral security issues. (CVE-2010-0397, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-1866, CVE-2010-1914, CVE-2010-1915, CVE-2010-1917, CVE-2010-2093, CVE-2010-2094, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2225, CVE-2010-2531, CVE-2010-2950, CVE-2010-3062, CVE-2010-3063, CVE-2010-3064, CVE-2010-3065) last seen 2020-06-01 modified 2020-06-02 plugin id 49210 published 2010-09-13 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/49210 title openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0599-1) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-139.NASL description This is a maintenance and security update that upgrades php to 5.2.14 for CS4/MES5/2008.0/2009.0/2009.1. Security Enhancements and Fixes in PHP 5.2.14 : - Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). - Fixed a possible interruption array leak in strrchr().(CVE-2010-2484) - Fixed a possible interruption array leak in strchr(), strstr(), substr(), chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). - Fixed a possible memory corruption in substr_replace(). - Fixed SplObjectStorage unserialization problems (CVE-2010-2225). - Fixed a possible stack exaustion inside fnmatch(). - Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). - Fixed handling of session variable serialization on certain prefix characters. - Fixed a possible arbitrary memory access inside sqlite extension. Reported by Mateusz Kocielski. Additionally some of the third-party extensions has been upgraded and/or rebuilt for the new php version. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90 last seen 2020-06-01 modified 2020-06-02 plugin id 48197 published 2010-07-30 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/48197 title Mandriva Linux Security Advisory : php (MDVSA-2010:139) NASL family SuSE Local Security Checks NASL id SUSE_11_1_APACHE2-MOD_PHP5-100507.NASL description Incomplete XML RPC requests could crash the php interpreter (CVE-2010-0397). PHP was updated to version 5.2.12 to fix the problem. last seen 2020-06-01 modified 2020-06-02 plugin id 46354 published 2010-05-18 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46354 title openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0255-2) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2018.NASL description Auke van Slooten discovered that PHP 5, an hypertext preprocessor, crashes (because of a NULL pointer dereference) when processing invalid XML-RPC requests. last seen 2020-06-01 modified 2020-06-02 plugin id 45094 published 2010-03-19 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/45094 title Debian DSA-2018-1 : php5 - DoS (crash) NASL family CGI abuses NASL id PHP_5_3_3.NASL description According to its banner, the version of PHP 5.3 installed on the remote host is older than 5.3.3. Such versions may be affected by several security issues : - An error exists when processing invalid XML-RPC requests that can lead to a NULL pointer dereference. (bug #51288) (CVE-2010-0397) - An error exists in the function last seen 2020-06-01 modified 2020-06-02 plugin id 48245 published 2010-08-04 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/48245 title PHP 5.3 < 5.3.3 Multiple Vulnerabilities NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0919.NASL description From Red Hat Security Advisory 2010:0919 : Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An input validation flaw was discovered in the PHP session serializer. If a PHP script generated session variable names from untrusted user input, a remote attacker could use this flaw to inject an arbitrary variable into the PHP session. (CVE-2010-3065) An information leak flaw was discovered in the PHP var_export() function implementation. If some fatal error occurred during the execution of this function (such as the exhaustion of memory or script execution time limit), part of the function last seen 2020-06-01 modified 2020-06-02 plugin id 68150 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68150 title Oracle Linux 4 / 5 : php (ELSA-2010-0919) NASL family CGI abuses NASL id PHP_5_2_14.NASL description According to its banner, the version of PHP 5.2 installed on the remote host is older than 5.2.14. Such versions may be affected by several security issues : - An error exists when processing invalid XML-RPC requests that can lead to a NULL pointer dereference. (bug #51288) (CVE-2010-0397) - An error exists in the function last seen 2020-06-01 modified 2020-06-02 plugin id 48244 published 2010-08-04 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/48244 title PHP 5.2 < 5.2.14 Multiple Vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-989-1.NASL description Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc requests. An attacker could exploit this issue to cause the PHP server to crash, resulting in a denial of service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-0397) It was discovered that the pseudorandom number generator in PHP did not provide the expected entropy. An attacker could exploit this issue to predict values that were intended to be random, such as session cookies. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-1128) It was discovered that PHP did not properly handle directory pathnames that lacked a trailing slash character. An attacker could exploit this issue to bypass safe_mode restrictions. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-1129) Grzegorz Stachowiak discovered that the PHP session extension did not properly handle semicolon characters. An attacker could exploit this issue to bypass safe_mode restrictions. This issue only affected Ubuntu 8.04 LTS, 9.04 and 9.10. (CVE-2010-1130) Stefan Esser discovered that PHP incorrectly decoded remote HTTP chunked encoding streams. An attacker could exploit this issue to cause the PHP server to crash and possibly execute arbitrary code with application privileges. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-1866) Mateusz Kocielski discovered that certain PHP SQLite functions incorrectly handled empty SQL queries. An attacker could exploit this issue to possibly execute arbitrary code with application privileges. (CVE-2010-1868) Mateusz Kocielski discovered that PHP incorrectly handled certain arguments to the fnmatch function. An attacker could exploit this flaw and cause the PHP server to consume all available stack memory, resulting in a denial of service. (CVE-2010-1917) Stefan Esser discovered that PHP incorrectly handled certain strings in the phar extension. An attacker could exploit this flaw to possibly view sensitive information. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-2094, CVE-2010-2950) Stefan Esser discovered that PHP incorrectly handled deserialization of SPLObjectStorage objects. A remote attacker could exploit this issue to view sensitive information and possibly execute arbitrary code with application privileges. This issue only affected Ubuntu 8.04 LTS, 9.04, 9.10 and 10.04 LTS. (CVE-2010-2225) It was discovered that PHP incorrectly filtered error messages when limits for memory, execution time, or recursion were exceeded. A remote attacker could exploit this issue to possibly view sensitive information. (CVE-2010-2531) Stefan Esser discovered that the PHP session serializer incorrectly handled the PS_UNDEF_MARKER marker. An attacker could exploit this issue to alter arbitrary session variables. (CVE-2010-3065). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 49306 published 2010-09-21 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/49306 title Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : php5 vulnerabilities (USN-989-1)
Redhat
| advisories |
| ||||
| rpms |
|
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 38708 CVE(CAN) ID: CVE-2010-0397 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP所使用的xmlrpc扩展在解码畸形xml-rpc请求时存在空指针引用错误。如果请求为有效的xml但没有包含预期的标签,xmlrpc_decode_request就会生成分段错误并导致崩溃。 PHP 5.3.1 厂商补丁: PHP --- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.php.net |
| id | SSV:19297 |
| last seen | 2017-11-19 |
| modified | 2010-03-19 |
| published | 2010-03-19 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-19297 |
| title | PHP xmlrpc扩展空指针引用拒绝服务漏洞 |
Statements
| contributor | Vincent Danen |
| lastmodified | 2010-03-22 |
| organization | Red Hat |
| statement | Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0397 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. |
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573573
- http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
- http://secunia.com/advisories/42410
- http://support.apple.com/kb/HT4312
- http://support.apple.com/kb/HT4435
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:068
- http://www.openwall.com/lists/oss-security/2010/03/12/5
- http://www.redhat.com/support/errata/RHSA-2010-0919.html
- http://www.securityfocus.com/bid/38708
- http://www.vupen.com/english/advisories/2010/0724
- http://www.vupen.com/english/advisories/2010/3081