Vulnerabilities > CVE-2011-0753 - Race Condition vulnerability in PHP

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
php
CWE-362
nessus

Summary

Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals.

Vulnerable Configurations

Part Description Count
Application
Php
412

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Leveraging Race Conditions
    This attack targets a race condition occurring when multiple processes access and manipulate the same resource concurrently and the outcome of the execution depends on the particular order in which the access takes place. The attacker can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance a race condition can occur while accessing a file, the attacker can trick the system by replacing the original file with his version and cause the system to read the malicious file.
  • Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
    This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. The typical example is the file access. The attacker can leverage a file access race condition by "running the race", meaning that he would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the attacker could do something such as replace the file and cause an escalation of privilege.

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_3_APACHE2-MOD_PHP5-110309.NASL
    descriptionphp5 was updated to fix several security issues. (CVE-2010-3709, CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698, CVE-2010-4699, CVE-2010-4700, CVE-2011-0752, CVE-2011-0753, CVE-2011-0755,CVE-2011-0708, CVE-2011-0420)
    last seen2020-06-01
    modified2020-06-02
    plugin id75431
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/75431
    titleopenSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update apache2-mod_php5-4119.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(75431);
      script_version("1.4");
      script_cvs_date("Date: 2019/10/25 13:36:41");
    
      script_cve_id("CVE-2010-3709", "CVE-2010-4150", "CVE-2010-4645", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2010-4700", "CVE-2011-0420", "CVE-2011-0708", "CVE-2011-0752", "CVE-2011-0753", "CVE-2011-0755");
    
      script_name(english:"openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)");
      script_summary(english:"Check for the apache2-mod_php5-4119 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "php5 was updated to fix several security issues. (CVE-2010-3709,
    CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698,
    CVE-2010-4699, CVE-2010-4700, CVE-2011-0752, CVE-2011-0753,
    CVE-2011-0755,CVE-2011-0708, CVE-2011-0420)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=655968"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=656523"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=660102"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=662932"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=666512"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=669162"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=669188"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=669189"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=671710"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=672933"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.opensuse.org/opensuse-updates/2011-04/msg00002.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected apache2-mod_php5 packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-hash");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/03/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.3", reference:"apache2-mod_php5-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-bcmath-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-bz2-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-calendar-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-ctype-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-curl-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-dba-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-devel-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-dom-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-enchant-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-exif-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-fastcgi-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-fileinfo-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-ftp-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-gd-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-gettext-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-gmp-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-hash-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-iconv-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-imap-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-intl-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-json-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-ldap-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-mbstring-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-mcrypt-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-mysql-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-odbc-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-openssl-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-pcntl-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-pdo-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-pear-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-pgsql-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-phar-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-posix-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-pspell-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-readline-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-shmop-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-snmp-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-soap-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-sockets-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-sqlite-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-suhosin-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-sysvmsg-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-sysvsem-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-sysvshm-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-tidy-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-tokenizer-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-wddx-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-xmlreader-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-xmlrpc-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-xmlwriter-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-xsl-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-zip-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.3", reference:"php5-zlib-5.3.3-0.17.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php5");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_APACHE2-MOD_PHP5-7375.NASL
    descriptionphp5 was updated to fix several security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id53285
    published2011-04-04
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/53285
    titleSuSE 10 Security Update : PHP5 (ZYPP Patch Number 7375)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(53285);
      script_version ("1.6");
      script_cvs_date("Date: 2019/10/25 13:36:43");
    
      script_cve_id("CVE-2010-4150", "CVE-2010-4645", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2011-0708", "CVE-2011-0752", "CVE-2011-0753", "CVE-2011-0755");
    
      script_name(english:"SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7375)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:"php5 was updated to fix several security issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-4150.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-4645.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-4697.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-4698.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2010-4699.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-0708.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-0752.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-0753.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2011-0755.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7375.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2010/12/07");
      script_set_attribute(attribute:"patch_publication_date", value:"2011/03/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/04/04");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLES10", sp:3, reference:"apache2-mod_php5-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-bcmath-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-bz2-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-calendar-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-ctype-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-curl-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-dba-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-dbase-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-devel-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-dom-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-exif-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-fastcgi-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-ftp-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-gd-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-gettext-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-gmp-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-hash-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-iconv-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-imap-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-json-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-ldap-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-mbstring-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-mcrypt-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-mhash-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-mysql-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-ncurses-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-odbc-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-openssl-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-pcntl-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-pdo-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-pear-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-pgsql-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-posix-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-pspell-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-shmop-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-snmp-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-soap-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-sockets-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-sqlite-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-suhosin-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-sysvmsg-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-sysvsem-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-sysvshm-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-tokenizer-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-wddx-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-xmlreader-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-xmlrpc-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-xsl-5.2.14-0.14.1")) flag++;
    if (rpm_check(release:"SLES10", sp:3, reference:"php5-zlib-5.2.14-0.14.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_APACHE2-MOD_PHP5-110309.NASL
    descriptionphp5 was updated to fix several security issues. (CVE-2010-3709, CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698, CVE-2010-4699, CVE-2010-4700, CVE-2011-0752, CVE-2011-0753, CVE-2011-0755,CVE-2011-0708, CVE-2011-0420)
    last seen2020-06-01
    modified2020-06-02
    plugin id53695
    published2011-05-05
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/53695
    titleopenSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update apache2-mod_php5-4119.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(53695);
      script_version("1.5");
      script_cvs_date("Date: 2019/10/25 13:36:40");
    
      script_cve_id("CVE-2010-3709", "CVE-2010-4150", "CVE-2010-4645", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2010-4700", "CVE-2011-0420", "CVE-2011-0708", "CVE-2011-0752", "CVE-2011-0753", "CVE-2011-0755");
    
      script_name(english:"openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)");
      script_summary(english:"Check for the apache2-mod_php5-4119 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "php5 was updated to fix several security issues. (CVE-2010-3709,
    CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698,
    CVE-2010-4699, CVE-2010-4700, CVE-2011-0752, CVE-2011-0753,
    CVE-2011-0755,CVE-2011-0708, CVE-2011-0420)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=655968"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=656523"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=660102"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=662932"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=666512"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=669162"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=669188"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=669189"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=671710"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=672933"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.opensuse.org/opensuse-updates/2011-04/msg00002.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected apache2-mod_php5 packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-hash");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/03/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/05/05");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.2", reference:"apache2-mod_php5-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-bcmath-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-bz2-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-calendar-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-ctype-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-curl-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-dba-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-devel-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-dom-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-enchant-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-exif-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-fastcgi-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-fileinfo-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-ftp-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-gd-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-gettext-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-gmp-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-hash-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-iconv-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-imap-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-intl-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-json-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-ldap-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-mbstring-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-mcrypt-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-mysql-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-odbc-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-openssl-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-pcntl-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-pdo-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-pear-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-pgsql-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-phar-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-posix-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-pspell-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-readline-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-shmop-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-snmp-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-soap-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-sockets-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-sqlite-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-suhosin-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-sysvmsg-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-sysvsem-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-sysvshm-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-tidy-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-tokenizer-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-wddx-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-xmlreader-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-xmlrpc-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-xmlwriter-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-xsl-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-zip-5.3.3-0.17.1") ) flag++;
    if ( rpm_check(release:"SUSE11.2", reference:"php5-zlib-5.3.3-0.17.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php5");
    }
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201110-06.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201110-06 (PHP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could execute arbitrary code, obtain sensitive information from process memory, bypass intended access restrictions, or cause a Denial of Service in various ways. A remote attacker could cause a Denial of Service in various ways, bypass spam detections, or bypass open_basedir restrictions. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id56459
    published2011-10-12
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/56459
    titleGLSA-201110-06 : PHP: Multiple vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201110-06.
    #
    # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(56459);
      script_version("1.9");
      script_cvs_date("Date: 2018/07/11 17:09:26");
    
      script_cve_id("CVE-2006-7243", "CVE-2009-5016", "CVE-2010-1128", "CVE-2010-1129", "CVE-2010-1130", "CVE-2010-1860", "CVE-2010-1861", "CVE-2010-1862", "CVE-2010-1864", "CVE-2010-1866", "CVE-2010-1868", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917", "CVE-2010-2093", "CVE-2010-2094", "CVE-2010-2097", "CVE-2010-2100", "CVE-2010-2101", "CVE-2010-2190", "CVE-2010-2191", "CVE-2010-2225", "CVE-2010-2484", "CVE-2010-2531", "CVE-2010-2950", "CVE-2010-3062", "CVE-2010-3063", "CVE-2010-3064", "CVE-2010-3065", "CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4150", "CVE-2010-4409", "CVE-2010-4645", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2010-4700", "CVE-2011-0420", "CVE-2011-0421", "CVE-2011-0708", "CVE-2011-0752", "CVE-2011-0753", "CVE-2011-0755", "CVE-2011-1092", "CVE-2011-1148", "CVE-2011-1153", "CVE-2011-1464", "CVE-2011-1466", "CVE-2011-1467", "CVE-2011-1468", "CVE-2011-1469", "CVE-2011-1470", "CVE-2011-1471", "CVE-2011-1657", "CVE-2011-1938", "CVE-2011-2202", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-3189", "CVE-2011-3267", "CVE-2011-3268");
      script_xref(name:"GLSA", value:"201110-06");
    
      script_name(english:"GLSA-201110-06 : PHP: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201110-06
    (PHP: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in PHP. Please review the
          CVE identifiers referenced below for details.
      
    Impact :
    
        A context-dependent attacker could execute arbitrary code, obtain
          sensitive information from process memory, bypass intended access
          restrictions, or cause a Denial of Service in various ways.
        A remote attacker could cause a Denial of Service in various ways,
          bypass spam detections, or bypass open_basedir restrictions.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201110-06"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All PHP users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=dev-lang/php-5.3.8'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:php");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/10/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/10/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"dev-lang/php", unaffected:make_list("ge 5.3.8"), vulnerable:make_list("lt 5.3.8"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "PHP");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_APACHE2-MOD_PHP5-7393.NASL
    descriptionPHP5 was updated to fix several security issues. (CVE-2010-4150 / CVE-2010-4645 / CVE-2010-4697 / CVE-2010-4698 / CVE-2010-4699 / CVE-2011-0708 / CVE-2011-0752 / CVE-2011-0753 / CVE-2011-0755)
    last seen2020-06-01
    modified2020-06-02
    plugin id57157
    published2011-12-13
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/57157
    titleSuSE 10 Security Update : PHP5 (ZYPP Patch Number 7393)
  • NASL familyCGI abuses
    NASL idPHP_5_3_4.NASL
    descriptionAccording to its banner, the version of PHP 5.3 installed on the remote host is older than 5.3.4. Such versions may be affected by several security issues : - A crash in the zip extract method. - A stack-based buffer overflow in impagepstext() of the GD extension. - An unspecified vulnerability related to symbolic resolution when using a DFS share. - A security bypass vulnerability related to using pathnames containing NULL bytes. (CVE-2006-7243) - Multiple format string vulnerabilities. (CVE-2010-2094, CVE-2010-2950) - An unspecified security bypass vulnerability in open_basedir(). (CVE-2010-3436) - A NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709) - Memory corruption in php_filter_validate_email(). (CVE-2010-3710) - An input validation vulnerability in xml_utf8_decode(). (CVE-2010-3870) - A possible double free in the IMAP extension. (CVE-2010-4150) - An information disclosure vulnerability in
    last seen2020-06-01
    modified2020-06-02
    plugin id51140
    published2010-12-13
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51140
    titlePHP 5.3 < 5.3.4 Multiple Vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_APACHE2-MOD_PHP5-110310.NASL
    descriptionPHP5 was updated to fix several security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id53282
    published2011-04-04
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/53282
    titleSuSE 11.1 Security Update : PHP5 (SAT Patch Number 4133)

Oval

accepted2011-05-09T04:00:31.174-04:00
classvulnerability
contributors
nameSecPod Team
organizationSecPod Technologies
definition_extensions
commentPHP is installed
ovaloval:org.mitre.oval:def:12410
descriptionRace condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals.
familywindows
idoval:org.mitre.oval:def:12271
statusaccepted
submitted2011-03-29T09:34:17-05:00
titleRace condition vulnerability in the PCNTL extension in PHP before 5.3.4
version5