Vulnerabilities > CVE-2011-0755 - Numeric Errors vulnerability in PHP

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
php
CWE-189
nessus
NVD
Published: 2011-02-02
Updated: 2024-11-21

Summary

Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax.

Vulnerable Configurations

Part Description Count
Application
Php
417

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_3_APACHE2-MOD_PHP5-110309.NASL
    descriptionphp5 was updated to fix several security issues. (CVE-2010-3709, CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698, CVE-2010-4699, CVE-2010-4700, CVE-2011-0752, CVE-2011-0753, CVE-2011-0755,CVE-2011-0708, CVE-2011-0420)
    last seen2020-06-01
    modified2020-06-02
    plugin id75431
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/75431
    titleopenSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)
    code
    #%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update apache2-mod_php5-4119.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(75431);
  script_version("1.4");
  script_cvs_date("Date: 2019/10/25 13:36:41");

  script_cve_id("CVE-2010-3709", "CVE-2010-4150", "CVE-2010-4645", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2010-4700", "CVE-2011-0420", "CVE-2011-0708", "CVE-2011-0752", "CVE-2011-0753", "CVE-2011-0755");

  script_name(english:"openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)");
  script_summary(english:"Check for the apache2-mod_php5-4119 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"php5 was updated to fix several security issues. (CVE-2010-3709,
CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698,
CVE-2010-4699, CVE-2010-4700, CVE-2011-0752, CVE-2011-0753,
CVE-2011-0755,CVE-2011-0708, CVE-2011-0420)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=655968"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=656523"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=660102"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=662932"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=666512"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=669162"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=669188"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=669189"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=671710"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=672933"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2011-04/msg00002.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected apache2-mod_php5 packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-hash");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/03/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE11.3", reference:"apache2-mod_php5-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-bcmath-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-bz2-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-calendar-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-ctype-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-curl-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-dba-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-devel-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-dom-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-enchant-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-exif-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-fastcgi-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-fileinfo-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-ftp-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-gd-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-gettext-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-gmp-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-hash-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-iconv-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-imap-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-intl-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-json-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-ldap-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-mbstring-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-mcrypt-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-mysql-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-odbc-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-openssl-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-pcntl-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-pdo-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-pear-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-pgsql-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-phar-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-posix-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-pspell-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-readline-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-shmop-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-snmp-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-soap-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-sockets-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-sqlite-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-suhosin-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-sysvmsg-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-sysvsem-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-sysvshm-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-tidy-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-tokenizer-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-wddx-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-xmlreader-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-xmlrpc-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-xmlwriter-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-xsl-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-zip-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.3", reference:"php5-zlib-5.3.3-0.17.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php5");
}
  • NASL familySuSE Local Security Checks
    NASL idSUSE_APACHE2-MOD_PHP5-7375.NASL
    descriptionphp5 was updated to fix several security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id53285
    published2011-04-04
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/53285
    titleSuSE 10 Security Update : PHP5 (ZYPP Patch Number 7375)
    code
    #%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include("compat.inc");

if (description)
{
  script_id(53285);
  script_version ("1.6");
  script_cvs_date("Date: 2019/10/25 13:36:43");

  script_cve_id("CVE-2010-4150", "CVE-2010-4645", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2011-0708", "CVE-2011-0752", "CVE-2011-0753", "CVE-2011-0755");

  script_name(english:"SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7375)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 10 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:"php5 was updated to fix several security issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4150.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4645.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4697.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4698.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4699.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0708.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0752.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0753.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0755.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7375.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/12/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2011/03/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/04/04");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SLES10", sp:3, reference:"apache2-mod_php5-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-bcmath-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-bz2-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-calendar-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-ctype-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-curl-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-dba-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-dbase-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-devel-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-dom-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-exif-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-fastcgi-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-ftp-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-gd-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-gettext-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-gmp-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-hash-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-iconv-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-imap-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-json-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-ldap-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-mbstring-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-mcrypt-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-mhash-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-mysql-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-ncurses-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-odbc-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-openssl-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-pcntl-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-pdo-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-pear-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-pgsql-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-posix-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-pspell-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-shmop-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-snmp-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-soap-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-sockets-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-sqlite-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-suhosin-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-sysvmsg-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-sysvsem-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-sysvshm-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-tokenizer-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-wddx-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-xmlreader-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-xmlrpc-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-xsl-5.2.14-0.14.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"php5-zlib-5.2.14-0.14.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else exit(0, "The host is not affected.");
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_APACHE2-MOD_PHP5-110309.NASL
    descriptionphp5 was updated to fix several security issues. (CVE-2010-3709, CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698, CVE-2010-4699, CVE-2010-4700, CVE-2011-0752, CVE-2011-0753, CVE-2011-0755,CVE-2011-0708, CVE-2011-0420)
    last seen2020-06-01
    modified2020-06-02
    plugin id53695
    published2011-05-05
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/53695
    titleopenSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)
    code
    #%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update apache2-mod_php5-4119.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(53695);
  script_version("1.5");
  script_cvs_date("Date: 2019/10/25 13:36:40");

  script_cve_id("CVE-2010-3709", "CVE-2010-4150", "CVE-2010-4645", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2010-4700", "CVE-2011-0420", "CVE-2011-0708", "CVE-2011-0752", "CVE-2011-0753", "CVE-2011-0755");

  script_name(english:"openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)");
  script_summary(english:"Check for the apache2-mod_php5-4119 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"php5 was updated to fix several security issues. (CVE-2010-3709,
CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698,
CVE-2010-4699, CVE-2010-4700, CVE-2011-0752, CVE-2011-0753,
CVE-2011-0755,CVE-2011-0708, CVE-2011-0420)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=655968"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=656523"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=660102"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=662932"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=666512"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=669162"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=669188"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=669189"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=671710"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=672933"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2011-04/msg00002.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected apache2-mod_php5 packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-hash");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/03/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/05/05");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE11.2", reference:"apache2-mod_php5-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-bcmath-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-bz2-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-calendar-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-ctype-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-curl-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-dba-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-devel-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-dom-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-enchant-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-exif-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-fastcgi-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-fileinfo-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-ftp-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-gd-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-gettext-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-gmp-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-hash-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-iconv-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-imap-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-intl-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-json-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-ldap-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-mbstring-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-mcrypt-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-mysql-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-odbc-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-openssl-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-pcntl-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-pdo-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-pear-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-pgsql-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-phar-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-posix-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-pspell-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-readline-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-shmop-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-snmp-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-soap-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-sockets-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-sqlite-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-suhosin-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-sysvmsg-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-sysvsem-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-sysvshm-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-tidy-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-tokenizer-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-wddx-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-xmlreader-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-xmlrpc-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-xmlwriter-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-xsl-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-zip-5.3.3-0.17.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"php5-zlib-5.3.3-0.17.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php5");
}
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201110-06.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201110-06 (PHP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could execute arbitrary code, obtain sensitive information from process memory, bypass intended access restrictions, or cause a Denial of Service in various ways. A remote attacker could cause a Denial of Service in various ways, bypass spam detections, or bypass open_basedir restrictions. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id56459
    published2011-10-12
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/56459
    titleGLSA-201110-06 : PHP: Multiple vulnerabilities
    code
    #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 201110-06.
#
# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include("compat.inc");

if (description)
{
  script_id(56459);
  script_version("1.9");
  script_cvs_date("Date: 2018/07/11 17:09:26");

  script_cve_id("CVE-2006-7243", "CVE-2009-5016", "CVE-2010-1128", "CVE-2010-1129", "CVE-2010-1130", "CVE-2010-1860", "CVE-2010-1861", "CVE-2010-1862", "CVE-2010-1864", "CVE-2010-1866", "CVE-2010-1868", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917", "CVE-2010-2093", "CVE-2010-2094", "CVE-2010-2097", "CVE-2010-2100", "CVE-2010-2101", "CVE-2010-2190", "CVE-2010-2191", "CVE-2010-2225", "CVE-2010-2484", "CVE-2010-2531", "CVE-2010-2950", "CVE-2010-3062", "CVE-2010-3063", "CVE-2010-3064", "CVE-2010-3065", "CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4150", "CVE-2010-4409", "CVE-2010-4645", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2010-4700", "CVE-2011-0420", "CVE-2011-0421", "CVE-2011-0708", "CVE-2011-0752", "CVE-2011-0753", "CVE-2011-0755", "CVE-2011-1092", "CVE-2011-1148", "CVE-2011-1153", "CVE-2011-1464", "CVE-2011-1466", "CVE-2011-1467", "CVE-2011-1468", "CVE-2011-1469", "CVE-2011-1470", "CVE-2011-1471", "CVE-2011-1657", "CVE-2011-1938", "CVE-2011-2202", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-3189", "CVE-2011-3267", "CVE-2011-3268");
  script_xref(name:"GLSA", value:"201110-06");

  script_name(english:"GLSA-201110-06 : PHP: Multiple vulnerabilities");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-201110-06
(PHP: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in PHP. Please review the
      CVE identifiers referenced below for details.
  
Impact :

    A context-dependent attacker could execute arbitrary code, obtain
      sensitive information from process memory, bypass intended access
      restrictions, or cause a Denial of Service in various ways.
    A remote attacker could cause a Denial of Service in various ways,
      bypass spam detections, or bypass open_basedir restrictions.
  
Workaround :

    There is no known workaround at this time."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/201110-06"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All PHP users should upgrade to the latest version:
      # emerge --sync
      # emerge --ask --oneshot --verbose '>=dev-lang/php-5.3.8'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:php");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/10/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/10/12");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"dev-lang/php", unaffected:make_list("ge 5.3.8"), vulnerable:make_list("lt 5.3.8"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "PHP");
}
  • NASL familySuSE Local Security Checks
    NASL idSUSE_APACHE2-MOD_PHP5-7393.NASL
    descriptionPHP5 was updated to fix several security issues. (CVE-2010-4150 / CVE-2010-4645 / CVE-2010-4697 / CVE-2010-4698 / CVE-2010-4699 / CVE-2011-0708 / CVE-2011-0752 / CVE-2011-0753 / CVE-2011-0755)
    last seen2020-06-01
    modified2020-06-02
    plugin id57157
    published2011-12-13
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/57157
    titleSuSE 10 Security Update : PHP5 (ZYPP Patch Number 7393)
  • NASL familyCGI abuses
    NASL idPHP_5_3_4.NASL
    descriptionAccording to its banner, the version of PHP 5.3 installed on the remote host is older than 5.3.4. Such versions may be affected by several security issues : - A crash in the zip extract method. - A stack-based buffer overflow in impagepstext() of the GD extension. - An unspecified vulnerability related to symbolic resolution when using a DFS share. - A security bypass vulnerability related to using pathnames containing NULL bytes. (CVE-2006-7243) - Multiple format string vulnerabilities. (CVE-2010-2094, CVE-2010-2950) - An unspecified security bypass vulnerability in open_basedir(). (CVE-2010-3436) - A NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709) - Memory corruption in php_filter_validate_email(). (CVE-2010-3710) - An input validation vulnerability in xml_utf8_decode(). (CVE-2010-3870) - A possible double free in the IMAP extension. (CVE-2010-4150) - An information disclosure vulnerability in
    last seen2020-06-01
    modified2020-06-02
    plugin id51140
    published2010-12-13
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51140
    titlePHP 5.3 < 5.3.4 Multiple Vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_APACHE2-MOD_PHP5-110310.NASL
    descriptionPHP5 was updated to fix several security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id53282
    published2011-04-04
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/53282
    titleSuSE 11.1 Security Update : PHP5 (SAT Patch Number 4133)

Oval

accepted2011-05-09T04:00:59.972-04:00
classvulnerability
contributors
  • nameSecPod Team
    organizationSecPod Technologies
  • nameShane Shaffer
    organizationG2, Inc.
definition_extensions
commentPHP is installed
ovaloval:org.mitre.oval:def:12410
descriptionInteger overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax.
familywindows
idoval:org.mitre.oval:def:12589
statusaccepted
submitted2011-03-29T09:34:18-05:00
titleInteger overflow vulnerability in the mt_rand function in PHP before 5.3.4
version6

References