Vulnerabilities > CVE-2014-9652 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in PHP

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

php

file-project

CWE-119

nessus

NVD

Published: 2015-03-30

Updated: 2017-07-01

Summary

The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file.

Vulnerable Configurations

Part	Description	Count
Application	Php PHP PHP - PHP PHP 0.1 PHP PHP 0.1.1 PHP PHP 0.2 PHP PHP 0.2.0 PHP PHP 0.2.1 PHP PHP 0.2.2 PHP PHP 0.2.3 PHP PHP 0.2.4 PHP PHP 0.3 PHP PHP 0.4 PHP PHP 0.5 PHP PHP 0.5.2 PHP PHP 0.5.3 PHP PHP 0.6 PHP PHP 0.7 PHP PHP 0.9 PHP PHP 0.9.0 PHP PHP 0.9.1 PHP PHP 0.9.2 PHP PHP 0.9.3 PHP PHP 0.9.4 PHP PHP 0.10 PHP PHP 0.11 PHP PHP 0.90 PHP PHP 0.91 PHP PHP 1.0 PHP PHP 1.0.0 PHP PHP 1.0.1 PHP PHP 1.0.2 PHP PHP 1.0.3 PHP PHP 1.0.4 PHP PHP 1.1 PHP PHP 1.1.0 PHP PHP 1.1.1 PHP PHP 1.2 PHP PHP 1.2.0 PHP PHP 1.2.1 PHP PHP 1.2.2 PHP PHP 1.2.3 PHP PHP 1.2.4 PHP PHP 1.2.5 PHP PHP 1.3 PHP PHP 1.3.1 PHP PHP 1.3.5 PHP PHP 1.4 PHP PHP 1.5 PHP PHP 2.0 PHP PHP 2.0.0 PHP PHP 2.0.1 PHP PHP 2.0.2 PHP PHP 2.0B10 PHP PHP 3.0 PHP PHP 3.0.1 PHP PHP 3.0.2 PHP PHP 3.0.3 PHP PHP 3.0.4 PHP PHP 3.0.5 PHP PHP 3.0.6 PHP PHP 3.0.7 PHP PHP 3.0.8 PHP PHP 3.0.9 PHP PHP 3.0.10 PHP PHP 3.0.11 PHP PHP 3.0.12 PHP PHP 3.0.13 PHP PHP 3.0.14 PHP PHP 3.0.15 PHP PHP 3.0.16 PHP PHP 3.0.17 PHP PHP 3.0.18 PHP PHP 4.0 PHP PHP 4.0.0 PHP PHP 4.0.1 PHP PHP 4.0.2 PHP PHP 4.0.3 PHP PHP 4.0.4 PHP PHP 4.0.5 PHP PHP 4.0.6 PHP PHP 4.0.7 PHP PHP 4.1.0 PHP PHP 4.1.1 PHP PHP 4.1.2 PHP PHP 4.1.3 PHP PHP 4.2 PHP PHP 4.2.0 PHP PHP 4.2.1 PHP PHP 4.2.2 PHP PHP 4.2.3 PHP PHP 4.2.4 PHP PHP 4.3 PHP PHP 4.3.0 PHP PHP 4.3.1 PHP PHP 4.3.2 PHP PHP 4.3.3 PHP PHP 4.3.4 PHP PHP 4.3.5 PHP PHP 4.3.6 PHP PHP 4.3.7 PHP PHP 4.3.8 PHP PHP 4.3.9 PHP PHP 4.3.10 PHP PHP 4.3.11 PHP PHP 4.4.0 PHP PHP 4.4.1 PHP PHP 4.4.2 PHP PHP 4.4.3 PHP PHP 4.4.4 PHP PHP 4.4.5 PHP PHP 4.4.6 PHP PHP 4.4.7 PHP PHP 4.4.8 PHP PHP 4.4.9 PHP PHP 5.0.0 PHP PHP 5.0.1 PHP PHP 5.0.2 PHP PHP 5.0.3 PHP PHP 5.0.4 PHP PHP 5.0.5 PHP PHP 5.1 PHP PHP 5.1.0 PHP PHP 5.1.1 PHP PHP 5.1.2 PHP PHP 5.1.3 PHP PHP 5.1.4 PHP PHP 5.1.5 PHP PHP 5.1.6 PHP PHP 5.2.0 PHP PHP 5.2.1 PHP PHP 5.2.2 PHP PHP 5.2.3 PHP PHP 5.2.4 PHP PHP 5.2.5 PHP PHP 5.2.6 PHP PHP 5.2.7 PHP PHP 5.2.8 PHP PHP 5.2.9 PHP PHP 5.2.10 PHP PHP 5.2.11 PHP PHP 5.2.12 PHP PHP 5.2.13 PHP PHP 5.2.14 PHP PHP 5.2.15 PHP PHP 5.2.16 PHP PHP 5.2.17 PHP PHP 5.3.0 PHP PHP 5.3.1 PHP PHP 5.3.2 PHP PHP 5.3.3 PHP PHP 5.3.4 PHP PHP 5.3.5 PHP PHP 5.3.6 PHP PHP 5.3.7 PHP PHP 5.3.8 PHP PHP 5.3.9 PHP PHP 5.3.10 PHP PHP 5.3.11 PHP PHP 5.3.12 PHP PHP 5.3.13 PHP PHP 5.3.14 PHP PHP 5.3.15 PHP PHP 5.3.16 PHP PHP 5.3.17 PHP PHP 5.3.18 PHP PHP 5.3.19 PHP PHP 5.3.20 PHP PHP 5.3.21 PHP PHP 5.3.22 PHP PHP 5.3.23 PHP PHP 5.3.24 PHP PHP 5.3.25 PHP PHP 5.3.26 PHP PHP 5.3.27 PHP PHP 5.3.28 PHP PHP 5.3.29 PHP PHP 5.4.0 PHP PHP 5.4.1 PHP PHP 5.4.2 PHP PHP 5.4.3 PHP PHP 5.4.4 PHP PHP 5.4.5 PHP PHP 5.4.6 PHP PHP 5.4.7 PHP PHP 5.4.8 PHP PHP 5.4.9 PHP PHP 5.4.10 PHP PHP 5.4.11 PHP PHP 5.4.12 PHP PHP 5.4.13 PHP PHP 5.4.14 PHP PHP 5.4.15 PHP PHP 5.4.16 PHP PHP 5.4.17 PHP PHP 5.4.18 PHP PHP 5.4.19 PHP PHP 5.4.20 PHP PHP 5.4.21 PHP PHP 5.4.22 PHP PHP 5.4.23 PHP PHP 5.4.24 PHP PHP 5.4.25 PHP PHP 5.4.26 PHP PHP 5.4.27 PHP PHP 5.4.28 PHP PHP 5.4.29 PHP PHP 5.4.30 PHP PHP 5.4.31 PHP PHP 5.4.32 PHP PHP 5.4.33 PHP PHP 5.4.34 PHP PHP 5.4.35 PHP PHP 5.4.36 PHP PHP 5.5.0 PHP PHP 5.5.1 PHP PHP 5.5.2 PHP PHP 5.5.3 PHP PHP 5.5.4 PHP PHP 5.5.5 PHP PHP 5.5.6 PHP PHP 5.5.7 PHP PHP 5.5.8 PHP PHP 5.5.9 PHP PHP 5.5.10 PHP PHP 5.5.11 PHP PHP 5.5.12 PHP PHP 5.5.13 PHP PHP 5.5.14 PHP PHP 5.5.15 PHP PHP 5.5.16 PHP PHP 5.5.17 PHP PHP 5.5.18 PHP PHP 5.5.19 PHP PHP 5.5.20 PHP PHP 5.6.0 PHP PHP 5.6.1 PHP PHP 5.6.2 PHP PHP 5.6.3 PHP PHP 5.6.4	646
Application	File_Project File Project File 3.27 File Project File 3.28 File Project File 3.30 File Project File 3.31 File Project File 3.32 File Project File 3.33 File Project File 3.34 File Project File 3.35 File Project File 3.36 File Project File 3.37 File Project File 3.38 File Project File 3.39 File Project File 3.40 File Project File 3.41 File Project File 4.00 File Project File 4.01 File Project File 4.02 File Project File 4.03 File Project File 4.04 File Project File 4.05 File Project File 4.06 File Project File 4.07 File Project File 4.08 File Project File 4.09 File Project File 4.10 File Project File 4.11 File Project File 4.12 File Project File 4.13 File Project File 4.14 File Project File 4.15 File Project File 4.16 File Project File 4.17 File Project File 4.18 File Project File 4.19 File Project File 4.20 File Project File 4.21 File Project File 4.22 File Project File 4.23 File Project File 4.24 File Project File 4.25 File Project File 4.26 File Project File 5.00 File Project File 5.01 File Project File 5.02 File Project File 5.03 File Project File 5.04 File Project File 5.05 File Project File 5.06 File Project File 5.07 File Project File 5.08 File Project File 5.09 File Project File 5.10 File Project File 5.11 File Project File 5.12 File Project File 5.13 File Project File 5.14 File Project File 5.15 File Project File 5.16 File Project File 5.17 File Project File 5.18 File Project File 5.19 File Project File 5.20	62

Common Weakness Enumeration (CWE)

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Common Attack Pattern Enumeration and Classification (CAPEC)

Buffer Overflow via Environment Variables
This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
Overflow Buffers
Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
Client-side Injection-induced Buffer Overflow
This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
Filter Failure through Buffer Overflow
In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
MIME Conversion
An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.

Nessus

NASL family	CGI abuses
NASL id	PHP_5_6_5.NASL
description	According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.5. It is, therefore, affected by multiple vulnerabilities: - A double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine could allow a remote attacker to cause a denial of service. (CVE-2014-9425) - An out-of-bounds read flaw in file
last seen	2020-06-01
modified	2020-06-02
plugin id	81082
published	2015-01-29
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/81082
title	PHP 5.6.x < 5.6.5 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(81082); script_version("1.18"); script_cvs_date("Date: 2019/03/27 13:17:50"); script_cve_id( "CVE-2014-9425", "CVE-2014-9427", "CVE-2014-9652", "CVE-2014-9709", "CVE-2015-0231", "CVE-2015-0232" ); script_bugtraq_id( 71800, 71833, 72505, 72539, 72541, 73306 ); script_name(english:"PHP 5.6.x < 5.6.5 Multiple Vulnerabilities"); script_summary(english:"Checks the version of PHP."); script_set_attribute(attribute:"synopsis", value: "The remote web server uses a version of PHP that is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.5. It is, therefore, affected by multiple vulnerabilities: - A double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine could allow a remote attacker to cause a denial of service. (CVE-2014-9425) - An out-of-bounds read flaw in file 'cgi_main.c' exists when nmap is used to process an invalid file that begins with a hash character (#) but lacks a newline character. A remote attacker, using a specially crafted PHP file, can exploit this vulnerability to disclose memory contents, cause a denial of service, or possibly execute code. (CVE-2014-9427) - The mconvert function in softmagic.c does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which could allow a remote attacker to cause a denial of service. (CVE-2014-9652) - An out-of-bounds read issue exists in the GetCode_() function in 'gd_gif_in.c'. This allows a remote attacker to disclose memory contents. (CVE-2014-9709) - A use-after-free memory error exists in the process_nested_data() function in 'var_unserializer.re' due to improper handling of duplicate numerical keys within the serialized properties of an object. A remote attacker, using a crafted unserialize method call, can exploit this vulnerability to execute arbitrary code. (CVE-2015-0231) - A flaw exists in the exif_process_unicode() function in 'exif.c' that allows freeing an uninitialized pointer. A remote attacker, using specially crafted EXIF data in a JPEG image, can exploit this to cause a denial of service or to execute arbitrary code. (CVE-2015-0232) Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-5.php#5.6.5"); script_set_attribute(attribute:"see_also", value:"https://bugs.php.net/bug.php?id=68618"); script_set_attribute(attribute:"see_also", value:"https://bugs.php.net/bug.php?id=68710"); script_set_attribute(attribute:"see_also", value:"https://bugs.php.net/bug.php?id=68799"); script_set_attribute(attribute:"solution", value:"Upgrade to PHP version 5.6.5 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-0231"); script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/12/17"); script_set_attribute(attribute:"patch_publication_date", value:"2015/01/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/29"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:php:php"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CGI abuses"); script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("php_version.nasl"); script_require_keys("www/PHP"); script_require_ports("Services/www", 80); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); include("webapp_func.inc"); port = get_http_port(default:80, php:TRUE); php = get_php_from_kb( port : port, exit_on_fail : TRUE ); version = php["ver"]; source = php["src"]; backported = get_kb_item('www/php/'+port+'/'+version+'/backported'); if (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, "PHP "+version+" install"); # Check that it is the correct version of PHP if (version =~ "^5(\.6)?$") audit(AUDIT_VER_NOT_GRANULAR, "PHP", port, version); if (version !~ "^5\.6\.") audit(AUDIT_NOT_DETECT, "PHP version 5.6.x", port); if (version =~ "^5\.6\.[0-4]$") { if (report_verbosity > 0) { report = '\n Version source : '+source + '\n Installed version : '+version + '\n Fixed version : 5.6.5' + '\n'; security_hole(port:port, extra:report); } else security_hole(port); exit(0); } else audit(AUDIT_LISTEN_NOT_VULN, "PHP", port, version);

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2015-203.NASL
description	php5 was updated to fix two security issues. These security issues were fixed : - CVE-2014-9652: Out of bounds read in mconvert() (bnc#917150). - CVE-2015-0273: Use after free vulnerability in unserialize() with DateTimeZone (bnc#918768).
last seen	2020-06-05
modified	2015-03-09
plugin id	81691
published	2015-03-09
reporter	This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/81691
title	openSUSE Security Update : php5 (openSUSE-2015-203)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2015-203. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(81691); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2014-9652", "CVE-2015-0273"); script_name(english:"openSUSE Security Update : php5 (openSUSE-2015-203)"); script_summary(english:"Check for the openSUSE-2015-203 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "php5 was updated to fix two security issues. These security issues were fixed : - CVE-2014-9652: Out of bounds read in mconvert() (bnc#917150). - CVE-2015-0273: Use after free vulnerability in unserialize() with DateTimeZone (bnc#918768)." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=917150" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=918768" ); script_set_attribute(attribute:"solution", value:"Update the affected php5 packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2"); script_set_attribute(attribute:"patch_publication_date", value:"2015/02/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/09"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE13\.1\|SUSE13\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1 / 13.2", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE13.1", reference:"apache2-mod_php5-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"apache2-mod_php5-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-bcmath-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-bcmath-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-bz2-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-bz2-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-calendar-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-calendar-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-ctype-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-ctype-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-curl-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-curl-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-dba-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-dba-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-debugsource-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-devel-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-dom-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-dom-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-enchant-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-enchant-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-exif-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-exif-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-fastcgi-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-fastcgi-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-fileinfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-fileinfo-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-firebird-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-firebird-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-fpm-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-fpm-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-ftp-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-ftp-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-gd-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-gd-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-gettext-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-gettext-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-gmp-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-gmp-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-iconv-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-iconv-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-imap-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-imap-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-intl-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-intl-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-json-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-json-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-ldap-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-ldap-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-mbstring-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-mbstring-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-mcrypt-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-mcrypt-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-mssql-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-mssql-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-mysql-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-mysql-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-odbc-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-odbc-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-openssl-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-openssl-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-pcntl-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-pcntl-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-pdo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-pdo-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-pear-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-pgsql-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-pgsql-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-phar-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-phar-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-posix-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-posix-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-pspell-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-pspell-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-readline-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-readline-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-shmop-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-shmop-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-snmp-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-snmp-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-soap-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-soap-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-sockets-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-sockets-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-sqlite-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-sqlite-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-suhosin-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-suhosin-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-sysvmsg-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-sysvmsg-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-sysvsem-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-sysvsem-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-sysvshm-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-sysvshm-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-tidy-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-tidy-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-tokenizer-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-tokenizer-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-wddx-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-wddx-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-xmlreader-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-xmlreader-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-xmlrpc-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-xmlrpc-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-xmlwriter-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-xmlwriter-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-xsl-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-xsl-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-zip-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-zip-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-zlib-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"php5-zlib-debuginfo-5.4.20-42.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"apache2-mod_php5-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"apache2-mod_php5-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-bcmath-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-bcmath-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-bz2-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-bz2-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-calendar-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-calendar-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-ctype-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-ctype-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-curl-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-curl-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-dba-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-dba-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-debugsource-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-devel-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-dom-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-dom-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-enchant-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-enchant-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-exif-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-exif-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-fastcgi-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-fastcgi-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-fileinfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-fileinfo-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-firebird-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-firebird-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-fpm-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-fpm-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-ftp-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-ftp-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-gd-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-gd-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-gettext-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-gettext-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-gmp-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-gmp-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-iconv-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-iconv-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-imap-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-imap-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-intl-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-intl-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-json-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-json-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-ldap-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-ldap-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mbstring-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mbstring-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mcrypt-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mcrypt-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mssql-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mssql-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mysql-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mysql-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-odbc-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-odbc-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-opcache-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-opcache-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-openssl-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-openssl-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pcntl-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pcntl-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pdo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pdo-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pear-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pgsql-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pgsql-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-phar-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-phar-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-posix-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-posix-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pspell-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pspell-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-readline-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-readline-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-shmop-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-shmop-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-snmp-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-snmp-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-soap-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-soap-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sockets-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sockets-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sqlite-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sqlite-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-suhosin-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-suhosin-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvmsg-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvmsg-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvsem-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvsem-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvshm-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvshm-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-tidy-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-tidy-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-tokenizer-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-tokenizer-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-wddx-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-wddx-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlreader-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlreader-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlrpc-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlrpc-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlwriter-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlwriter-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xsl-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xsl-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-zip-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-zip-debuginfo-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-zlib-5.6.1-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-zlib-debuginfo-5.6.1-12.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc"); }

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2015-2155.NASL
description	Updated file packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws were found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file. (CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3587) Two flaws were found in the way file processed certain Pascal strings. A remote attacker could cause file to crash if it was used to identify the type of the attacker-supplied file. (CVE-2014-3478, CVE-2014-9652) Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538) Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9653) Red Hat would like to thank Thomas Jarosch of Intra2net AG for reporting the CVE-2014-8116 and CVE-2014-8117 issues. The CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3710 issues were discovered by Francisco Alonso of Red Hat Product Security; the CVE-2014-3538 issue was discovered by Jan Kaluza of the Red Hat Web Stack Team The file packages have been updated to ensure correct operation on Power little endian and ARM 64-bit hardware architectures. (BZ#1224667, BZ#1224668, BZ#1157850, BZ#1067688). All file users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	86973
published	2015-11-20
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/86973
title	RHEL 7 : file (RHSA-2015:2155)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2015:2155. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(86973); script_version("2.12"); script_cvs_date("Date: 2019/10/24 15:35:40"); script_cve_id("CVE-2014-0207", "CVE-2014-0237", "CVE-2014-0238", "CVE-2014-3478", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3538", "CVE-2014-3587", "CVE-2014-3710", "CVE-2014-8116", "CVE-2014-8117", "CVE-2014-9652", "CVE-2014-9653"); script_xref(name:"RHSA", value:"2015:2155"); script_name(english:"RHEL 7 : file (RHSA-2015:2155)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated file packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws were found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file. (CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3587) Two flaws were found in the way file processed certain Pascal strings. A remote attacker could cause file to crash if it was used to identify the type of the attacker-supplied file. (CVE-2014-3478, CVE-2014-9652) Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538) Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9653) Red Hat would like to thank Thomas Jarosch of Intra2net AG for reporting the CVE-2014-8116 and CVE-2014-8117 issues. The CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3710 issues were discovered by Francisco Alonso of Red Hat Product Security; the CVE-2014-3538 issue was discovered by Jan Kaluza of the Red Hat Web Stack Team The file packages have been updated to ensure correct operation on Power little endian and ARM 64-bit hardware architectures. (BZ#1224667, BZ#1224668, BZ#1157850, BZ#1067688). All file users are advised to upgrade to these updated packages, which contain backported patches to correct these issues." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2015:2155" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0207" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0237" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0238" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-3478" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-3479" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-3480" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-3487" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-3538" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-3587" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-3710" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-8116" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-8117" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-9652" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-9653" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:file"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:file-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:file-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:file-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:file-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-magic"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.7"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/06/01"); script_set_attribute(attribute:"patch_publication_date", value:"2015/11/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/11/20"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2015:2155"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"file-5.11-31.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"file-5.11-31.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"file-debuginfo-5.11-31.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"file-devel-5.11-31.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"file-libs-5.11-31.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"file-static-5.11-31.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"python-magic-5.11-31.el7")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "file / file-debuginfo / file-devel / file-libs / file-static / etc"); } }

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2015-1135.NASL
description	From Red Hat Security Advisory 2015:1135 : Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330) A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024) An uninitialized pointer use flaw was found in PHP
last seen	2020-06-01
modified	2020-06-02
plugin id	84351
published	2015-06-24
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/84351
title	Oracle Linux 7 : php (ELSA-2015-1135)

NASL family	MacOS X Local Security Checks
NASL id	MACOSX_10_11.NASL
description	The remote host is running a version of Mac OS X that is 10.6.8 or later but prior to 10.11. It is, therefore, affected by multiple vulnerabilities in the following components : - Address Book - AirScan - apache_mod_php - Apple Online Store Kit - AppleEvents - Audio - bash - Certificate Trust Policy - CFNetwork Cookies - CFNetwork FTPProtocol - CFNetwork HTTPProtocol - CFNetwork Proxies - CFNetwork SSL - CoreCrypto - CoreText - Dev Tools - Disk Images - dyld - EFI - Finder - Game Center - Heimdal - ICU - Install Framework Legacy - Intel Graphics Driver - IOAudioFamily - IOGraphics - IOHIDFamily - IOStorageFamily - Kernel - libc - libpthread - libxpc - Login Window - lukemftpd - Mail - Multipeer Connectivity - NetworkExtension - Notes - OpenSSH - OpenSSL - procmail - remote_cmds - removefile - Ruby - Safari - Safari Downloads - Safari Extensions - Safari Safe Browsing - Security - SMB - SQLite - Telephony - Terminal - tidy - Time Machine - WebKit - WebKit CSS - WebKit JavaScript Bindings - WebKit Page Loading - WebKit Plug-ins Note that successful exploitation of the most serious issues can result in arbitrary code execution.
last seen	2020-06-01
modified	2020-06-02
plugin id	86270
published	2015-10-05
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/86270
title	Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2015-1135.NASL
description	Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330) A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024) An uninitialized pointer use flaw was found in PHP
last seen	2020-06-01
modified	2020-06-02
plugin id	84355
published	2015-06-24
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/84355
title	RHEL 7 : php (RHSA-2015:1135)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2015-1135.NASL
description	Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330) A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024) An uninitialized pointer use flaw was found in PHP
last seen	2020-06-01
modified	2020-06-02
plugin id	84345
published	2015-06-24
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/84345
title	CentOS 7 : php (CESA-2015:1135)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2016-1638-1.NASL
description	This update for php53 to version 5.3.17 fixes the following issues : These security issues were fixed : - CVE-2016-5093: get_icu_value_internal out-of-bounds read (bnc#982010). - CVE-2016-5094: Don
last seen	2020-06-01
modified	2020-06-02
plugin id	93161
published	2016-08-29
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/93161
title	SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201701-42.NASL
description	The remote host is affected by the vulnerability described in GLSA-201701-42 (file: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in file. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user or automated system to process a specially crafted input file, possibly resulting in execution of arbitrary code with the privileges of the process, a Denial of Service condition or have other unspecified impacts. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	96576
published	2017-01-18
reporter	This script is Copyright (C) 2017 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/96576
title	GLSA-201701-42 : file: Multiple vulnerabilities

NASL family	Web Servers
NASL id	HPSMH_7_5.NASL
description	According to the web server
last seen	2020-06-01
modified	2020-06-02
plugin id	84923
published	2015-07-22
reporter	This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/84923
title	HP System Management Homepage 7.3.x / 7.4.x < 7.5.0 Multiple Vulnerabilities (FREAK)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20151119_FILE_ON_SL7_X.NASL
description	Multiple denial of service flaws were found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file. (CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3587) Two flaws were found in the way file processed certain Pascal strings. A remote attacker could cause file to crash if it was used to identify the type of the attacker-supplied file. (CVE-2014-3478, CVE-2014-9652) Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538) Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9653) The file packages have been updated to ensure correct operation on Power little endian and ARM 64-bit hardware architectures.
last seen	2020-03-18
modified	2015-12-22
plugin id	87555
published	2015-12-22
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/87555
title	Scientific Linux Security Update : file on SL7.x x86_64 (20151119)

NASL family	CGI abuses
NASL id	PHP_5_5_21.NASL
description	According to its banner, the version of PHP 5.5.x installed on the remote host is prior to 5.5.21. It is, therefore, affected by multiple vulnerabilities: - A double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine could allow a remote attacker to cause a denial of service. (CVE-2014-9425) - An out-of-bounds read flaw in file
last seen	2020-06-01
modified	2020-06-02
plugin id	81081
published	2015-01-29
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/81081
title	PHP 5.5.x < 5.5.21 Multiple Vulnerabilities

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2015-2155.NASL
description	Updated file packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws were found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file. (CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3587) Two flaws were found in the way file processed certain Pascal strings. A remote attacker could cause file to crash if it was used to identify the type of the attacker-supplied file. (CVE-2014-3478, CVE-2014-9652) Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538) Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9653) Red Hat would like to thank Thomas Jarosch of Intra2net AG for reporting the CVE-2014-8116 and CVE-2014-8117 issues. The CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3710 issues were discovered by Francisco Alonso of Red Hat Product Security; the CVE-2014-3538 issue was discovered by Jan Kaluza of the Red Hat Web Stack Team The file packages have been updated to ensure correct operation on Power little endian and ARM 64-bit hardware architectures. (BZ#1224667, BZ#1224668, BZ#1157850, BZ#1067688). All file users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	87137
published	2015-12-02
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/87137
title	CentOS 7 : file (CESA-2015:2155)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_APACHE2-MOD_PHP53-150226.NASL
description	php5 has been updated to fix two security issues : - Out of bounds read in mconvert(). (bnc#917150). (CVE-2014-9652) - Use after free vulnerability in unserialize() with DateTimeZone. (bnc#918768). (CVE-2015-0273)
last seen	2020-06-01
modified	2020-06-02
plugin id	81665
published	2015-03-06
reporter	This script is Copyright (C) 2015 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/81665
title	SuSE 11.3 Security Update : PHP 5.3 (SAT Patch Number 10370)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2015-0424-1.NASL
description	php5 was updated to fix two security issues. These security issues were fixed : - CVE-2014-9652: Out of bounds read in mconvert() (bnc#917150). - CVE-2015-0273: Use after free vulnerability in unserialize() with DateTimeZone (bnc#918768). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-24
modified	2019-01-02
plugin id	119962
published	2019-01-02
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/119962
title	SUSE SLES12 Security Update : php5 (SUSE-SU-2015:0424-1)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-2501-1.NASL
description	Stefan Esser discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-8142, CVE-2015-0231) Brian Carpenter discovered that the PHP CGI component incorrectly handled invalid files. A local attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-9427) It was discovered that PHP incorrectly handled certain pascal strings in the fileinfo extension. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-9652) Alex Eubanks discovered that PHP incorrectly handled EXIF data in JPEG images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-0232) It was discovered that the PHP opcache component incorrectly handled memory. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-1351) It was discovered that the PHP PostgreSQL database extension incorrectly handled certain pointers. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-1352). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	81399
published	2015-02-18
reporter	Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/81399
title	Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : php5 vulnerabilities (USN-2501-1)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2015-2155.NASL
description	From Red Hat Security Advisory 2015:2155 : Updated file packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws were found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file. (CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3587) Two flaws were found in the way file processed certain Pascal strings. A remote attacker could cause file to crash if it was used to identify the type of the attacker-supplied file. (CVE-2014-3478, CVE-2014-9652) Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538) Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9653) Red Hat would like to thank Thomas Jarosch of Intra2net AG for reporting the CVE-2014-8116 and CVE-2014-8117 issues. The CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3710 issues were discovered by Francisco Alonso of Red Hat Product Security; the CVE-2014-3538 issue was discovered by Jan Kaluza of the Red Hat Web Stack Team The file packages have been updated to ensure correct operation on Power little endian and ARM 64-bit hardware architectures. (BZ#1224667, BZ#1224668, BZ#1157850, BZ#1067688). All file users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	87027
published	2015-11-24
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/87027
title	Oracle Linux 7 : file (ELSA-2015-2155)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20150623_PHP_ON_SL7_X.NASL
description	A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330) A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024) An uninitialized pointer use flaw was found in PHP
last seen	2020-03-18
modified	2015-06-25
plugin id	84394
published	2015-06-25
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/84394
title	Scientific Linux Security Update : php on SL7.x x86_64 (20150623)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1424.NASL
description	According to the versions of the file packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in the File Information (fileinfo) extension rules for detecting AWK files. A remote attacker could use this flaw to cause a PHP application using fileinfo to consume an excessive amount of CPU.(CVE-2013-7345) - A denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file.(CVE-2014-3479) - An ouf-of-bounds read flaw was found in the way the file utility processed certain Pascal strings. A remote attacker could cause an application using the file utility (for example, PHP using the fileinfo module) to crash if it was used to identify the type of the attacker-supplied file.(CVE-2014-9652) - A denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file.(CVE-2014-0207) - A denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file.(CVE-2014-3480) - It was found that the fix for CVE-2012-1571 was incomplete the File Information (fileinfo) extension did not correctly parse certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file.(CVE-2014-3587) - A buffer overflow flaw was found in the way the File Information (fileinfo) extension processed certain Pascal strings. A remote attacker able to make a PHP application using fileinfo convert a specially crafted Pascal string provided by an image file could cause that application to crash.(CVE-2014-3478) - Multiple flaws were found in the File Information (fileinfo) extension regular expression rules for detecting various files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of CPU.(CVE-2014-3538) - A denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file.(CVE-2014-3487) - A denial of service flaw was found in the way the File Information (fileinfo) extension handled search rules. A remote attacker could use this flaw to cause a PHP application using fileinfo to crash or consume an excessive amount of CPU.(CVE-2014-2270) - A flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to cause a PHP application using fileinfo to consume an excessive amount of system resources.(CVE-2014-8117) - A denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file.(CVE-2014-0237) - A flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to cause a PHP application using fileinfo to crash or disclose certain portions of server memory.(CVE-2014-9653) - A denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file.(CVE-2014-0238) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	124927
published	2019-05-14
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/124927
title	EulerOS Virtualization 3.0.1.0 : file (EulerOS-SA-2019-1424)

NASL family	CGI abuses
NASL id	PHP_5_4_37.NASL
description	According to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.37. It is, therefore, affected by multiple vulnerabilities: - The CGI component has an out-of-bounds read flaw in file
last seen	2020-06-01
modified	2020-06-02
plugin id	81080
published	2015-01-29
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/81080
title	PHP 5.4.x < 5.4.37 Multiple Vulnerabilities

Redhat

advisories

rhsa
id RHSA-2015:1053
rhsa
id RHSA-2015:1066
rhsa
id RHSA-2015:1135

rpms

php55-0:2.0-1.el6
php55-0:2.0-1.el7
php55-php-0:5.5.21-2.el6
php55-php-0:5.5.21-2.el7
php55-php-bcmath-0:5.5.21-2.el6
php55-php-bcmath-0:5.5.21-2.el7
php55-php-cli-0:5.5.21-2.el6
php55-php-cli-0:5.5.21-2.el7
php55-php-common-0:5.5.21-2.el6
php55-php-common-0:5.5.21-2.el7
php55-php-dba-0:5.5.21-2.el6
php55-php-dba-0:5.5.21-2.el7
php55-php-debuginfo-0:5.5.21-2.el6
php55-php-debuginfo-0:5.5.21-2.el7
php55-php-devel-0:5.5.21-2.el6
php55-php-devel-0:5.5.21-2.el7
php55-php-enchant-0:5.5.21-2.el6
php55-php-enchant-0:5.5.21-2.el7
php55-php-fpm-0:5.5.21-2.el6
php55-php-fpm-0:5.5.21-2.el7
php55-php-gd-0:5.5.21-2.el6
php55-php-gd-0:5.5.21-2.el7
php55-php-gmp-0:5.5.21-2.el6
php55-php-gmp-0:5.5.21-2.el7
php55-php-imap-0:5.5.21-2.el6
php55-php-intl-0:5.5.21-2.el6
php55-php-intl-0:5.5.21-2.el7
php55-php-ldap-0:5.5.21-2.el6
php55-php-ldap-0:5.5.21-2.el7
php55-php-mbstring-0:5.5.21-2.el6
php55-php-mbstring-0:5.5.21-2.el7
php55-php-mysqlnd-0:5.5.21-2.el6
php55-php-mysqlnd-0:5.5.21-2.el7
php55-php-odbc-0:5.5.21-2.el6
php55-php-odbc-0:5.5.21-2.el7
php55-php-opcache-0:5.5.21-2.el6
php55-php-opcache-0:5.5.21-2.el7
php55-php-pdo-0:5.5.21-2.el6
php55-php-pdo-0:5.5.21-2.el7
php55-php-pgsql-0:5.5.21-2.el6
php55-php-pgsql-0:5.5.21-2.el7
php55-php-process-0:5.5.21-2.el6
php55-php-process-0:5.5.21-2.el7
php55-php-pspell-0:5.5.21-2.el6
php55-php-pspell-0:5.5.21-2.el7
php55-php-recode-0:5.5.21-2.el6
php55-php-recode-0:5.5.21-2.el7
php55-php-snmp-0:5.5.21-2.el6
php55-php-snmp-0:5.5.21-2.el7
php55-php-soap-0:5.5.21-2.el6
php55-php-soap-0:5.5.21-2.el7
php55-php-tidy-0:5.5.21-2.el6
php55-php-xml-0:5.5.21-2.el6
php55-php-xml-0:5.5.21-2.el7
php55-php-xmlrpc-0:5.5.21-2.el6
php55-php-xmlrpc-0:5.5.21-2.el7
php55-runtime-0:2.0-1.el6
php55-runtime-0:2.0-1.el7
php55-scldevel-0:2.0-1.el6
php55-scldevel-0:2.0-1.el7
php54-0:2.0-1.el6
php54-0:2.0-1.el7
php54-php-0:5.4.40-1.el6
php54-php-0:5.4.40-1.el7
php54-php-bcmath-0:5.4.40-1.el6
php54-php-bcmath-0:5.4.40-1.el7
php54-php-cli-0:5.4.40-1.el6
php54-php-cli-0:5.4.40-1.el7
php54-php-common-0:5.4.40-1.el6
php54-php-common-0:5.4.40-1.el7
php54-php-dba-0:5.4.40-1.el6
php54-php-dba-0:5.4.40-1.el7
php54-php-debuginfo-0:5.4.40-1.el6
php54-php-debuginfo-0:5.4.40-1.el7
php54-php-devel-0:5.4.40-1.el6
php54-php-devel-0:5.4.40-1.el7
php54-php-enchant-0:5.4.40-1.el6
php54-php-enchant-0:5.4.40-1.el7
php54-php-fpm-0:5.4.40-1.el6
php54-php-fpm-0:5.4.40-1.el7
php54-php-gd-0:5.4.40-1.el6
php54-php-gd-0:5.4.40-1.el7
php54-php-imap-0:5.4.40-1.el6
php54-php-intl-0:5.4.40-1.el6
php54-php-intl-0:5.4.40-1.el7
php54-php-ldap-0:5.4.40-1.el6
php54-php-ldap-0:5.4.40-1.el7
php54-php-mbstring-0:5.4.40-1.el6
php54-php-mbstring-0:5.4.40-1.el7
php54-php-mysqlnd-0:5.4.40-1.el6
php54-php-mysqlnd-0:5.4.40-1.el7
php54-php-odbc-0:5.4.40-1.el6
php54-php-odbc-0:5.4.40-1.el7
php54-php-pdo-0:5.4.40-1.el6
php54-php-pdo-0:5.4.40-1.el7
php54-php-pecl-zendopcache-0:7.0.4-3.el6
php54-php-pecl-zendopcache-0:7.0.4-3.el7
php54-php-pecl-zendopcache-debuginfo-0:7.0.4-3.el6
php54-php-pecl-zendopcache-debuginfo-0:7.0.4-3.el7
php54-php-pgsql-0:5.4.40-1.el6
php54-php-pgsql-0:5.4.40-1.el7
php54-php-process-0:5.4.40-1.el6
php54-php-process-0:5.4.40-1.el7
php54-php-pspell-0:5.4.40-1.el6
php54-php-pspell-0:5.4.40-1.el7
php54-php-recode-0:5.4.40-1.el6
php54-php-recode-0:5.4.40-1.el7
php54-php-snmp-0:5.4.40-1.el6
php54-php-snmp-0:5.4.40-1.el7
php54-php-soap-0:5.4.40-1.el6
php54-php-soap-0:5.4.40-1.el7
php54-php-tidy-0:5.4.40-1.el6
php54-php-xml-0:5.4.40-1.el6
php54-php-xml-0:5.4.40-1.el7
php54-php-xmlrpc-0:5.4.40-1.el6
php54-php-xmlrpc-0:5.4.40-1.el7
php54-runtime-0:2.0-1.el6
php54-runtime-0:2.0-1.el7
php54-scldevel-0:2.0-1.el6
php54-scldevel-0:2.0-1.el7
php-0:5.4.16-36.ael7b_1
php-0:5.4.16-36.el7_1
php-bcmath-0:5.4.16-36.ael7b_1
php-bcmath-0:5.4.16-36.el7_1
php-cli-0:5.4.16-36.ael7b_1
php-cli-0:5.4.16-36.el7_1
php-common-0:5.4.16-36.ael7b_1
php-common-0:5.4.16-36.el7_1
php-dba-0:5.4.16-36.ael7b_1
php-dba-0:5.4.16-36.el7_1
php-debuginfo-0:5.4.16-36.ael7b_1
php-debuginfo-0:5.4.16-36.el7_1
php-devel-0:5.4.16-36.ael7b_1
php-devel-0:5.4.16-36.el7_1
php-embedded-0:5.4.16-36.ael7b_1
php-embedded-0:5.4.16-36.el7_1
php-enchant-0:5.4.16-36.ael7b_1
php-enchant-0:5.4.16-36.el7_1
php-fpm-0:5.4.16-36.ael7b_1
php-fpm-0:5.4.16-36.el7_1
php-gd-0:5.4.16-36.ael7b_1
php-gd-0:5.4.16-36.el7_1
php-intl-0:5.4.16-36.ael7b_1
php-intl-0:5.4.16-36.el7_1
php-ldap-0:5.4.16-36.ael7b_1
php-ldap-0:5.4.16-36.el7_1
php-mbstring-0:5.4.16-36.ael7b_1
php-mbstring-0:5.4.16-36.el7_1
php-mysql-0:5.4.16-36.ael7b_1
php-mysql-0:5.4.16-36.el7_1
php-mysqlnd-0:5.4.16-36.ael7b_1
php-mysqlnd-0:5.4.16-36.el7_1
php-odbc-0:5.4.16-36.ael7b_1
php-odbc-0:5.4.16-36.el7_1
php-pdo-0:5.4.16-36.ael7b_1
php-pdo-0:5.4.16-36.el7_1
php-pgsql-0:5.4.16-36.ael7b_1
php-pgsql-0:5.4.16-36.el7_1
php-process-0:5.4.16-36.ael7b_1
php-process-0:5.4.16-36.el7_1
php-pspell-0:5.4.16-36.ael7b_1
php-pspell-0:5.4.16-36.el7_1
php-recode-0:5.4.16-36.ael7b_1
php-recode-0:5.4.16-36.el7_1
php-snmp-0:5.4.16-36.ael7b_1
php-snmp-0:5.4.16-36.el7_1
php-soap-0:5.4.16-36.ael7b_1
php-soap-0:5.4.16-36.el7_1
php-xml-0:5.4.16-36.ael7b_1
php-xml-0:5.4.16-36.el7_1
php-xmlrpc-0:5.4.16-36.ael7b_1
php-xmlrpc-0:5.4.16-36.el7_1
file-0:5.11-31.el7
file-debuginfo-0:5.11-31.el7
file-devel-0:5.11-31.el7
file-libs-0:5.11-31.el7
file-static-0:5.11-31.el7
python-magic-0:5.11-31.el7

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

Redhat

References