Vulnerabilities > CVE-2015-0231 - Unspecified vulnerability in PHP

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
php
nessus

Summary

Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142.

Vulnerable Configurations

Part Description Count
Application
Php
650

Nessus

  • NASL familyCGI abuses
    NASL idPHP_5_6_5.NASL
    descriptionAccording to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.5. It is, therefore, affected by multiple vulnerabilities: - A double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine could allow a remote attacker to cause a denial of service. (CVE-2014-9425) - An out-of-bounds read flaw in file
    last seen2020-06-01
    modified2020-06-02
    plugin id81082
    published2015-01-29
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81082
    titlePHP 5.6.x < 5.6.5 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(81082);
      script_version("1.18");
      script_cvs_date("Date: 2019/03/27 13:17:50");
    
      script_cve_id(
        "CVE-2014-9425",
        "CVE-2014-9427",
        "CVE-2014-9652",
        "CVE-2014-9709",
        "CVE-2015-0231",
        "CVE-2015-0232"
      );
      script_bugtraq_id(
        71800,
        71833,
        72505,
        72539,
        72541,
        73306
      );
    
      script_name(english:"PHP 5.6.x < 5.6.5 Multiple Vulnerabilities");
      script_summary(english:"Checks the version of PHP.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote web server uses a version of PHP that is affected by
    multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "According to its banner, the version of PHP 5.6.x installed on the
    remote host is prior to 5.6.5. It is, therefore, affected by multiple
    vulnerabilities:
    
      - A double free vulnerability in the
        zend_ts_hash_graceful_destroy function in
        zend_ts_hash.c in the Zend Engine could allow a remote
        attacker to cause a denial of service. (CVE-2014-9425)
    
      - An out-of-bounds read flaw in file 'cgi_main.c' exists
        when nmap is used to process an invalid file that begins
        with a hash character (#) but lacks a newline character.
        A remote attacker, using a specially crafted PHP file,
        can exploit this vulnerability to disclose memory
        contents, cause a denial of service, or possibly execute
        code. (CVE-2014-9427)
    
      - The mconvert function in softmagic.c does not properly
        handle a certain string-length field during a copy of a
        truncated version of a Pascal string, which could allow
        a remote attacker to cause a denial of service.
        (CVE-2014-9652)
    
      - An out-of-bounds read issue exists in the GetCode_()
        function in 'gd_gif_in.c'. This allows a remote attacker
        to disclose memory contents. (CVE-2014-9709)
    
      - A use-after-free memory error exists in the
        process_nested_data() function in 'var_unserializer.re'
        due to improper handling of duplicate numerical keys
        within the serialized properties of an object. A remote
        attacker, using a crafted unserialize method call, can
        exploit this vulnerability to execute arbitrary code.
        (CVE-2015-0231)
    
      - A flaw exists in the exif_process_unicode() function in
        'exif.c' that allows freeing an uninitialized pointer. A
        remote attacker, using specially crafted EXIF data in a
        JPEG image, can exploit this to cause a denial of
        service or to execute arbitrary code. (CVE-2015-0232)
    
    Note that Nessus has not attempted to exploit these issues but has
    instead relied only on the application's self-reported version number.");
      script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-5.php#5.6.5");
      script_set_attribute(attribute:"see_also", value:"https://bugs.php.net/bug.php?id=68618");
      script_set_attribute(attribute:"see_also", value:"https://bugs.php.net/bug.php?id=68710");
      script_set_attribute(attribute:"see_also", value:"https://bugs.php.net/bug.php?id=68799");
      script_set_attribute(attribute:"solution", value:"Upgrade to PHP version 5.6.5 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-0231");
      script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2014/12/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/01/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/29");
    
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:php:php");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"CGI abuses");
    
      script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("php_version.nasl");
      script_require_keys("www/PHP");
      script_require_ports("Services/www", 80);
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("http.inc");
    include("webapp_func.inc");
    
    port = get_http_port(default:80, php:TRUE);
    
    php = get_php_from_kb(
      port : port,
      exit_on_fail : TRUE
    );
    
    version = php["ver"];
    source = php["src"];
    
    backported = get_kb_item('www/php/'+port+'/'+version+'/backported');
    
    if (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, "PHP "+version+" install");
    
    # Check that it is the correct version of PHP
    if (version =~ "^5(\.6)?$") audit(AUDIT_VER_NOT_GRANULAR, "PHP", port, version);
    if (version !~ "^5\.6\.") audit(AUDIT_NOT_DETECT, "PHP version 5.6.x", port);
    
    if (version =~ "^5\.6\.[0-4]$")
    {
      if (report_verbosity > 0)
      {
        report =
          '\n  Version source    : '+source +
          '\n  Installed version : '+version +
          '\n  Fixed version     : 5.6.5' +
          '\n';
        security_hole(port:port, extra:report);
      }
      else security_hole(port);
      exit(0);
    }
    else audit(AUDIT_LISTEN_NOT_VULN, "PHP", port, version);
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-163.NASL
    descriptionphp5 was updated to fix five security issues. These security issues were fixed : - CVE-2015-0231: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142 (bnc#910659). - CVE-2015-0232: The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allowed remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image (bnc#914690). - CVE-2014-8142: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019 (bnc#910659). - CVE-2014-9427: sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap was used to read a .php file, did not properly consider the mapping
    last seen2020-06-05
    modified2015-02-20
    plugin id81418
    published2015-02-20
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81418
    titleopenSUSE Security Update : php5 (openSUSE-2015-163)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2015-163.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(81418);
      script_version("1.11");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2004-1019", "CVE-2014-8142", "CVE-2014-9426", "CVE-2014-9427", "CVE-2015-0231", "CVE-2015-0232");
    
      script_name(english:"openSUSE Security Update : php5 (openSUSE-2015-163)");
      script_summary(english:"Check for the openSUSE-2015-163 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "php5 was updated to fix five security issues.
    
    These security issues were fixed :
    
      - CVE-2015-0231: Use-after-free vulnerability in the
        process_nested_data function in
        ext/standard/var_unserializer.re in PHP before 5.4.37,
        5.5.x before 5.5.21, and 5.6.x before 5.6.5 allowed
        remote attackers to execute arbitrary code via a crafted
        unserialize call that leverages improper handling of
        duplicate numerical keys within the serialized
        properties of an object. NOTE: this vulnerability exists
        because of an incomplete fix for CVE-2014-8142
        (bnc#910659).
    
      - CVE-2015-0232: The exif_process_unicode function in
        ext/exif/exif.c in PHP before 5.4.37, 5.5.x before
        5.5.21, and 5.6.x before 5.6.5 allowed remote attackers
        to execute arbitrary code or cause a denial of service
        (uninitialized pointer free and application crash) via
        crafted EXIF data in a JPEG image (bnc#914690).
    
      - CVE-2014-8142: Use-after-free vulnerability in the
        process_nested_data function in
        ext/standard/var_unserializer.re in PHP before 5.4.36,
        5.5.x before 5.5.20, and 5.6.x before 5.6.4 allowed
        remote attackers to execute arbitrary code via a crafted
        unserialize call that leverages improper handling of
        duplicate keys within the serialized properties of an
        object, a different vulnerability than CVE-2004-1019
        (bnc#910659).
    
      - CVE-2014-9427: sapi/cgi/cgi_main.c in the CGI component
        in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x
        through 5.6.4, when mmap was used to read a .php file,
        did not properly consider the mapping's length during
        processing of an invalid file that begins with a #
        character and lacks a newline character, which caused an
        out-of-bounds read and might (1) allowed remote
        attackers to obtain sensitive information from php-cgi
        process memory by leveraging the ability to upload a
        .php file or (2) trigger unexpected code execution if a
        valid PHP script is present in memory locations adjacent
        to the mapping (bnc#911664).
    
    For openSUSE 13.2 this additional security issue was fixed :
    
      - CVE-2014-9426: The apprentice_load function in
        libmagic/apprentice.c in the Fileinfo component in PHP
        through 5.6.4 attempted to perform a free operation on a
        stack-based character array, which allowed remote
        attackers to cause a denial of service (memory
        corruption or application crash) or possibly have
        unspecified other impact via unknown vectors
        (bnc#911663)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=907519"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=910659"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=911663"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=911664"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=914690"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected php5 packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(20);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/02/11");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/02/20");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE13\.1|SUSE13\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1 / 13.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE13.1", reference:"apache2-mod_php5-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"apache2-mod_php5-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-bcmath-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-bcmath-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-bz2-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-bz2-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-calendar-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-calendar-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-ctype-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-ctype-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-curl-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-curl-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-dba-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-dba-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-debugsource-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-devel-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-dom-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-dom-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-enchant-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-enchant-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-exif-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-exif-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-fastcgi-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-fastcgi-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-fileinfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-fileinfo-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-firebird-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-firebird-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-fpm-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-fpm-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-ftp-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-ftp-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-gd-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-gd-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-gettext-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-gettext-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-gmp-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-gmp-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-iconv-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-iconv-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-imap-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-imap-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-intl-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-intl-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-json-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-json-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-ldap-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-ldap-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-mbstring-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-mbstring-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-mcrypt-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-mcrypt-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-mssql-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-mssql-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-mysql-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-mysql-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-odbc-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-odbc-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-openssl-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-openssl-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-pcntl-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-pcntl-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-pdo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-pdo-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-pear-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-pgsql-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-pgsql-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-phar-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-phar-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-posix-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-posix-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-pspell-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-pspell-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-readline-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-readline-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-shmop-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-shmop-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-snmp-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-snmp-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-soap-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-soap-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-sockets-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-sockets-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-sqlite-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-sqlite-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-suhosin-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-suhosin-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-sysvmsg-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-sysvmsg-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-sysvsem-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-sysvsem-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-sysvshm-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-sysvshm-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-tidy-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-tidy-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-tokenizer-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-tokenizer-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-wddx-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-wddx-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-xmlreader-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-xmlreader-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-xmlrpc-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-xmlrpc-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-xmlwriter-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-xmlwriter-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-xsl-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-xsl-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-zip-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-zip-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-zlib-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"php5-zlib-debuginfo-5.4.20-38.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"apache2-mod_php5-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"apache2-mod_php5-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-bcmath-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-bcmath-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-bz2-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-bz2-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-calendar-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-calendar-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-ctype-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-ctype-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-curl-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-curl-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-dba-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-dba-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-debugsource-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-devel-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-dom-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-dom-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-enchant-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-enchant-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-exif-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-exif-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-fastcgi-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-fastcgi-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-fileinfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-fileinfo-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-firebird-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-firebird-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-fpm-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-fpm-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-ftp-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-ftp-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-gd-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-gd-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-gettext-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-gettext-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-gmp-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-gmp-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-iconv-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-iconv-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-imap-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-imap-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-intl-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-intl-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-json-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-json-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-ldap-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-ldap-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mbstring-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mbstring-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mcrypt-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mcrypt-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mssql-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mssql-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mysql-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mysql-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-odbc-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-odbc-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-opcache-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-opcache-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-openssl-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-openssl-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pcntl-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pcntl-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pdo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pdo-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pear-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pgsql-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pgsql-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-phar-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-phar-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-posix-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-posix-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pspell-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pspell-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-readline-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-readline-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-shmop-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-shmop-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-snmp-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-snmp-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-soap-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-soap-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sockets-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sockets-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sqlite-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sqlite-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-suhosin-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-suhosin-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvmsg-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvmsg-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvsem-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvsem-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvshm-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvshm-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-tidy-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-tidy-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-tokenizer-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-tokenizer-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-wddx-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-wddx-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlreader-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlreader-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlrpc-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlrpc-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlwriter-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlwriter-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xsl-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xsl-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-zip-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-zip-debuginfo-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-zlib-5.6.1-8.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-zlib-debuginfo-5.6.1-8.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc");
    }
    
  • NASL familyCGI abuses
    NASL idPHP_5_6_7.NASL
    descriptionAccording to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.7. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists related to function
    last seen2020-06-01
    modified2020-06-02
    plugin id82027
    published2015-03-24
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82027
    titlePHP 5.6.x < 5.6.7 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(82027);
      script_version("1.15");
      script_cvs_date("Date: 2019/11/22");
    
      script_cve_id(
        "CVE-2015-0231",
        "CVE-2015-2305",
        "CVE-2015-2331",
        "CVE-2015-2348",
        "CVE-2015-2787",
        "CVE-2015-4147",
        "CVE-2015-4148"
      );
      script_bugtraq_id(
        72539,
        73182,
        73357,
        73381,
        73383,
        73385,
        73431,
        73434,
        75103
      );
    
      script_name(english:"PHP 5.6.x < 5.6.7 Multiple Vulnerabilities");
      script_summary(english:"Checks the version of PHP.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote web server uses a version of PHP that is affected by
    multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "According to its banner, the version of PHP 5.6.x installed on the
    remote host is prior to 5.6.7. It is, therefore, affected by multiple
    vulnerabilities :
    
      - A use-after-free error exists related to function
        'unserialize', which can allow a remote attacker to
        execute arbitrary code. Note that this issue is due to
        an incomplete fix for CVE-2014-8142. (CVE-2015-0231)
    
      - An integer overflow error exists in function 'regcomp'
        in the Henry Spencer regex library, due to improper
        validation of user-supplied input. An attacker can
        exploit this to cause a denial of service or to execute
        arbitrary code. (CVE-2015-2305)
    
      - An integer overflow error exists in the '_zip_cdir_new'
        function, due to improper validation of user-supplied
        input. An attacker, using a crafted ZIP archive, can
        exploit this to cause a denial of service or to execute
        arbitrary code. (CVE-2015-2331)
    
      - A filter bypass vulnerability exists due to a flaw in
        the move_uploaded_file() function in which pathnames are
        truncated when a NULL byte is encountered. This allows a
        remote attacker, via a crafted second argument, to
        bypass intended extension restrictions and create files
        with unexpected names. (CVE-2015-2348)
    
      - A user-after-free error exists in the
        process_nested_data() function. This allows a remote
        attacker, via a crafted unserialize call, to dereference
        already freed memory, resulting in the execution of
        arbitrary code. (CVE-2015-2787)
    
      - A type confusion vulnerability in the
        SoapClient's __call() function in ext/soap/soap.c
        could allow a remote attacker to execute arbitrary
        code by providing crafted serialized data with an
        unexpected data type (CVE-2015-4147, CVE-2015-4148)
    
    Note that Nessus has not attempted to exploit these issues but has
    instead relied only on the application's self-reported version number.");
      script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-5.php#5.6.7");
      script_set_attribute(attribute:"see_also", value:"https://bugs.php.net/bug.php?id=69207");
      script_set_attribute(attribute:"see_also", value:"https://bugs.php.net/bug.php?id=68976");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to PHP version 5.6.7 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-4147");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2014/12/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/03/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/24");
    
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:php:php");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"CGI abuses");
    
      script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("php_version.nasl");
      script_require_keys("www/PHP");
      script_require_ports("Services/www", 80);
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("http.inc");
    include("webapp_func.inc");
    
    port = get_http_port(default:80, php:TRUE);
    
    php = get_php_from_kb(
      port : port,
      exit_on_fail : TRUE
    );
    
    version = php["ver"];
    source = php["src"];
    
    backported = get_kb_item('www/php/'+port+'/'+version+'/backported');
    
    if (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, "PHP "+version+" install");
    
    # Check that it is the correct version of PHP
    if (version =~ "^5(\.6)?$") audit(AUDIT_VER_NOT_GRANULAR, "PHP", port, version);
    if (version !~ "^5\.6\.") audit(AUDIT_NOT_DETECT, "PHP version 5.6.x", port);
    
    if (version =~ "^5\.6\.[0-6]($|[^0-9])")
    {
      if (report_verbosity > 0)
      {
        report =
          '\n  Version source    : '+source +
          '\n  Installed version : '+version +
          '\n  Fixed version     : 5.6.7' +
          '\n';
        security_hole(port:port, extra:report);
      }
      else security_hole(port);
      exit(0);
    }
    else audit(AUDIT_LISTEN_NOT_VULN, "PHP", port, version);
    
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2015-111-10.NASL
    descriptionNew php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id82923
    published2015-04-22
    reporterThis script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82923
    titleSlackware 14.0 / 14.1 / current : php (SSA:2015-111-10)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201606-10.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201606-10 (PHP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : An attacker can possibly execute arbitrary code or create a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id91704
    published2016-06-20
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91704
    titleGLSA-201606-10 : PHP: Multiple vulnerabilities
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1544.NASL
    descriptionAccording to the versions of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP
    last seen2020-06-01
    modified2020-06-02
    plugin id124997
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124997
    titleEulerOS Virtualization 3.0.1.0 : php (EulerOS-SA-2019-1544)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-1135.NASL
    descriptionFrom Red Hat Security Advisory 2015:1135 : Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330) A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024) An uninitialized pointer use flaw was found in PHP
    last seen2020-06-01
    modified2020-06-02
    plugin id84351
    published2015-06-24
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84351
    titleOracle Linux 7 : php (ELSA-2015-1135)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_11.NASL
    descriptionThe remote host is running a version of Mac OS X that is 10.6.8 or later but prior to 10.11. It is, therefore, affected by multiple vulnerabilities in the following components : - Address Book - AirScan - apache_mod_php - Apple Online Store Kit - AppleEvents - Audio - bash - Certificate Trust Policy - CFNetwork Cookies - CFNetwork FTPProtocol - CFNetwork HTTPProtocol - CFNetwork Proxies - CFNetwork SSL - CoreCrypto - CoreText - Dev Tools - Disk Images - dyld - EFI - Finder - Game Center - Heimdal - ICU - Install Framework Legacy - Intel Graphics Driver - IOAudioFamily - IOGraphics - IOHIDFamily - IOStorageFamily - Kernel - libc - libpthread - libxpc - Login Window - lukemftpd - Mail - Multipeer Connectivity - NetworkExtension - Notes - OpenSSH - OpenSSL - procmail - remote_cmds - removefile - Ruby - Safari - Safari Downloads - Safari Extensions - Safari Safe Browsing - Security - SMB - SQLite - Telephony - Terminal - tidy - Time Machine - WebKit - WebKit CSS - WebKit JavaScript Bindings - WebKit Page Loading - WebKit Plug-ins Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id86270
    published2015-10-05
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86270
    titleMac OS X < 10.11 Multiple Vulnerabilities (GHOST)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-080.NASL
    descriptionMultiple vulnerabilities has been discovered and corrected in php : It was discovered that the file utility contains a flaw in the handling of indirect magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files (CVE-2014-1943). A flaw was found in the way the file utility determined the type of Portable Executable (PE) format files, the executable format used on Windows. A malicious PE file could cause the file utility to crash or, potentially, execute arbitrary code (CVE-2014-2270). The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters (CVE-2013-7345). PHP FPM in PHP versions before 5.4.28 and 5.5.12 uses a UNIX domain socket with world-writable permissions by default, which allows any local user to connect to it and execute PHP scripts as the apache user (CVE-2014-0185). A flaw was found in the way file
    last seen2020-06-01
    modified2020-06-02
    plugin id82333
    published2015-03-30
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82333
    titleMandriva Linux Security Advisory : php (MDVSA-2015:080)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-4255.NASL
    description**19 Mar 2015, PHP 5.6.7** Core : - Fixed bug #69174 (leaks when unused inner class use traits precedence). (Laruence) - Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize). (Laruence) - Fixed bug #69121 (Segfault in get_current_user when script owner is not in passwd with ZTS build). (dan at syneto dot net) - Fixed bug #65593 (Segfault when calling ob_start from output buffering callback). (Mike) - Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file not validated in memory.c). (nayana at ddproperty dot com) - Fixed bug #68166 (Exception with invalid character causes segv). (Rasmus) - Fixed bug #69141 (Missing arguments in reflection info for some builtin functions). (kostyantyn dot lysyy at oracle dot com) - Fixed bug #68976 (Use After Free Vulnerability in unserialize()) (CVE-2015-0231). (Stas) - Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options). (Anatol Belski) - Fixed bug #69207 (move_uploaded_file allows nulls in path). (Stas) CGI : - Fixed bug #69015 (php-cgi
    last seen2020-06-05
    modified2015-03-27
    plugin id82284
    published2015-03-27
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82284
    titleFedora 22 : php-5.6.7-2.fc22 (2015-4255)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-1135.NASL
    descriptionUpdated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330) A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024) An uninitialized pointer use flaw was found in PHP
    last seen2020-06-01
    modified2020-06-02
    plugin id84355
    published2015-06-24
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84355
    titleRHEL 7 : php (RHSA-2015:1135)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-1135.NASL
    descriptionUpdated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330) A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024) An uninitialized pointer use flaw was found in PHP
    last seen2020-06-01
    modified2020-06-02
    plugin id84345
    published2015-06-24
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84345
    titleCentOS 7 : php (CESA-2015:1135)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-1638-1.NASL
    descriptionThis update for php53 to version 5.3.17 fixes the following issues : These security issues were fixed : - CVE-2016-5093: get_icu_value_internal out-of-bounds read (bnc#982010). - CVE-2016-5094: Don
    last seen2020-06-01
    modified2020-06-02
    plugin id93161
    published2016-08-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93161
    titleSUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_APACHE2-MOD_PHP53-150212.NASL
    descriptionPHP 5.3 was updated to fix three security issues : - Use-after-free vulnerability allowed remote attackers to execute arbitrary code via a crafted unserialize call that leveraged improper handling of duplicate keys within the serialized properties of an object. (bnc#910659). (CVE-2014-8142) - Use-after-free vulnerability allowed remote attackers to execute arbitrary code via a crafted unserialize call that leveraged improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142. (bnc#910659). (CVE-2015-0231) - The exif_process_unicode function allowed remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image. (bnc#914690). (CVE-2015-0232) Additionally a fix was included that protects against a possible NULL pointer use. (bnc#910659) This non-security issue has been fixed : - Don
    last seen2020-06-01
    modified2020-06-02
    plugin id81507
    published2015-02-25
    reporterThis script is Copyright (C) 2015 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81507
    titleSuSE 11.3 Security Update : php53 (SAT Patch Number 10313)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-474.NASL
    descriptionsapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping
    last seen2020-06-01
    modified2020-06-02
    plugin id81320
    published2015-02-13
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81320
    titleAmazon Linux AMI : php55 (ALAS-2015-474)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-506.NASL
    descriptionA use-after-free flaw was found in the way PHP
    last seen2020-06-01
    modified2020-06-02
    plugin id82834
    published2015-04-17
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82834
    titleAmazon Linux AMI : php54 (ALAS-2015-506)
  • NASL familyWeb Servers
    NASL idHPSMH_7_5.NASL
    descriptionAccording to the web server
    last seen2020-06-01
    modified2020-06-02
    plugin id84923
    published2015-07-22
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84923
    titleHP System Management Homepage 7.3.x / 7.4.x < 7.5.0 Multiple Vulnerabilities (FREAK)
  • NASL familyCGI abuses
    NASL idPHP_5_5_21.NASL
    descriptionAccording to its banner, the version of PHP 5.5.x installed on the remote host is prior to 5.5.21. It is, therefore, affected by multiple vulnerabilities: - A double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine could allow a remote attacker to cause a denial of service. (CVE-2014-9425) - An out-of-bounds read flaw in file
    last seen2020-06-01
    modified2020-06-02
    plugin id81081
    published2015-01-29
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81081
    titlePHP 5.5.x < 5.5.21 Multiple Vulnerabilities
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201503-03.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201503-03 (PHP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : A remote attacker can leverage these vulnerabilities to execute arbitrary code or cause Denial of Service. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id81688
    published2015-03-09
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81688
    titleGLSA-201503-03 : PHP: Multiple vulnerabilities
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_742563D4D77611E4B5954061861086C1.NASL
    descriptionThe PHP project reports : The PHP development team announces the immediate availability of PHP 5.6.7. Several bugs have been fixed as well as CVE-2015-0231, CVE-2015-2305 and CVE-2015-2331. All PHP 5.6 users are encouraged to upgrade to this version. The PHP development team announces the immediate availability of PHP 5.5.23. Several bugs have been fixed as well as CVE-2015-0231, CVE-2015-2305 and CVE-2015-2331. All PHP 5.5 users are encouraged to upgrade to this version. The PHP development team announces the immediate availability of PHP 5.4.39. Six security-related bugs were fixed in this release, including CVE-2015-0231, CVE-2015-2305 and CVE-2015-2331. All PHP 5.4 users are encouraged to upgrade to this version.
    last seen2020-06-01
    modified2020-06-02
    plugin id82514
    published2015-04-02
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82514
    titleFreeBSD : Several vulnerabilities found in PHP (742563d4-d776-11e4-b595-4061861086c1)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-212.NASL
    descriptionCVE-2014-9705 Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries. CVE-2015-0232 The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image. CVE-2015-2301 Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file. CVE-2015-2331 Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow. CVE-2015-2783 Buffer Over-read in unserialize when parsing Phar CVE-2015-2787 Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231. CVE-2015-3329 Buffer Overflow when parsing tar/zip/phar in phar_set_inode) CVE-2015-3330 PHP potential remote code execution with apache 2.4 apache2handler CVE-2015-temp-68819 denial of service when processing a crafted file with Fileinfo NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2015-04-30
    plugin id83144
    published2015-04-30
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83144
    titleDebian DLA-212-1 : php5 security update
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-079.NASL
    descriptionMultiple vulnerabilities has been discovered and corrected in php : S. Paraschoudis discovered that PHP incorrectly handled memory in the enchant binding. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2014-9705). Taoguang Chen discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2015-0273). It was discovered that PHP incorrectly handled memory in the phar extension. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2015-2301). Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142 (CVE-2015-0231). An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is embedded in PHP, processed certain ZIP archives. If an attacker were able to supply a specially crafted ZIP archive to an application using libzip, it could cause the application to crash or, possibly, execute arbitrary code (CVE-2015-2331). It was discovered that the PHP opcache component incorrectly handled memory. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2015-1351). It was discovered that the PHP PostgreSQL database extension incorrectly handled certain pointers. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2015-1352). The updated php packages have been patched and upgraded to the 5.5.23 version which is not vulnerable to these issues. The libzip packages has been patched to address the CVE-2015-2331 flaw. Additionally the php-xdebug package has been upgraded to the latest 2.3.2 and the PECL packages which requires so has been rebuilt for php-5.5.23.
    last seen2020-06-01
    modified2020-06-02
    plugin id82332
    published2015-03-30
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82332
    titleMandriva Linux Security Advisory : php (MDVSA-2015:079)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-1058.NASL
    description22 Jan 2015, PHP 5.6.5 Core : - Upgraded crypt_blowfish to version 1.3. (Leigh) - Fixed bug #60704 (unlink() bug with some files path). - Fixed bug #65419 (Inside trait, self::class != __CLASS__). (Julien) - Fixed bug #68536 (pack for 64bits integer is broken on bigendian). (Remi) - Fixed bug #55541 (errors spawn MessageBox, which blocks test automation). (Anatol) - Fixed bug #68297 (Application Popup provides too few information). (Anatol) - Fixed bug #65769 (localeconv() broken in TS builds). (Anatol) - Fixed bug #65230 (setting locale randomly broken). (Anatol) - Fixed bug #66764 (configure doesn
    last seen2020-06-05
    modified2015-02-06
    plugin id81190
    published2015-02-06
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81190
    titleFedora 21 : php-5.6.5-1.fc21 (2015-1058)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2501-1.NASL
    descriptionStefan Esser discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-8142, CVE-2015-0231) Brian Carpenter discovered that the PHP CGI component incorrectly handled invalid files. A local attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-9427) It was discovered that PHP incorrectly handled certain pascal strings in the fileinfo extension. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-9652) Alex Eubanks discovered that PHP incorrectly handled EXIF data in JPEG images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-0232) It was discovered that the PHP opcache component incorrectly handled memory. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-1351) It was discovered that the PHP PostgreSQL database extension incorrectly handled certain pointers. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-1352). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id81399
    published2015-02-18
    reporterUbuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81399
    titleUbuntu 12.04 LTS / 14.04 LTS / 14.10 : php5 vulnerabilities (USN-2501-1)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-507.NASL
    descriptionA use-after-free flaw was found in the way PHP
    last seen2020-06-01
    modified2020-06-02
    plugin id82835
    published2015-04-17
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82835
    titleAmazon Linux AMI : php55 (ALAS-2015-507)
  • NASL familyCGI abuses
    NASL idPHP_5_5_23.NASL
    descriptionAccording to its banner, the version of PHP 5.5.x installed on the remote host is prior to 5.5.23. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists related to function
    last seen2020-06-01
    modified2020-06-02
    plugin id82026
    published2015-03-24
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82026
    titlePHP 5.5.x < 5.5.23 Multiple Vulnerabilities
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20150623_PHP_ON_SL7_X.NASL
    descriptionA flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330) A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024) An uninitialized pointer use flaw was found in PHP
    last seen2020-03-18
    modified2015-06-25
    plugin id84394
    published2015-06-25
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84394
    titleScientific Linux Security Update : php on SL7.x x86_64 (20150623)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-0365-1.NASL
    descriptionphp5 was updated to fix four security issues. These security issues were fixed : - CVE-2015-0231: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142 (bnc#910659). - CVE-2014-9427: sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, did not properly consider the mapping
    last seen2020-03-24
    modified2019-01-02
    plugin id119961
    published2019-01-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119961
    titleSUSE SLES12 Security Update : php5 (SUSE-SU-2015:0365-1)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-508.NASL
    descriptionA use-after-free flaw was found in the way PHP
    last seen2020-06-01
    modified2020-06-02
    plugin id82836
    published2015-04-17
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82836
    titleAmazon Linux AMI : php56 (ALAS-2015-508)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-4236.NASL
    description**19 Mar 2015, PHP 5.6.7** Core : - Fixed bug #69174 (leaks when unused inner class use traits precedence). (Laruence) - Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize). (Laruence) - Fixed bug #69121 (Segfault in get_current_user when script owner is not in passwd with ZTS build). (dan at syneto dot net) - Fixed bug #65593 (Segfault when calling ob_start from output buffering callback). (Mike) - Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file not validated in memory.c). (nayana at ddproperty dot com) - Fixed bug #68166 (Exception with invalid character causes segv). (Rasmus) - Fixed bug #69141 (Missing arguments in reflection info for some builtin functions). (kostyantyn dot lysyy at oracle dot com) - Fixed bug #68976 (Use After Free Vulnerability in unserialize()) (CVE-2015-0231). (Stas) - Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options). (Anatol Belski) - Fixed bug #69207 (move_uploaded_file allows nulls in path). (Stas) CGI : - Fixed bug #69015 (php-cgi
    last seen2020-06-05
    modified2015-03-31
    plugin id82435
    published2015-03-31
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82435
    titleFedora 21 : php-5.6.7-1.fc21 (2015-4236)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3195.NASL
    descriptionMultiple vulnerabilities have been discovered in the PHP language : - CVE-2015-2305 Guido Vranken discovered a heap overflow in the ereg extension (only applicable to 32 bit systems). - CVE-2014-9705 Buffer overflow in the enchant extension. - CVE-2015-0231 Stefan Esser discovered a use-after-free in the unserialisation of objects. - CVE-2015-0232 Alex Eubanks discovered incorrect memory management in the exif extension. - CVE-2015-0273 Use-after-free in the unserialisation of DateTimeZone.
    last seen2020-03-17
    modified2015-03-19
    plugin id81926
    published2015-03-19
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81926
    titleDebian DSA-3195-1 : php5 - security update
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-032.NASL
    descriptionMultiple vulnerabilities have been discovered and corrected in php : sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping
    last seen2020-06-01
    modified2020-06-02
    plugin id81198
    published2015-02-06
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81198
    titleMandriva Linux Security Advisory : php (MDVSA-2015:032)
  • NASL familyCGI abuses
    NASL idPHP_5_4_37.NASL
    descriptionAccording to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.37. It is, therefore, affected by multiple vulnerabilities: - The CGI component has an out-of-bounds read flaw in file
    last seen2020-06-01
    modified2020-06-02
    plugin id81080
    published2015-01-29
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81080
    titlePHP 5.4.x < 5.4.37 Multiple Vulnerabilities
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-1101.NASL
    description22 Jan 2014, PHP 5.5.21 Core : - Upgraded crypt_blowfish to version 1.3. (Leigh) - Fixed bug #60704 (unlink() bug with some files path). - Fixed bug #65419 (Inside trait, self::class != __CLASS__). (Julien) - Fixed bug #65576 (Constructor from trait conflicts with inherited constructor). (dunglas at gmail dot com) - Fixed bug #55541 (errors spawn MessageBox, which blocks test automation). (Anatol) - Fixed bug #68297 (Application Popup provides too few information). (Anatol) - Fixed bug #65769 (localeconv() broken in TS builds). (Anatol) - Fixed bug #65230 (setting locale randomly broken). (Anatol) - Fixed bug #66764 (configure doesn
    last seen2020-06-05
    modified2015-02-06
    plugin id81191
    published2015-02-06
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81191
    titleFedora 20 : php-5.5.21-1.fc20 (2015-1101)
  • NASL familyCGI abuses
    NASL idPHP_5_4_39.NASL
    descriptionAccording to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.39. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists related to function
    last seen2020-06-01
    modified2020-06-02
    plugin id82025
    published2015-03-24
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82025
    titlePHP 5.4.x < 5.4.39 Multiple Vulnerabilities
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-475.NASL
    descriptionsapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping
    last seen2020-06-01
    modified2020-06-02
    plugin id81321
    published2015-02-13
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81321
    titleAmazon Linux AMI : php54 (ALAS-2015-475)

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/138812/SA-20160922-0.txt
idPACKETSTORM:138812
last seen2016-12-05
published2016-09-22
reporterRene Freingruber
sourcehttps://packetstormsecurity.com/files/138812/Kerio-Control-Unified-Threat-Management-Code-Execution-XSS-Memory-Corruption.html
titleKerio Control Unified Threat Management Code Execution / XSS / Memory Corruption

Redhat

advisories
  • rhsa
    idRHSA-2015:1053
  • rhsa
    idRHSA-2015:1066
  • rhsa
    idRHSA-2015:1135
rpms
  • php55-0:2.0-1.el6
  • php55-0:2.0-1.el7
  • php55-php-0:5.5.21-2.el6
  • php55-php-0:5.5.21-2.el7
  • php55-php-bcmath-0:5.5.21-2.el6
  • php55-php-bcmath-0:5.5.21-2.el7
  • php55-php-cli-0:5.5.21-2.el6
  • php55-php-cli-0:5.5.21-2.el7
  • php55-php-common-0:5.5.21-2.el6
  • php55-php-common-0:5.5.21-2.el7
  • php55-php-dba-0:5.5.21-2.el6
  • php55-php-dba-0:5.5.21-2.el7
  • php55-php-debuginfo-0:5.5.21-2.el6
  • php55-php-debuginfo-0:5.5.21-2.el7
  • php55-php-devel-0:5.5.21-2.el6
  • php55-php-devel-0:5.5.21-2.el7
  • php55-php-enchant-0:5.5.21-2.el6
  • php55-php-enchant-0:5.5.21-2.el7
  • php55-php-fpm-0:5.5.21-2.el6
  • php55-php-fpm-0:5.5.21-2.el7
  • php55-php-gd-0:5.5.21-2.el6
  • php55-php-gd-0:5.5.21-2.el7
  • php55-php-gmp-0:5.5.21-2.el6
  • php55-php-gmp-0:5.5.21-2.el7
  • php55-php-imap-0:5.5.21-2.el6
  • php55-php-intl-0:5.5.21-2.el6
  • php55-php-intl-0:5.5.21-2.el7
  • php55-php-ldap-0:5.5.21-2.el6
  • php55-php-ldap-0:5.5.21-2.el7
  • php55-php-mbstring-0:5.5.21-2.el6
  • php55-php-mbstring-0:5.5.21-2.el7
  • php55-php-mysqlnd-0:5.5.21-2.el6
  • php55-php-mysqlnd-0:5.5.21-2.el7
  • php55-php-odbc-0:5.5.21-2.el6
  • php55-php-odbc-0:5.5.21-2.el7
  • php55-php-opcache-0:5.5.21-2.el6
  • php55-php-opcache-0:5.5.21-2.el7
  • php55-php-pdo-0:5.5.21-2.el6
  • php55-php-pdo-0:5.5.21-2.el7
  • php55-php-pgsql-0:5.5.21-2.el6
  • php55-php-pgsql-0:5.5.21-2.el7
  • php55-php-process-0:5.5.21-2.el6
  • php55-php-process-0:5.5.21-2.el7
  • php55-php-pspell-0:5.5.21-2.el6
  • php55-php-pspell-0:5.5.21-2.el7
  • php55-php-recode-0:5.5.21-2.el6
  • php55-php-recode-0:5.5.21-2.el7
  • php55-php-snmp-0:5.5.21-2.el6
  • php55-php-snmp-0:5.5.21-2.el7
  • php55-php-soap-0:5.5.21-2.el6
  • php55-php-soap-0:5.5.21-2.el7
  • php55-php-tidy-0:5.5.21-2.el6
  • php55-php-xml-0:5.5.21-2.el6
  • php55-php-xml-0:5.5.21-2.el7
  • php55-php-xmlrpc-0:5.5.21-2.el6
  • php55-php-xmlrpc-0:5.5.21-2.el7
  • php55-runtime-0:2.0-1.el6
  • php55-runtime-0:2.0-1.el7
  • php55-scldevel-0:2.0-1.el6
  • php55-scldevel-0:2.0-1.el7
  • php54-0:2.0-1.el6
  • php54-0:2.0-1.el7
  • php54-php-0:5.4.40-1.el6
  • php54-php-0:5.4.40-1.el7
  • php54-php-bcmath-0:5.4.40-1.el6
  • php54-php-bcmath-0:5.4.40-1.el7
  • php54-php-cli-0:5.4.40-1.el6
  • php54-php-cli-0:5.4.40-1.el7
  • php54-php-common-0:5.4.40-1.el6
  • php54-php-common-0:5.4.40-1.el7
  • php54-php-dba-0:5.4.40-1.el6
  • php54-php-dba-0:5.4.40-1.el7
  • php54-php-debuginfo-0:5.4.40-1.el6
  • php54-php-debuginfo-0:5.4.40-1.el7
  • php54-php-devel-0:5.4.40-1.el6
  • php54-php-devel-0:5.4.40-1.el7
  • php54-php-enchant-0:5.4.40-1.el6
  • php54-php-enchant-0:5.4.40-1.el7
  • php54-php-fpm-0:5.4.40-1.el6
  • php54-php-fpm-0:5.4.40-1.el7
  • php54-php-gd-0:5.4.40-1.el6
  • php54-php-gd-0:5.4.40-1.el7
  • php54-php-imap-0:5.4.40-1.el6
  • php54-php-intl-0:5.4.40-1.el6
  • php54-php-intl-0:5.4.40-1.el7
  • php54-php-ldap-0:5.4.40-1.el6
  • php54-php-ldap-0:5.4.40-1.el7
  • php54-php-mbstring-0:5.4.40-1.el6
  • php54-php-mbstring-0:5.4.40-1.el7
  • php54-php-mysqlnd-0:5.4.40-1.el6
  • php54-php-mysqlnd-0:5.4.40-1.el7
  • php54-php-odbc-0:5.4.40-1.el6
  • php54-php-odbc-0:5.4.40-1.el7
  • php54-php-pdo-0:5.4.40-1.el6
  • php54-php-pdo-0:5.4.40-1.el7
  • php54-php-pecl-zendopcache-0:7.0.4-3.el6
  • php54-php-pecl-zendopcache-0:7.0.4-3.el7
  • php54-php-pecl-zendopcache-debuginfo-0:7.0.4-3.el6
  • php54-php-pecl-zendopcache-debuginfo-0:7.0.4-3.el7
  • php54-php-pgsql-0:5.4.40-1.el6
  • php54-php-pgsql-0:5.4.40-1.el7
  • php54-php-process-0:5.4.40-1.el6
  • php54-php-process-0:5.4.40-1.el7
  • php54-php-pspell-0:5.4.40-1.el6
  • php54-php-pspell-0:5.4.40-1.el7
  • php54-php-recode-0:5.4.40-1.el6
  • php54-php-recode-0:5.4.40-1.el7
  • php54-php-snmp-0:5.4.40-1.el6
  • php54-php-snmp-0:5.4.40-1.el7
  • php54-php-soap-0:5.4.40-1.el6
  • php54-php-soap-0:5.4.40-1.el7
  • php54-php-tidy-0:5.4.40-1.el6
  • php54-php-xml-0:5.4.40-1.el6
  • php54-php-xml-0:5.4.40-1.el7
  • php54-php-xmlrpc-0:5.4.40-1.el6
  • php54-php-xmlrpc-0:5.4.40-1.el7
  • php54-runtime-0:2.0-1.el6
  • php54-runtime-0:2.0-1.el7
  • php54-scldevel-0:2.0-1.el6
  • php54-scldevel-0:2.0-1.el7
  • php-0:5.4.16-36.ael7b_1
  • php-0:5.4.16-36.el7_1
  • php-bcmath-0:5.4.16-36.ael7b_1
  • php-bcmath-0:5.4.16-36.el7_1
  • php-cli-0:5.4.16-36.ael7b_1
  • php-cli-0:5.4.16-36.el7_1
  • php-common-0:5.4.16-36.ael7b_1
  • php-common-0:5.4.16-36.el7_1
  • php-dba-0:5.4.16-36.ael7b_1
  • php-dba-0:5.4.16-36.el7_1
  • php-debuginfo-0:5.4.16-36.ael7b_1
  • php-debuginfo-0:5.4.16-36.el7_1
  • php-devel-0:5.4.16-36.ael7b_1
  • php-devel-0:5.4.16-36.el7_1
  • php-embedded-0:5.4.16-36.ael7b_1
  • php-embedded-0:5.4.16-36.el7_1
  • php-enchant-0:5.4.16-36.ael7b_1
  • php-enchant-0:5.4.16-36.el7_1
  • php-fpm-0:5.4.16-36.ael7b_1
  • php-fpm-0:5.4.16-36.el7_1
  • php-gd-0:5.4.16-36.ael7b_1
  • php-gd-0:5.4.16-36.el7_1
  • php-intl-0:5.4.16-36.ael7b_1
  • php-intl-0:5.4.16-36.el7_1
  • php-ldap-0:5.4.16-36.ael7b_1
  • php-ldap-0:5.4.16-36.el7_1
  • php-mbstring-0:5.4.16-36.ael7b_1
  • php-mbstring-0:5.4.16-36.el7_1
  • php-mysql-0:5.4.16-36.ael7b_1
  • php-mysql-0:5.4.16-36.el7_1
  • php-mysqlnd-0:5.4.16-36.ael7b_1
  • php-mysqlnd-0:5.4.16-36.el7_1
  • php-odbc-0:5.4.16-36.ael7b_1
  • php-odbc-0:5.4.16-36.el7_1
  • php-pdo-0:5.4.16-36.ael7b_1
  • php-pdo-0:5.4.16-36.el7_1
  • php-pgsql-0:5.4.16-36.ael7b_1
  • php-pgsql-0:5.4.16-36.el7_1
  • php-process-0:5.4.16-36.ael7b_1
  • php-process-0:5.4.16-36.el7_1
  • php-pspell-0:5.4.16-36.ael7b_1
  • php-pspell-0:5.4.16-36.el7_1
  • php-recode-0:5.4.16-36.ael7b_1
  • php-recode-0:5.4.16-36.el7_1
  • php-snmp-0:5.4.16-36.ael7b_1
  • php-snmp-0:5.4.16-36.el7_1
  • php-soap-0:5.4.16-36.ael7b_1
  • php-soap-0:5.4.16-36.el7_1
  • php-xml-0:5.4.16-36.ael7b_1
  • php-xml-0:5.4.16-36.el7_1
  • php-xmlrpc-0:5.4.16-36.ael7b_1
  • php-xmlrpc-0:5.4.16-36.el7_1

References