Vulnerabilities > CVE-2015-8838 - Improper Access Control vulnerability in PHP

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
high complexity
php
CWE-284
nessus

Summary

ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152.

Vulnerable Configurations

Part Description Count
Application
Php
667

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Embedding Scripts within Scripts
    An attack of this type exploits a programs' vulnerabilities that are brought on by allowing remote hosts to execute scripts. The attacker leverages this capability to execute scripts to execute his/her own script by embedding it within other scripts that the target software is likely to execute. The attacker must have the ability to inject script into script that is likely to be executed. If this is done, then the attacker can potentially launch a variety of probes and attacks against the web server's local environment, in many cases the so-called DMZ, back end resources the web server can communicate with, and other hosts. With the proliferation of intermediaries, such as Web App Firewalls, network devices, and even printers having JVMs and Web servers, there are many locales where an attacker can inject malicious scripts. Since this attack pattern defines scripts within scripts, there are likely privileges to execute said attack on the host. Of course, these attacks are not solely limited to the server side, client side scripts like Ajax and client side JavaScript can contain malicious scripts as well. In general all that is required is for there to be sufficient privileges to execute a script, but not protected against writing.
  • Signature Spoofing by Key Theft
    An attacker obtains an authoritative or reputable signer's private signature key by theft and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Nessus

  • NASL familyCGI abuses
    NASL idPHP_5_4_43.NASL
    descriptionAccording to its banner, the version of PHP 5.4.x running on the remote web server is prior to 5.4.43. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability, known as
    last seen2020-06-01
    modified2020-06-02
    plugin id84671
    published2015-07-10
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84671
    titlePHP 5.4.x < 5.4.43 Multiple Vulnerabilities (BACKRONYM)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(84671);
      script_version("1.17");
      script_cvs_date("Date: 2019/03/27 13:17:50");
    
      script_cve_id(
        "CVE-2015-3152",
        "CVE-2015-5589",
        "CVE-2015-5590",
        "CVE-2015-8838"
      );
      script_bugtraq_id(
        74398,
        75970,
        75974,
        88763
      );
    
      script_name(english:"PHP 5.4.x < 5.4.43 Multiple Vulnerabilities (BACKRONYM)");
      script_summary(english:"Checks the version of PHP.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote web server uses a version of PHP that is affected by
    multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "According to its banner, the version of PHP 5.4.x running on the
    remote web server is prior to 5.4.43. It is, therefore, affected by
    multiple vulnerabilities :
    
      - A security feature bypass vulnerability, known as
        'BACKRONYM', exists due to a failure to properly enforce
        the requirement of an SSL/TLS connection when the --ssl
        client option is used. A man-in-the-middle attacker can
        exploit this flaw to coerce the client to downgrade to
        an unencrypted connection, allowing the attacker to
        disclose data from the database or manipulate database
        queries. (CVE-2015-3152)
    
      - A flaw in the phar_convert_to_other function in
        ext/phar/phar_object.c could allow a remote attacker
        to cause a denial of service. (CVE-2015-5589)
    
      - A Stack-based buffer overflow in the phar_fix_filepath
        function in ext/phar/phar.c could allow a remote attacker
        to cause a denial of service. (CVE-2015-5590)
    
      - A flaw exists in the PHP Connector/C component due to a
        failure to properly enforce the requirement of an
        SSL/TLS connection when the --ssl client option is used.
        A man-in-the-middle attacker can exploit this to
        downgrade the connection to plain HTTP when HTTPS is
        expected. (CVE-2015-8838)
        
      - An unspecified flaw exists in the
        phar_convert_to_other() function in phar_object.c during
        the conversion of invalid TAR files. An attacker can
        exploit this flaw to crash a PHP application, resulting
        in a denial of service condition.
    
      - A flaw exists in the parse_ini_file() and
        parse_ini_string() functions due to improper handling of
        strings that contain a line feed followed by an escape
        character. An attacker can exploit this to crash a PHP
        application, resulting in a denial of service condition.
    
      - A user-after-free error exists in the object_custom()
        function in var_unserializer.c due to improper
        validation of user-supplied input. A remote attacker can
        exploit this to dereference already freed memory,
        potentially resulting in the execution of arbitrary
        code.
    
    Note that Nessus has not tested for these issues but has instead
    relied only on the application's self-reported version number.");
      script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-5.php#5.4.43");
      script_set_attribute(attribute:"see_also", value:"http://backronym.fail/");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to PHP version 5.4.43 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-5589");
      script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2013/12/03");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/07/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/07/10");
    
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:php:php");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"CGI abuses");
    
      script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("php_version.nasl");
      script_require_keys("www/PHP");
      script_require_ports("Services/www", 80);
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("http.inc");
    include("webapp_func.inc");
    
    port = get_http_port(default:80, php:TRUE);
    
    php = get_php_from_kb(
      port : port,
      exit_on_fail : TRUE
    );
    
    version = php["ver"];
    source = php["src"];
    
    backported = get_kb_item('www/php/'+port+'/'+version+'/backported');
    
    if (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, "PHP "+version+" install");
    
    # Check that it is the correct version of PHP
    if (version =~ "^5(\.4)?$") audit(AUDIT_VER_NOT_GRANULAR, "PHP", port, version);
    if (version !~ "^5\.4\.") audit(AUDIT_NOT_DETECT, "PHP version 5.4.x", port);
    
    if (version =~ "^5\.4\.([0-9]|[1-3][0-9]|4[0-2])($|[^0-9])")
    {
      if (report_verbosity > 0)
      {
        report =
          '\n  Version source    : ' + source +
          '\n  Installed version : ' + version +
          '\n  Fixed version     : 5.4.43' +
          '\n';
        security_hole(port:port, extra:report);
      }
      else security_hole(port);
      exit(0);
    }
    else audit(AUDIT_LISTEN_NOT_VULN, "PHP", port, version);
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-517.NASL
    descriptionThis update for php5 fixes the following security issues : - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM (bnc#973792). - CVE-2015-8835: SoapClient s_call method suffered from a type confusion issue that could have lead to crashes [bsc#973351] - CVE-2016-2554: A NULL pointer dereference in phar_get_fp_offset could lead to crashes. [bsc#968284] Note: we do not ship the phar extension currently, so we are not affected. - CVE-2016-3141: A use-after-free / double-free in the WDDX deserialization could lead to crashes or potential code execution. [bsc#969821] - CVE-2016-3142: An Out-of-bounds read in phar_parse_zipfile() could lead to crashes. [bsc#971912] Note: we do not ship the phar extension currently, so we are not affected. - CVE-2014-9767: A directory traversal when extracting zip files was fixed that could lead to overwritten files. [bsc#971612] - CVE-2016-3185: A type confusion vulnerability in make_http_soap_request() could lead to crashes or potentially code execution. [bsc#971611] This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2016-04-29
    plugin id90782
    published2016-04-29
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/90782
    titleopenSUSE Security Update : php5 (openSUSE-2016-517)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2016-517.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(90782);
      script_version("2.5");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2014-9767", "CVE-2015-8835", "CVE-2015-8838", "CVE-2016-2554", "CVE-2016-3141", "CVE-2016-3142", "CVE-2016-3185");
    
      script_name(english:"openSUSE Security Update : php5 (openSUSE-2016-517)");
      script_summary(english:"Check for the openSUSE-2016-517 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for php5 fixes the following security issues :
    
      - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM
        (bnc#973792).
    
      - CVE-2015-8835: SoapClient s_call method suffered from a
        type confusion issue that could have lead to crashes
        [bsc#973351]
    
      - CVE-2016-2554: A NULL pointer dereference in
        phar_get_fp_offset could lead to crashes. [bsc#968284]
        Note: we do not ship the phar extension currently, so we
        are not affected.
    
      - CVE-2016-3141: A use-after-free / double-free in the
        WDDX deserialization could lead to crashes or potential
        code execution. [bsc#969821]
    
      - CVE-2016-3142: An Out-of-bounds read in
        phar_parse_zipfile() could lead to crashes. [bsc#971912]
        Note: we do not ship the phar extension currently, so we
        are not affected.
    
      - CVE-2014-9767: A directory traversal when extracting zip
        files was fixed that could lead to overwritten files.
        [bsc#971612]
    
      - CVE-2016-3185: A type confusion vulnerability in
        make_http_soap_request() could lead to crashes or
        potentially code execution. [bsc#971611]
    
    This update was imported from the SUSE:SLE-12:Update update project."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=968284"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=969821"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=971611"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=971612"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=971912"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=973351"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=973792"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected php5 packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/04/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/04/29");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE42.1", reference:"apache2-mod_php5-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"apache2-mod_php5-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-bcmath-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-bcmath-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-bz2-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-bz2-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-calendar-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-calendar-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-ctype-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-ctype-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-curl-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-curl-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-dba-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-dba-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-debugsource-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-devel-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-dom-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-dom-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-enchant-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-enchant-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-exif-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-exif-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-fastcgi-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-fastcgi-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-fileinfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-fileinfo-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-firebird-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-firebird-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-fpm-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-fpm-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-ftp-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-ftp-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-gd-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-gd-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-gettext-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-gettext-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-gmp-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-gmp-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-iconv-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-iconv-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-imap-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-imap-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-intl-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-intl-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-json-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-json-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-ldap-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-ldap-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-mbstring-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-mbstring-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-mcrypt-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-mcrypt-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-mssql-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-mssql-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-mysql-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-mysql-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-odbc-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-odbc-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-opcache-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-opcache-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-openssl-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-openssl-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-pcntl-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-pcntl-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-pdo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-pdo-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-pear-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-pgsql-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-pgsql-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-phar-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-phar-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-posix-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-posix-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-pspell-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-pspell-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-readline-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-readline-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-shmop-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-shmop-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-snmp-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-snmp-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-soap-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-soap-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-sockets-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-sockets-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-sqlite-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-sqlite-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-suhosin-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-suhosin-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-sysvmsg-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-sysvmsg-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-sysvsem-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-sysvsem-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-sysvshm-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-sysvshm-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-tidy-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-tidy-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-tokenizer-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-tokenizer-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-wddx-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-wddx-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-xmlreader-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-xmlreader-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-xmlrpc-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-xmlrpc-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-xmlwriter-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-xmlwriter-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-xsl-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-xsl-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-zip-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-zip-debuginfo-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-zlib-5.5.14-44.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"php5-zlib-debuginfo-5.5.14-44.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-1638-1.NASL
    descriptionThis update for php53 to version 5.3.17 fixes the following issues : These security issues were fixed : - CVE-2016-5093: get_icu_value_internal out-of-bounds read (bnc#982010). - CVE-2016-5094: Don
    last seen2020-06-01
    modified2020-06-02
    plugin id93161
    published2016-08-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93161
    titleSUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2016:1638-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(93161);
      script_version("2.8");
      script_cvs_date("Date: 2019/09/11 11:22:13");
    
      script_cve_id("CVE-2004-1019", "CVE-2006-7243", "CVE-2014-0207", "CVE-2014-3478", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3515", "CVE-2014-3597", "CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-4049", "CVE-2014-4670", "CVE-2014-4698", "CVE-2014-4721", "CVE-2014-5459", "CVE-2014-8142", "CVE-2014-9652", "CVE-2014-9705", "CVE-2014-9709", "CVE-2014-9767", "CVE-2015-0231", "CVE-2015-0232", "CVE-2015-0273", "CVE-2015-1352", "CVE-2015-2301", "CVE-2015-2305", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3152", "CVE-2015-3329", "CVE-2015-3411", "CVE-2015-3412", "CVE-2015-4021", "CVE-2015-4022", "CVE-2015-4024", "CVE-2015-4026", "CVE-2015-4116", "CVE-2015-4148", "CVE-2015-4598", "CVE-2015-4599", "CVE-2015-4600", "CVE-2015-4601", "CVE-2015-4602", "CVE-2015-4603", "CVE-2015-4643", "CVE-2015-4644", "CVE-2015-5161", "CVE-2015-5589", "CVE-2015-5590", "CVE-2015-6831", "CVE-2015-6833", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6838", "CVE-2015-7803", "CVE-2015-8835", "CVE-2015-8838", "CVE-2015-8866", "CVE-2015-8867", "CVE-2015-8873", "CVE-2015-8874", "CVE-2015-8879", "CVE-2016-2554", "CVE-2016-3141", "CVE-2016-3142", "CVE-2016-3185", "CVE-2016-4070", "CVE-2016-4073", "CVE-2016-4342", "CVE-2016-4346", "CVE-2016-4537", "CVE-2016-4538", "CVE-2016-4539", "CVE-2016-4540", "CVE-2016-4541", "CVE-2016-4542", "CVE-2016-4543", "CVE-2016-4544", "CVE-2016-5093", "CVE-2016-5094", "CVE-2016-5095", "CVE-2016-5096", "CVE-2016-5114");
      script_bugtraq_id(44951, 68007, 68120, 68237, 68238, 68239, 68241, 68243, 68423, 68511, 68513, 69322, 69388, 70611, 70665, 70666, 71791, 71932, 72505, 72539, 72541, 72611, 72701, 73031, 73037, 73306, 73431, 74239, 74240, 74398, 74413, 74700, 74902, 74903, 75056, 75103, 75244, 75246, 75249, 75250, 75251, 75252, 75255, 75291, 75292, 75970, 75974);
    
      script_name(english:"SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for php53 to version 5.3.17 fixes the following issues :
    
    These security issues were fixed :
    
      - CVE-2016-5093: get_icu_value_internal out-of-bounds read
        (bnc#982010).
    
      - CVE-2016-5094: Don't create strings with lengths outside
        int range (bnc#982011).
    
      - CVE-2016-5095: Don't create strings with lengths outside
        int range (bnc#982012).
    
      - CVE-2016-5096: int/size_t confusion in fread
        (bsc#982013).
    
      - CVE-2016-5114: fpm_log.c memory leak and buffer overflow
        (bnc#982162).
    
      - CVE-2015-8879: The odbc_bindcols function in
        ext/odbc/php_odbc.c in PHP mishandles driver behavior
        for SQL_WVARCHAR columns, which allowed remote attackers
        to cause a denial of service (application crash) in
        opportunistic circumstances by leveraging use of the
        odbc_fetch_array function to access a certain type of
        Microsoft SQL Server table (bsc#981050).
    
      - CVE-2015-4116: Use-after-free vulnerability in the
        spl_ptr_heap_insert function in ext/spl/spl_heap.c in
        PHP allowed remote attackers to execute arbitrary code
        by triggering a failed SplMinHeap::compare operation
        (bsc#980366).
    
      - CVE-2015-8874: Stack consumption vulnerability in GD in
        PHP allowed remote attackers to cause a denial of
        service via a crafted imagefilltoborder call
        (bsc#980375).
    
      - CVE-2015-8873: Stack consumption vulnerability in
        Zend/zend_exceptions.c in PHP allowed remote attackers
        to cause a denial of service (segmentation fault) via
        recursive method calls (bsc#980373).
    
      - CVE-2016-4540: The grapheme_stripos function in
        ext/intl/grapheme/grapheme_string.c in PHP allowed
        remote attackers to cause a denial of service
        (out-of-bounds read) or possibly have unspecified other
        impact via a negative offset (bsc#978829).
    
      - CVE-2016-4541: The grapheme_strpos function in
        ext/intl/grapheme/grapheme_string.c in PHP allowed
        remote attackers to cause a denial of service
        (out-of-bounds read) or possibly have unspecified other
        impact via a negative offset (bsc#978829.
    
      - CVE-2016-4542: The exif_process_IFD_TAG function in
        ext/exif/exif.c in PHP did not properly construct
        spprintf arguments, which allowed remote attackers to
        cause a denial of service (out-of-bounds read) or
        possibly have unspecified other impact via crafted
        header data (bsc#978830).
    
      - CVE-2016-4543: The exif_process_IFD_in_JPEG function in
        ext/exif/exif.c in PHP did not validate IFD sizes, which
        allowed remote attackers to cause a denial of service
        (out-of-bounds read) or possibly have unspecified other
        impact via crafted header data (bsc#978830.
    
      - CVE-2016-4544: The exif_process_TIFF_in_JPEG function in
        ext/exif/exif.c in PHP did not validate TIFF start data,
        which allowed remote attackers to cause a denial of
        service (out-of-bounds read) or possibly have
        unspecified other impact via crafted header data
        (bsc#978830.
    
      - CVE-2016-4537: The bcpowmod function in
        ext/bcmath/bcmath.c in PHP accepted a negative integer
        for the scale argument, which allowed remote attackers
        to cause a denial of service or possibly have
        unspecified other impact via a crafted call
        (bsc#978827).
    
      - CVE-2016-4538: The bcpowmod function in
        ext/bcmath/bcmath.c in PHP modified certain data
        structures without considering whether they are copies
        of the _zero_, _one_, or _two_ global variable, which
        allowed remote attackers to cause a denial of service or
        possibly have unspecified other impact via a crafted
        call (bsc#978827).
    
      - CVE-2016-4539: The xml_parse_into_struct function in
        ext/xml/xml.c in PHP allowed remote attackers to cause a
        denial of service (buffer under-read and segmentation
        fault) or possibly have unspecified other impact via
        crafted XML data in the second argument, leading to a
        parser level of zero (bsc#978828).
    
      - CVE-2016-4342: ext/phar/phar_object.c in PHP mishandles
        zero-length uncompressed data, which allowed remote
        attackers to cause a denial of service (heap memory
        corruption) or possibly have unspecified other impact
        via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive
        (bsc#977991).
    
      - CVE-2016-4346: Integer overflow in the str_pad function
        in ext/standard/string.c in PHP allowed remote attackers
        to cause a denial of service or possibly have
        unspecified other impact via a long string, leading to a
        heap-based buffer overflow (bsc#977994).
    
      - CVE-2016-4073: Multiple integer overflows in the
        mbfl_strcut function in
        ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP allowed
        remote attackers to cause a denial of service
        (application crash) or possibly execute arbitrary code
        via a crafted mb_strcut call (bsc#977003).
    
      - CVE-2015-8867: The openssl_random_pseudo_bytes function
        in ext/openssl/openssl.c in PHP incorrectly relied on
        the deprecated RAND_pseudo_bytes function, which made it
        easier for remote attackers to defeat cryptographic
        protection mechanisms via unspecified vectors
        (bsc#977005).
    
      - CVE-2016-4070: Integer overflow in the
        php_raw_url_encode function in ext/standard/url.c in PHP
        allowed remote attackers to cause a denial of service
        (application crash) via a long string to the
        rawurlencode function (bsc#976997).
    
      - CVE-2015-8866: ext/libxml/libxml.c in PHP when PHP-FPM
        is used, did not isolate each thread from
        libxml_disable_entity_loader changes in other threads,
        which allowed remote attackers to conduct XML External
        Entity (XXE) and XML Entity Expansion (XEE) attacks via
        a crafted XML document, a related issue to CVE-2015-5161
        (bsc#976996).
    
      - CVE-2015-8838: ext/mysqlnd/mysqlnd.c in PHP used a
        client SSL option to mean that SSL is optional, which
        allowed man-in-the-middle attackers to spoof servers via
        a cleartext-downgrade attack, a related issue to
        CVE-2015-3152 (bsc#973792).
    
      - CVE-2015-8835: The make_http_soap_request function in
        ext/soap/php_http.c in PHP did not properly retrieve
        keys, which allowed remote attackers to cause a denial
        of service (NULL pointer dereference, type confusion,
        and application crash) or possibly execute arbitrary
        code via crafted serialized data representing a
        numerically indexed _cookies array, related to the
        SoapClient::__call method in ext/soap/soap.c
        (bsc#973351).
    
      - CVE-2016-3141: Use-after-free vulnerability in wddx.c in
        the WDDX extension in PHP allowed remote attackers to
        cause a denial of service (memory corruption and
        application crash) or possibly have unspecified other
        impact by triggering a wddx_deserialize call on XML data
        containing a crafted var element (bsc#969821).
    
      - CVE-2016-3142: The phar_parse_zipfile function in zip.c
        in the PHAR extension in PHP allowed remote attackers to
        obtain sensitive information from process memory or
        cause a denial of service (out-of-bounds read and
        application crash) by placing a PK\x05\x06 signature at
        an invalid location (bsc#971912).
    
      - CVE-2014-9767: Directory traversal vulnerability in the
        ZipArchive::extractTo function in ext/zip/php_zip.c in
        PHP ext/zip/ext_zip.cpp in HHVM allowed remote attackers
        to create arbitrary empty directories via a crafted ZIP
        archive (bsc#971612).
    
      - CVE-2016-3185: The make_http_soap_request function in
        ext/soap/php_http.c in PHP allowed remote attackers to
        obtain sensitive information from process memory or
        cause a denial of service (type confusion and
        application crash) via crafted serialized _cookies data,
        related to the SoapClient::__call method in
        ext/soap/soap.c (bsc#971611).
    
      - CVE-2016-2554: Stack-based buffer overflow in
        ext/phar/tar.c in PHP allowed remote attackers to cause
        a denial of service (application crash) or possibly have
        unspecified other impact via a crafted TAR archive
        (bsc#968284).
    
      - CVE-2015-7803: The phar_get_entry_data function in
        ext/phar/util.c in PHP allowed remote attackers to cause
        a denial of service (NULL pointer dereference and
        application crash) via a .phar file with a crafted TAR
        archive entry in which the Link indicator references a
        file that did not exist (bsc#949961).
    
      - CVE-2015-6831: Multiple use-after-free vulnerabilities
        in SPL in PHP allowed remote attackers to execute
        arbitrary code via vectors involving (1) ArrayObject,
        (2) SplObjectStorage, and (3) SplDoublyLinkedList, which
        are mishandled during unserialization (bsc#942291).
    
      - CVE-2015-6833: Directory traversal vulnerability in the
        PharData class in PHP allowed remote attackers to write
        to arbitrary files via a .. (dot dot) in a ZIP archive
        entry that is mishandled during an extractTo call
        (bsc#942296.
    
      - CVE-2015-6836: The SoapClient __call method in
        ext/soap/soap.c in PHP did not properly manage headers,
        which allowed remote attackers to execute arbitrary code
        via crafted serialized data that triggers a 'type
        confusion' in the serialize_function_call function
        (bsc#945428).
    
      - CVE-2015-6837: The xsl_ext_function_php function in
        ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did
        not consider the possibility of a NULL valuePop return
        value proceeding with a free operation during initial
        error checking, which allowed remote attackers to cause
        a denial of service (NULL pointer dereference and
        application crash) via a crafted XML document, a
        different vulnerability than CVE-2015-6838 (bsc#945412).
    
      - CVE-2015-6838: The xsl_ext_function_php function in
        ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did
        not consider the possibility of a NULL valuePop return
        value proceeding with a free operation after the
        principal argument loop, which allowed remote attackers
        to cause a denial of service (NULL pointer dereference
        and application crash) via a crafted XML document, a
        different vulnerability than CVE-2015-6837 (bsc#945412).
    
      - CVE-2015-5590: Stack-based buffer overflow in the
        phar_fix_filepath function in ext/phar/phar.c in PHP
        allowed remote attackers to cause a denial of service or
        possibly have unspecified other impact via a large
        length value, as demonstrated by mishandling of an
        e-mail attachment by the imap PHP extension
        (bsc#938719).
    
      - CVE-2015-5589: The phar_convert_to_other function in
        ext/phar/phar_object.c in PHP did not validate a file
        pointer a close operation, which allowed remote
        attackers to cause a denial of service (segmentation
        fault) or possibly have unspecified other impact via a
        crafted TAR archive that is mishandled in a
        Phar::convertToData call (bsc#938721).
    
      - CVE-2015-4602: The __PHP_Incomplete_Class function in
        ext/standard/incomplete_class.c in PHP allowed remote
        attackers to cause a denial of service (application
        crash) or possibly execute arbitrary code via an
        unexpected data type, related to a 'type confusion'
        issue (bsc#935224).
    
      - CVE-2015-4599: The SoapFault::__toString method in
        ext/soap/soap.c in PHP allowed remote attackers to
        obtain sensitive information, cause a denial of service
        (application crash), or possibly execute arbitrary code
        via an unexpected data type, related to a 'type
        confusion' issue (bsc#935226).
    
      - CVE-2015-4600: The SoapClient implementation in PHP
        allowed remote attackers to cause a denial of service
        (application crash) or possibly execute arbitrary code
        via an unexpected data type, related to 'type confusion'
        issues in the (1) SoapClient::__getLastRequest, (2)
        SoapClient::__getLastResponse, (3)
        SoapClient::__getLastRequestHeaders, (4)
        SoapClient::__getLastResponseHeaders, (5)
        SoapClient::__getCookies, and (6)
        SoapClient::__setCookie methods (bsc#935226).
    
      - CVE-2015-4601: PHP allowed remote attackers to cause a
        denial of service (application crash) or possibly
        execute arbitrary code via an unexpected data type,
        related to 'type confusion' issues in (1)
        ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and
        (3) ext/soap/soap.c, a different issue than
        CVE-2015-4600 (bsc#935226.
    
      - CVE-2015-4603: The exception::getTraceAsString function
        in Zend/zend_exceptions.c in PHP allowed remote
        attackers to execute arbitrary code via an unexpected
        data type, related to a 'type confusion' issue
        (bsc#935234).
    
      - CVE-2015-4644: The php_pgsql_meta_data function in
        pgsql.c in the PostgreSQL (aka pgsql) extension in PHP
        did not validate token extraction for table names, which
        might allowed remote attackers to cause a denial of
        service (NULL pointer dereference and application crash)
        via a crafted name. NOTE: this vulnerability exists
        because of an incomplete fix for CVE-2015-1352
        (bsc#935274).
    
      - CVE-2015-4643: Integer overflow in the ftp_genlist
        function in ext/ftp/ftp.c in PHP allowed remote FTP
        servers to execute arbitrary code via a long reply to a
        LIST command, leading to a heap-based buffer overflow.
        NOTE: this vulnerability exists because of an incomplete
        fix for CVE-2015-4022 (bsc#935275).
    
      - CVE-2015-3411: PHP did not ensure that pathnames lack
        %00 sequences, which might have allowed remote attackers
        to read or write to arbitrary files via crafted input to
        an application that calls (1) a DOMDocument load method,
        (2) the xmlwriter_open_uri function, (3) the finfo_file
        function, or (4) the hash_hmac_file function, as
        demonstrated by a filename\0.xml attack that bypasses an
        intended configuration in which client users may read
        only .xml files (bsc#935227).
    
      - CVE-2015-3412: PHP did not ensure that pathnames lack
        %00 sequences, which might have allowed remote attackers
        to read arbitrary files via crafted input to an
        application that calls the stream_resolve_include_path
        function in ext/standard/streamsfuncs.c, as demonstrated
        by a filename\0.extension attack that bypasses an
        intended configuration in which client users may read
        files with only one specific extension (bsc#935229).
    
      - CVE-2015-4598: PHP did not ensure that pathnames lack
        %00 sequences, which might have allowed remote attackers
        to read or write to arbitrary files via crafted input to
        an application that calls (1) a DOMDocument save method
        or (2) the GD imagepsloadfont function, as demonstrated
        by a filename\0.html attack that bypasses an intended
        configuration in which client users may write to only
        .html files (bsc#935232).
    
      - CVE-2015-4148: The do_soap_call function in
        ext/soap/soap.c in PHP did not verify that the uri
        property is a string, which allowed remote attackers to
        obtain sensitive information by providing crafted
        serialized data with an int data type, related to a
        'type confusion' issue (bsc#933227).
    
      - CVE-2015-4024: Algorithmic complexity vulnerability in
        the multipart_buffer_headers function in main/rfc1867.c
        in PHP allowed remote attackers to cause a denial of
        service (CPU consumption) via crafted form data that
        triggers an improper order-of-growth outcome
        (bsc#931421).
    
      - CVE-2015-4026: The pcntl_exec implementation in PHP
        truncates a pathname upon encountering a \x00 character,
        which might allowed remote attackers to bypass intended
        extension restrictions and execute files with unexpected
        names via a crafted first argument. NOTE: this
        vulnerability exists because of an incomplete fix for
        CVE-2006-7243 (bsc#931776).
    
      - CVE-2015-4022: Integer overflow in the ftp_genlist
        function in ext/ftp/ftp.c in PHP allowed remote FTP
        servers to execute arbitrary code via a long reply to a
        LIST command, leading to a heap-based buffer overflow
        (bsc#931772).
    
      - CVE-2015-4021: The phar_parse_tarfile function in
        ext/phar/tar.c in PHP did not verify that the first
        character of a filename is different from the \0
        character, which allowed remote attackers to cause a
        denial of service (integer underflow and memory
        corruption) via a crafted entry in a tar archive
        (bsc#931769).
    
      - CVE-2015-3329: Multiple stack-based buffer overflows in
        the phar_set_inode function in phar_internal.h in PHP
        allowed remote attackers to execute arbitrary code via a
        crafted length value in a (1) tar, (2) phar, or (3) ZIP
        archive (bsc#928506).
    
      - CVE-2015-2783: ext/phar/phar.c in PHP allowed remote
        attackers to obtain sensitive information from process
        memory or cause a denial of service (buffer over-read
        and application crash) via a crafted length value in
        conjunction with crafted serialized data in a phar
        archive, related to the phar_parse_metadata and
        phar_parse_pharfile functions (bsc#928511).
    
      - CVE-2015-2787: Use-after-free vulnerability in the
        process_nested_data function in
        ext/standard/var_unserializer.re in PHP allowed remote
        attackers to execute arbitrary code via a crafted
        unserialize call that leverages use of the unset
        function within an __wakeup function, a related issue to
        CVE-2015-0231 (bsc#924972).
    
      - CVE-2014-9709: The GetCode_ function in gd_gif_in.c in
        GD 2.1.1 and earlier, as used in PHP allowed remote
        attackers to cause a denial of service (buffer over-read
        and application crash) via a crafted GIF image that is
        improperly handled by the gdImageCreateFromGif function
        (bsc#923945).
    
      - CVE-2015-2301: Use-after-free vulnerability in the
        phar_rename_archive function in phar_object.c in PHP
        allowed remote attackers to cause a denial of service or
        possibly have unspecified other impact via vectors that
        trigger an attempted renaming of a Phar archive to the
        name of an existing file (bsc#922452).
    
      - CVE-2015-2305: Integer overflow in the regcomp
        implementation in the Henry Spencer BSD regex library
        (aka rxspencer) 32-bit platforms might have allowed
        context-dependent attackers to execute arbitrary code
        via a large regular expression that leads to a
        heap-based buffer overflow (bsc#921950).
    
      - CVE-2014-9705: Heap-based buffer overflow in the
        enchant_broker_request_dict function in
        ext/enchant/enchant.c in PHP allowed remote attackers to
        execute arbitrary code via vectors that trigger creation
        of multiple dictionaries (bsc#922451).
    
      - CVE-2015-0273: Multiple use-after-free vulnerabilities
        in ext/date/php_date.c in PHP allowed remote attackers
        to execute arbitrary code via crafted serialized input
        containing a (1) R or (2) r type specifier in (a)
        DateTimeZone data handled by the
        php_date_timezone_initialize_from_hash function or (b)
        DateTime data handled by the
        php_date_initialize_from_hash function (bsc#918768).
    
      - CVE-2014-9652: The mconvert function in softmagic.c in
        file as used in the Fileinfo component in PHP did not
        properly handle a certain string-length field during a
        copy of a truncated version of a Pascal string, which
        might allowed remote attackers to cause a denial of
        service (out-of-bounds memory access and application
        crash) via a crafted file (bsc#917150).
    
      - CVE-2014-8142: Use-after-free vulnerability in the
        process_nested_data function in
        ext/standard/var_unserializer.re in PHP allowed remote
        attackers to execute arbitrary code via a crafted
        unserialize call that leverages improper handling of
        duplicate keys within the serialized properties of an
        object, a different vulnerability than CVE-2004-1019
        (bsc#910659).
    
      - CVE-2015-0231: Use-after-free vulnerability in the
        process_nested_data function in
        ext/standard/var_unserializer.re in PHP allowed remote
        attackers to execute arbitrary code via a crafted
        unserialize call that leverages improper handling of
        duplicate numerical keys within the serialized
        properties of an object. NOTE: this vulnerability exists
        because of an incomplete fix for CVE-2014-8142
        (bsc#910659).
    
      - CVE-2014-8142: Use-after-free vulnerability in the
        process_nested_data function in
        ext/standard/var_unserializer.re in PHP allowed remote
        attackers to execute arbitrary code via a crafted
        unserialize call that leverages improper handling of
        duplicate keys within the serialized properties of an
        object, a different vulnerability than CVE-2004-1019
        (bsc#910659).
    
      - CVE-2015-0232: The exif_process_unicode function in
        ext/exif/exif.c in PHP allowed remote attackers to
        execute arbitrary code or cause a denial of service
        (uninitialized pointer free and application crash) via
        crafted EXIF data in a JPEG image (bsc#914690).
    
      - CVE-2014-3670: The exif_ifd_make_value function in
        exif.c in the EXIF extension in PHP operates on
        floating-point arrays incorrectly, which allowed remote
        attackers to cause a denial of service (heap memory
        corruption and application crash) or possibly execute
        arbitrary code via a crafted JPEG image with TIFF
        thumbnail data that is improperly handled by the
        exif_thumbnail function (bsc#902357).
    
      - CVE-2014-3669: Integer overflow in the object_custom
        function in ext/standard/var_unserializer.c in PHP
        allowed remote attackers to cause a denial of service
        (application crash) or possibly execute arbitrary code
        via an argument to the unserialize function that
        triggers calculation of a large length value
        (bsc#902360).
    
      - CVE-2014-3668: Buffer overflow in the date_from_ISO8601
        function in the mkgmtime implementation in
        libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP
        allowed remote attackers to cause a denial of service
        (application crash) via (1) a crafted first argument to
        the xmlrpc_set_type function or (2) a crafted argument
        to the xmlrpc_decode function, related to an
        out-of-bounds read operation (bsc#902368).
    
      - CVE-2014-5459: The PEAR_REST class in REST.php in PEAR
        in PHP allowed local users to write to arbitrary files
        via a symlink attack on a (1) rest.cachefile or (2)
        rest.cacheid file in /tmp/pear/cache/, related to the
        retrieveCacheFirst and useLocalCache functions
        (bsc#893849).
    
      - CVE-2014-3597: Multiple buffer overflows in the
        php_parserr function in ext/standard/dns.c in PHP
        allowed remote DNS servers to cause a denial of service
        (application crash) or possibly execute arbitrary code
        via a crafted DNS record, related to the dns_get_record
        function and the dn_expand function. NOTE: this issue
        exists because of an incomplete fix for CVE-2014-4049
        (bsc#893853).
    
      - CVE-2014-4670: Use-after-free vulnerability in
        ext/spl/spl_dllist.c in the SPL component in PHP allowed
        context-dependent attackers to cause a denial of service
        or possibly have unspecified other impact via crafted
        iterator usage within applications in certain
        web-hosting environments (bsc#886059).
    
      - CVE-2014-4698: Use-after-free vulnerability in
        ext/spl/spl_array.c in the SPL component in PHP allowed
        context-dependent attackers to cause a denial of service
        or possibly have unspecified other impact via crafted
        ArrayIterator usage within applications in certain
        web-hosting environments (bsc#886060).
    
      - CVE-2014-4721: The phpinfo implementation in
        ext/standard/info.c in PHP did not ensure use of the
        string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE,
        PHP_AUTH_USER, and PHP_SELF variables, which might
        allowed context-dependent attackers to obtain sensitive
        information from process memory by using the integer
        data type with crafted values, related to a 'type
        confusion' vulnerability, as demonstrated by reading a
        private SSL key in an Apache HTTP Server web-hosting
        environment with mod_ssl and a PHP 5.3.x mod_php
        (bsc#885961).
    
      - CVE-2014-0207: The cdf_read_short_sector function in
        cdf.c in file as used in the Fileinfo component in PHP
        allowed remote attackers to cause a denial of service
        (assertion failure and application exit) via a crafted
        CDF file (bsc#884986).
    
      - CVE-2014-3478: Buffer overflow in the mconvert function
        in softmagic.c in file as used in the Fileinfo component
        in PHP allowed remote attackers to cause a denial of
        service (application crash) via a crafted Pascal string
        in a FILE_PSTRING conversion (bsc#884987).
    
      - CVE-2014-3479: The cdf_check_stream_offset function in
        cdf.c in file as used in the Fileinfo component in PHP
        relies on incorrect sector-size data, which allowed
        remote attackers to cause a denial of service
        (application crash) via a crafted stream offset in a CDF
        file (bsc#884989).
    
      - CVE-2014-3480: The cdf_count_chain function in cdf.c in
        file as used in the Fileinfo component in PHP did not
        properly validate sector-count data, which allowed
        remote attackers to cause a denial of service
        (application crash) via a crafted CDF file (bsc#884990).
    
      - CVE-2014-3487: The cdf_read_property_info function in
        file as used in the Fileinfo component in PHP did not
        properly validate a stream offset, which allowed remote
        attackers to cause a denial of service (application
        crash) via a crafted CDF file (bsc#884991).
    
      - CVE-2014-3515: The SPL component in PHP incorrectly
        anticipates that certain data structures will have the
        array data type after unserialization, which allowed
        remote attackers to execute arbitrary code via a crafted
        string that triggers use of a Hashtable destructor,
        related to 'type confusion' issues in (1) ArrayObject
        and (2) SPLObjectStorage (bsc#884992).
    
    The update package also includes non-security fixes. See advisory for
    details.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=884986"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=884987"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=884989"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=884990"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=884991"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=884992"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=885961"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=886059"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=886060"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=893849"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=893853"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=902357"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=902360"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=902368"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=910659"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=914690"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=917150"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=918768"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=919080"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=921950"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=922451"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=922452"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=923945"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=924972"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=925109"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=928506"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=928511"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=931421"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=931769"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=931772"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=931776"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=933227"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=935074"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=935224"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=935226"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=935227"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=935229"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=935232"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=935234"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=935274"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=935275"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=938719"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=938721"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=942291"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=942296"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=945412"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=945428"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=949961"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=968284"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=969821"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=971611"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=971612"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=971912"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=973351"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=973792"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=976996"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=976997"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=977003"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=977005"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=977991"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=977994"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=978827"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=978828"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=978829"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=978830"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=980366"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=980373"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=980375"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=981050"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=982010"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=982011"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=982012"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=982013"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=982162"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2004-1019/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2006-7243/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-0207/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-3478/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-3479/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-3480/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-3487/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-3515/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-3597/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-3668/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-3669/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-3670/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-4049/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-4670/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-4698/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-4721/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-5459/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-8142/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-9652/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-9705/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-9709/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-9767/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-0231/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-0232/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-0273/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-1352/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-2301/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-2305/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-2783/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-2787/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-3152/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-3329/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-3411/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-3412/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4021/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4022/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4024/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4026/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4116/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4148/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4598/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4599/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4600/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4601/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4602/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4603/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4643/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-4644/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-5161/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-5589/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-5590/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-6831/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-6833/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-6836/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-6837/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-6838/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-7803/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-8835/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-8838/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-8866/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-8867/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-8873/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-8874/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-8879/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-2554/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-3141/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-3142/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-3185/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-4070/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-4073/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-4342/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-4346/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-4537/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-4538/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-4539/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-4540/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-4541/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-4542/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-4543/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-4544/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-5093/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-5094/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-5095/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-5096/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-5114/"
      );
      # https://www.suse.com/support/update/announcement/2016/suse-su-20161638-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?dc947fb9"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Server 11-SP2-LTSS :
    
    zypper in -t patch slessp2-php53-12621=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(20);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php53");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-fileinfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-pear");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-suhosin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php53-zlib");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2005/01/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/06/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/08/29");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES11", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES11" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP2", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES11", sp:"2", reference:"apache2-mod_php53-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-bcmath-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-bz2-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-calendar-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-ctype-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-curl-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-dba-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-dom-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-exif-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-fastcgi-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-fileinfo-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-ftp-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-gd-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-gettext-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-gmp-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-iconv-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-intl-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-json-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-ldap-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-mbstring-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-mcrypt-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-mysql-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-odbc-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-openssl-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-pcntl-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-pdo-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-pear-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-pgsql-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-pspell-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-shmop-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-snmp-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-soap-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-suhosin-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-sysvmsg-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-sysvsem-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-sysvshm-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-tokenizer-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-wddx-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-xmlreader-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-xmlrpc-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-xmlwriter-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-xsl-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-zip-5.3.17-47.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"2", reference:"php53-zlib-5.3.17-47.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php53");
    }
    
  • NASL familyCGI abuses
    NASL idPHP_5_6_11.NASL
    descriptionAccording to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.11. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability, known as
    last seen2020-06-01
    modified2020-06-02
    plugin id84673
    published2015-07-10
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84673
    titlePHP 5.6.x < 5.6.11 Multiple Vulnerabilities (BACKRONYM)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(84673);
      script_version("1.16");
      script_cvs_date("Date: 2019/03/27 13:17:50");
    
      script_cve_id(
        "CVE-2015-3152",
        "CVE-2015-5589",
        "CVE-2015-5590",
        "CVE-2015-8838"
      );
      script_bugtraq_id(
        74398,
        75970,
        75974,
        88763
      );
    
      script_name(english:"PHP 5.6.x < 5.6.11 Multiple Vulnerabilities (BACKRONYM)");
      script_summary(english:"Checks the version of PHP.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote web server uses a version of PHP that is affected by
    multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "According to its banner, the version of PHP 5.6.x running on the
    remote web server is prior to 5.6.11. It is, therefore, affected by
    multiple vulnerabilities :
    
      - A security feature bypass vulnerability, known as
        'BACKRONYM', exists due to a failure to properly enforce
        the requirement of an SSL/TLS connection when the --ssl
        client option is used. A man-in-the-middle attacker can
        exploit this flaw to coerce the client to downgrade to
        an unencrypted connection, allowing the attacker to
        disclose data from the database or manipulate database
        queries. (CVE-2015-3152)
    
      - A flaw in the phar_convert_to_other function in
        ext/phar/phar_object.c could allow a remote attacker
        to cause a denial of service. (CVE-2015-5589)
    
      - A Stack-based buffer overflow in the phar_fix_filepath
        function in ext/phar/phar.c could allow a remote attacker
        to cause a denial of service. (CVE-2015-5590)
    
      - A flaw exists in the PHP Connector/C component due to a
        failure to properly enforce the requirement of an
        SSL/TLS connection when the --ssl client option is used.
        A man-in-the-middle attacker can exploit this to
        downgrade the connection to plain HTTP when HTTPS is
        expected. (CVE-2015-8838)
        
      - A use-after-free error exists in the
        spl_recursive_it_move_forward_ex() function. An attacker
        can exploit this to dereference already freed memory,
        potentially allowing the execution of arbitrary code.
    
      - A use-after-free error exists in the
        sqlite3SafetyCheckSickOrOk() function. An attacker can
        exploit this to dereference already freed memory,
        potentially allowing the execution of arbitrary code.
    
      - The '!' character is not treated as a special character
        when delayed variable substitution is enabled. The
        functions escapeshellcmd() and escapeshellarg() are
        unable to properly sanitize arguments containing '!'.
        An attacker can exploit this to execute arbitrary
        commands.
    
      - A double-free flaw exists in zend_vm_execute.h due to
        improper handling of certain code. An attacker can
        exploit this flaw to crash a PHP application, resulting
        in a denial of service condition.
    
    Note that Nessus has not tested for these issues but has instead
    relied only on the application's self-reported version number.");
      script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-5.php#5.6.11");
      script_set_attribute(attribute:"see_also", value:"http://backronym.fail/");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to PHP version 5.6.11 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-5589");
      script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2013/12/03");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/07/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/07/10");
    
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:php:php");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"CGI abuses");
    
      script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("php_version.nasl");
      script_require_keys("www/PHP");
      script_require_ports("Services/www", 80);
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("http.inc");
    include("webapp_func.inc");
    
    port = get_http_port(default:80, php:TRUE);
    
    php = get_php_from_kb(
      port : port,
      exit_on_fail : TRUE
    );
    
    version = php["ver"];
    source = php["src"];
    
    backported = get_kb_item('www/php/'+port+'/'+version+'/backported');
    
    if (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, "PHP "+version+" install");
    
    # Check that it is the correct version of PHP
    if (version =~ "^5(\.6)?$") audit(AUDIT_VER_NOT_GRANULAR, "PHP", port, version);
    if (version !~ "^5\.6\.") audit(AUDIT_NOT_DETECT, "PHP version 5.6.x", port);
    
    if (version =~ "^5\.6\.([0-9]|10)($|[^0-9])")
    {
      if (report_verbosity > 0)
      {
        report =
          '\n  Version source    : '+source +
          '\n  Installed version : '+version +
          '\n  Fixed version     : 5.6.11' +
          '\n';
        security_hole(port:port, extra:report);
      }
      else security_hole(port);
      exit(0);
    }
    else audit(AUDIT_LISTEN_NOT_VULN, "PHP", port, version);
    
  • NASL familyFirewalls
    NASL idPFSENSE_SA-15_07.NASL
    descriptionAccording to its self-reported version number, the remote pfSense install is prior to 2.2.4. It is, therefore, affected by multiple vulnerabilities as stated in the referenced vendor advisories.
    last seen2020-06-01
    modified2020-06-02
    plugin id106496
    published2018-01-31
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106496
    titlepfSense < 2.2.4 Multiple Vulnerabilities (SA-15_07)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(106496);
      script_version("1.7");
      script_cvs_date("Date: 2019/11/08");
    
      script_cve_id("CVE-2015-3152", "CVE-2015-5358", "CVE-2015-8838");
      script_bugtraq_id(74398);
      script_xref(name:"FreeBSD", value:"SA-15:13.tcp");
    
      script_name(english:"pfSense < 2.2.4 Multiple Vulnerabilities (SA-15_07)");
      script_summary(english:"Checks the version of pfSense.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote firewall host is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "According to its self-reported version number, the remote pfSense
    install is prior to 2.2.4. It is, therefore, affected by multiple
    vulnerabilities as stated in the referenced vendor advisories.");
      script_set_attribute(attribute:"see_also", value:"https://doc.pfsense.org/index.php/2.2.4_New_Features_and_Changes");
      # https://www.pfsense.org/security/advisories/pfSense-SA-15_07.webgui.asc
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6ba5db4c");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to pfSense version 2.2.4 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-8838");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/07/26");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/07/26");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/01/31");
    
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:pfsense:pfsense");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:bsdperimeter:pfsense");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Firewalls");
    
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("pfsense_detect.nbin");
      script_require_keys("Host/pfSense");
    
      exit(0);
    }
    
    include("vcf.inc");
    include("vcf_extras.inc");
    
    if (!get_kb_item("Host/pfSense")) audit(AUDIT_HOST_NOT, "pfSense");
    
    app_info = vcf::pfsense::get_app_info();
    constraints = [
      { "fixed_version" : "2.2.4" }
    ];
    
    vcf::pfsense::check_version_and_report(
      app_info:app_info,
      constraints:constraints,
      severity:SECURITY_WARNING,
      flags:{xss:TRUE}
    );
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-1166-1.NASL
    descriptionThis update for php5 fixes the following security issues : - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM (bnc#973792). - CVE-2015-8835: SoapClient s_call method suffered from a type confusion issue that could have lead to crashes [bsc#973351] - CVE-2016-2554: A NULL pointer dereference in phar_get_fp_offset could lead to crashes. [bsc#968284] Note: we do not ship the phar extension currently, so we are not affected. - CVE-2016-3141: A use-after-free / double-free in the WDDX deserialization could lead to crashes or potential code execution. [bsc#969821] - CVE-2016-3142: An Out-of-bounds read in phar_parse_zipfile() could lead to crashes. [bsc#971912] Note: we do not ship the phar extension currently, so we are not affected. - CVE-2014-9767: A directory traversal when extracting zip files was fixed that could lead to overwritten files. [bsc#971612] - CVE-2016-3185: A type confusion vulnerability in make_http_soap_request() could lead to crashes or potentially code execution. [bsc#971611] Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-24
    modified2019-01-02
    plugin id119975
    published2019-01-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119975
    titleSUSE SLES12 Security Update : php5 (SUSE-SU-2016:1166-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2016:1166-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(119975);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/23");
    
      script_cve_id("CVE-2014-9767", "CVE-2015-8835", "CVE-2015-8838", "CVE-2016-2554", "CVE-2016-3141", "CVE-2016-3142", "CVE-2016-3185");
    
      script_name(english:"SUSE SLES12 Security Update : php5 (SUSE-SU-2016:1166-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for php5 fixes the following security issues :
    
      - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM
        (bnc#973792).
    
      - CVE-2015-8835: SoapClient s_call method suffered from a
        type confusion issue that could have lead to crashes
        [bsc#973351]
    
      - CVE-2016-2554: A NULL pointer dereference in
        phar_get_fp_offset could lead to crashes. [bsc#968284]
        Note: we do not ship the phar extension currently, so we
        are not affected.
    
      - CVE-2016-3141: A use-after-free / double-free in the
        WDDX deserialization could lead to crashes or potential
        code execution. [bsc#969821]
    
      - CVE-2016-3142: An Out-of-bounds read in
        phar_parse_zipfile() could lead to crashes. [bsc#971912]
        Note: we do not ship the phar extension currently, so we
        are not affected.
    
      - CVE-2014-9767: A directory traversal when extracting zip
        files was fixed that could lead to overwritten files.
        [bsc#971612]
    
      - CVE-2016-3185: A type confusion vulnerability in
        make_http_soap_request() could lead to crashes or
        potentially code execution. [bsc#971611]
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=968284"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=969821"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=971611"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=971612"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=971912"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=973351"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=973792"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2014-9767/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-8835/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2015-8838/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-2554/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-3141/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-3142/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-3185/"
      );
      # https://www.suse.com/support/update/announcement/2016/suse-su-20161166-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?0f6bf5ef"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 12-SP1 :
    
    zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-688=1
    
    SUSE Linux Enterprise Software Development Kit 12 :
    
    zypper in -t patch SUSE-SLE-SDK-12-2016-688=1
    
    SUSE Linux Enterprise Module for Web Scripting 12 :
    
    zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2016-688=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-curl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dba-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dom-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-exif-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fileinfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-intl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-json-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-opcache");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-opcache-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-posix-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-soap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-suhosin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zip-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zlib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/03/31");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/04/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/02");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php5-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php5-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bcmath-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bcmath-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bz2-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bz2-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-calendar-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-calendar-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ctype-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ctype-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-curl-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-curl-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dba-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dba-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-debugsource-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dom-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dom-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-enchant-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-enchant-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-exif-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-exif-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fastcgi-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fastcgi-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fileinfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fileinfo-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fpm-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fpm-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ftp-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ftp-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gd-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gd-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gettext-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gettext-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gmp-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gmp-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-iconv-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-iconv-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-intl-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-intl-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-json-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-json-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ldap-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ldap-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mbstring-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mbstring-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mcrypt-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mcrypt-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mysql-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mysql-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-odbc-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-odbc-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-opcache-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-opcache-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-openssl-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-openssl-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pcntl-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pcntl-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pdo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pdo-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pgsql-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pgsql-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-posix-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-posix-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pspell-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pspell-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-shmop-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-shmop-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-snmp-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-snmp-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-soap-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-soap-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sockets-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sockets-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sqlite-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sqlite-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-suhosin-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-suhosin-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvmsg-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvmsg-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvsem-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvsem-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvshm-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvshm-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-tokenizer-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-tokenizer-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-wddx-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-wddx-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlreader-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlreader-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlrpc-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlrpc-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlwriter-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlwriter-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xsl-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xsl-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zip-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zip-debuginfo-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zlib-5.5.14-53.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zlib-debuginfo-5.5.14-53.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php5");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-516.NASL
    descriptionThis update for php5 fixes the following security issues : - bsc#974305: buffer overflow in libmagic - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM (bnc#973792). - CVE-2015-8835: SoapClient s__call method suffered from type confusion issue (bnc#973351). - CVE-2016-3141: A use-after-free / double-free in the WDDX deserialization could lead to crashes or potential code execution. [bsc#969821] - CVE-2016-3142: An Out-of-bounds read in phar_parse_zipfile() could lead to crashes. [bsc#971912] - CVE-2014-9767: A directory traversal when extracting zip files was fixed that could lead to overwritten files. [bsc#971612] - CVE-2016-3185: A type confusion vulnerability in make_http_soap_request() could lead to crashes or potentially code execution. [bsc#971611]
    last seen2020-06-05
    modified2016-04-28
    plugin id90772
    published2016-04-28
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/90772
    titleopenSUSE Security Update : php5 (openSUSE-2016-516)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2016-516.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(90772);
      script_version("2.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2014-9767", "CVE-2015-8835", "CVE-2015-8838", "CVE-2016-3141", "CVE-2016-3142", "CVE-2016-3185");
    
      script_name(english:"openSUSE Security Update : php5 (openSUSE-2016-516)");
      script_summary(english:"Check for the openSUSE-2016-516 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for php5 fixes the following security issues :
    
      - bsc#974305: buffer overflow in libmagic 
    
      - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM
        (bnc#973792).
    
      - CVE-2015-8835: SoapClient s__call method suffered from
        type confusion issue (bnc#973351).
    
      - CVE-2016-3141: A use-after-free / double-free in the
        WDDX deserialization could lead to crashes or potential
        code execution. [bsc#969821]
    
      - CVE-2016-3142: An Out-of-bounds read in
        phar_parse_zipfile() could lead to crashes. [bsc#971912]
    
      - CVE-2014-9767: A directory traversal when extracting zip
        files was fixed that could lead to overwritten files.
        [bsc#971612]
    
      - CVE-2016-3185: A type confusion vulnerability in
        make_http_soap_request() could lead to crashes or
        potentially code execution. [bsc#971611]"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=969821"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=971611"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=971612"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=971912"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=973351"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=973792"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=974305"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected php5 packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/04/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/04/28");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE13\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE13.2", reference:"apache2-mod_php5-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"apache2-mod_php5-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-bcmath-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-bcmath-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-bz2-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-bz2-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-calendar-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-calendar-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-ctype-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-ctype-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-curl-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-curl-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-dba-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-dba-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-debugsource-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-devel-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-dom-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-dom-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-enchant-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-enchant-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-exif-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-exif-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-fastcgi-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-fastcgi-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-fileinfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-fileinfo-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-firebird-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-firebird-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-fpm-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-fpm-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-ftp-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-ftp-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-gd-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-gd-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-gettext-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-gettext-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-gmp-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-gmp-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-iconv-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-iconv-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-imap-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-imap-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-intl-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-intl-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-json-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-json-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-ldap-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-ldap-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mbstring-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mbstring-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mcrypt-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mcrypt-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mssql-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mssql-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mysql-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-mysql-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-odbc-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-odbc-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-opcache-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-opcache-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-openssl-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-openssl-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pcntl-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pcntl-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pdo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pdo-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pear-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pgsql-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pgsql-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-phar-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-phar-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-posix-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-posix-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pspell-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-pspell-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-readline-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-readline-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-shmop-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-shmop-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-snmp-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-snmp-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-soap-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-soap-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sockets-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sockets-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sqlite-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sqlite-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-suhosin-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-suhosin-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvmsg-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvmsg-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvsem-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvsem-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvshm-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvshm-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-tidy-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-tidy-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-tokenizer-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-tokenizer-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-wddx-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-wddx-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlreader-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlreader-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlrpc-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlrpc-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlwriter-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlwriter-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xsl-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-xsl-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-zip-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-zip-debuginfo-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-zlib-5.6.1-53.3") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"php5-zlib-debuginfo-5.6.1-53.3") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc");
    }
    
  • NASL familyCGI abuses
    NASL idPHP_5_5_27.NASL
    descriptionAccording to its banner, the version of PHP 5.5.x running on the remote web server is prior to 5.5.27. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability, known as
    last seen2020-06-01
    modified2020-06-02
    plugin id84672
    published2015-07-10
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84672
    titlePHP 5.5.x < 5.5.27 Multiple Vulnerabilities (BACKRONYM)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2952-1.NASL
    descriptionIt was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. (CVE-2014-9767) It was discovered that the PHP Soap client incorrectly validated data types. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-8835, CVE-2016-3185) It was discovered that the PHP MySQL native driver incorrectly handled TLS connections to MySQL databases. A man in the middle attacker could possibly use this issue to downgrade and snoop on TLS connections. This vulnerability is known as BACKRONYM. (CVE-2015-8838) It was discovered that PHP incorrectly handled the imagerotate function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-1903) Hans Jerry Illikainen discovered that the PHP phar extension incorrectly handled certain tar archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-2554) It was discovered that the PHP WDDX extension incorrectly handled certain malformed XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-3141) It was discovered that the PHP phar extension incorrectly handled certain zip files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2016-3142) It was discovered that the PHP libxml_disable_entity_loader() setting was shared between threads. When running under PHP-FPM, this could result in XML external entity injection and entity expansion issues. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (No CVE number) It was discovered that the PHP openssl_random_pseudo_bytes() function did not return cryptographically strong pseudo-random bytes. (No CVE number) It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending) It was discovered that the PHP php_snmp_error() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE number pending) It was discovered that the PHP rawurlencode() function incorrectly handled large strings. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE number pending) It was discovered that the PHP phar extension incorrectly handled certain filenames in archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending) It was discovered that the PHP mb_strcut() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id90677
    published2016-04-22
    reporterUbuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90677
    titleUbuntu 12.04 LTS / 14.04 LTS / 15.10 : php5 vulnerabilities (USN-2952-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2952-2.NASL
    descriptionUSN-2952-1 fixed vulnerabilities in PHP. One of the backported patches caused a regression in the PHP Soap client. This update fixes the problem. We apologize for the inconvenience. It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. (CVE-2014-9767) It was discovered that the PHP Soap client incorrectly validated data types. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-8835, CVE-2016-3185) It was discovered that the PHP MySQL native driver incorrectly handled TLS connections to MySQL databases. A man in the middle attacker could possibly use this issue to downgrade and snoop on TLS connections. This vulnerability is known as BACKRONYM. (CVE-2015-8838) It was discovered that PHP incorrectly handled the imagerotate function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-1903) Hans Jerry Illikainen discovered that the PHP phar extension incorrectly handled certain tar archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-2554) It was discovered that the PHP WDDX extension incorrectly handled certain malformed XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-3141) It was discovered that the PHP phar extension incorrectly handled certain zip files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2016-3142) It was discovered that the PHP libxml_disable_entity_loader() setting was shared between threads. When running under PHP-FPM, this could result in XML external entity injection and entity expansion issues. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (No CVE number) It was discovered that the PHP openssl_random_pseudo_bytes() function did not return cryptographically strong pseudo-random bytes. (No CVE number) It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending) It was discovered that the PHP php_snmp_error() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE number pending) It was discovered that the PHP rawurlencode() function incorrectly handled large strings. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE number pending) It was discovered that the PHP phar extension incorrectly handled certain filenames in archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending) It was discovered that the PHP mb_strcut() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id90825
    published2016-05-02
    reporterUbuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90825
    titleUbuntu 15.10 : php5 regression (USN-2952-2)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-1581-1.NASL
    descriptionThis update for php53 fixes the following issues : - CVE-2016-5093: A get_icu_value_internal out-of-bounds read could crash the php interpreter (bsc#982010) - CVE-2016-5094,CVE-2016-5095: Don
    last seen2020-06-01
    modified2020-06-02
    plugin id91665
    published2016-06-17
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91665
    titleSUSE SLES11 Security Update : php53 (SUSE-SU-2016:1581-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-1145-1.NASL
    descriptionThis update for php53 fixes the following issues : - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM (bnc#973792). - CVE-2015-8835: SoapClient s_call method suffered from a type confusion issue that could have lead to crashes [bsc#973351] - CVE-2016-2554: A NULL pointer dereference in phar_get_fp_offset could lead to crashes. [bsc#968284] Note: we do not ship the phar extension currently, so we are not affected. - CVE-2015-7803: A Stack overflow vulnerability when decompressing tar phar archives could potentially lead to code execution. [bsc#949961] Note: we do not ship the phar extension currently, so we are not affected. - CVE-2016-3141: A use-after-free / double-free in the WDDX deserialization could lead to crashes or potential code execution. [bsc#969821] - CVE-2016-3142: An Out-of-bounds read in phar_parse_zipfile() could lead to crashes. [bsc#971912] Note: we do not ship the phar extension currently, so we are not affected. - CVE-2014-9767: A directory traversal when extracting zip files was fixed that could lead to overwritten files. [bsc#971612] - CVE-2016-3185: A type confusion vulnerability in make_http_soap_request() could lead to crashes or potentially code execution. [bsc#971611] Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id90757
    published2016-04-27
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90757
    titleSUSE SLES11 Security Update : php53 (SUSE-SU-2016:1145-1)