Vulnerabilities > CVE-2016-1903 - Information Exposure vulnerability in PHP

CVSS 9.1 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

php

CWE-200

critical

nessus

NVD

Published: 2016-01-19

Updated: 2018-01-05

Summary

The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function.

Vulnerable Configurations

Part	Description	Count
Application	Php PHP PHP 5.6.1 PHP PHP 5.6.0 PHP PHP 5.6.5 PHP PHP 5.6.12 PHP PHP 5.6.13 PHP PHP 5.6.4 PHP PHP 5.6.6 PHP PHP 7.0.1 PHP PHP 5.6.11 PHP PHP 5.6.2 PHP PHP 5.6.10 PHP PHP 5.6.7 PHP PHP - PHP PHP 0.1 PHP PHP 0.1.1 PHP PHP 0.2 PHP PHP 0.2.0 PHP PHP 0.2.1 PHP PHP 0.2.2 PHP PHP 0.2.3 PHP PHP 0.2.4 PHP PHP 0.3 PHP PHP 0.4 PHP PHP 0.5 PHP PHP 0.5.2 PHP PHP 0.5.3 PHP PHP 0.6 PHP PHP 0.7 PHP PHP 0.9 PHP PHP 0.9.0 PHP PHP 0.9.1 PHP PHP 0.9.2 PHP PHP 0.9.3 PHP PHP 0.9.4 PHP PHP 0.10 PHP PHP 0.11 PHP PHP 0.90 PHP PHP 0.91 PHP PHP 1.0 PHP PHP 1.0.0 PHP PHP 1.0.1 PHP PHP 1.0.2 PHP PHP 1.0.3 PHP PHP 1.0.4 PHP PHP 1.1 PHP PHP 1.1.0 PHP PHP 1.1.1 PHP PHP 1.2 PHP PHP 1.2.0 PHP PHP 1.2.1 PHP PHP 1.2.2 PHP PHP 1.2.3 PHP PHP 1.2.4 PHP PHP 1.2.5 PHP PHP 1.3 PHP PHP 1.3.1 PHP PHP 1.3.5 PHP PHP 1.4 PHP PHP 1.5 PHP PHP 2.0 PHP PHP 2.0.0 PHP PHP 2.0.1 PHP PHP 2.0.2 PHP PHP 2.0B10 PHP PHP 3.0 PHP PHP 3.0.1 PHP PHP 3.0.2 PHP PHP 3.0.3 PHP PHP 3.0.4 PHP PHP 3.0.5 PHP PHP 3.0.6 PHP PHP 3.0.7 PHP PHP 3.0.8 PHP PHP 3.0.9 PHP PHP 3.0.10 PHP PHP 3.0.11 PHP PHP 3.0.12 PHP PHP 3.0.13 PHP PHP 3.0.14 PHP PHP 3.0.15 PHP PHP 3.0.16 PHP PHP 3.0.17 PHP PHP 3.0.18 PHP PHP 4.0 PHP PHP 4.0.0 PHP PHP 4.0.1 PHP PHP 4.0.2 PHP PHP 4.0.3 PHP PHP 4.0.4 PHP PHP 4.0.5 PHP PHP 4.0.6 PHP PHP 4.0.7 PHP PHP 4.1.0 PHP PHP 4.1.1 PHP PHP 4.1.2 PHP PHP 4.1.3 PHP PHP 4.2 PHP PHP 4.2.0 PHP PHP 4.2.1 PHP PHP 4.2.2 PHP PHP 4.2.3 PHP PHP 4.2.4 PHP PHP 4.3 PHP PHP 4.3.0 PHP PHP 4.3.1 PHP PHP 4.3.2 PHP PHP 4.3.3 PHP PHP 4.3.4 PHP PHP 4.3.5 PHP PHP 4.3.6 PHP PHP 4.3.7 PHP PHP 4.3.8 PHP PHP 4.3.9 PHP PHP 4.3.10 PHP PHP 4.3.11 PHP PHP 4.4.0 PHP PHP 4.4.1 PHP PHP 4.4.2 PHP PHP 4.4.3 PHP PHP 4.4.4 PHP PHP 4.4.5 PHP PHP 4.4.6 PHP PHP 4.4.7 PHP PHP 4.4.8 PHP PHP 4.4.9 PHP PHP 5.0.0 PHP PHP 5.0.1 PHP PHP 5.0.2 PHP PHP 5.0.3 PHP PHP 5.0.4 PHP PHP 5.0.5 PHP PHP 5.1 PHP PHP 5.1.0 PHP PHP 5.1.1 PHP PHP 5.1.2 PHP PHP 5.1.3 PHP PHP 5.1.4 PHP PHP 5.1.5 PHP PHP 5.1.6 PHP PHP 5.2.0 PHP PHP 5.2.1 PHP PHP 5.2.2 PHP PHP 5.2.3 PHP PHP 5.2.4 PHP PHP 5.2.5 PHP PHP 5.2.6 PHP PHP 5.2.7 PHP PHP 5.2.8 PHP PHP 5.2.9 PHP PHP 5.2.10 PHP PHP 5.2.11 PHP PHP 5.2.12 PHP PHP 5.2.13 PHP PHP 5.2.14 PHP PHP 5.2.15 PHP PHP 5.2.16 PHP PHP 5.2.17 PHP PHP 5.3.0 PHP PHP 5.3.1 PHP PHP 5.3.2 PHP PHP 5.3.3 PHP PHP 5.3.4 PHP PHP 5.3.5 PHP PHP 5.3.6 PHP PHP 5.3.7 PHP PHP 5.3.8 PHP PHP 5.3.9 PHP PHP 5.3.10 PHP PHP 5.3.11 PHP PHP 5.3.12 PHP PHP 5.3.13 PHP PHP 5.3.14 PHP PHP 5.3.15 PHP PHP 5.3.16 PHP PHP 5.3.17 PHP PHP 5.3.18 PHP PHP 5.3.19 PHP PHP 5.3.20 PHP PHP 5.3.21 PHP PHP 5.3.22 PHP PHP 5.3.23 PHP PHP 5.3.24 PHP PHP 5.3.25 PHP PHP 5.3.26 PHP PHP 5.3.27 PHP PHP 5.3.28 PHP PHP 5.3.29 PHP PHP 5.4.0 PHP PHP 5.4.1 PHP PHP 5.4.2 PHP PHP 5.4.3 PHP PHP 5.4.4 PHP PHP 5.4.5 PHP PHP 5.4.6 PHP PHP 5.4.7 PHP PHP 5.4.8 PHP PHP 5.4.9 PHP PHP 5.4.10 PHP PHP 5.4.11 PHP PHP 5.4.12 PHP PHP 5.4.13 PHP PHP 5.4.14 PHP PHP 5.4.15 PHP PHP 5.4.16 PHP PHP 5.4.17 PHP PHP 5.4.18 PHP PHP 5.4.19 PHP PHP 5.4.20 PHP PHP 5.4.21 PHP PHP 5.4.22 PHP PHP 5.4.23 PHP PHP 5.4.24 PHP PHP 5.4.25 PHP PHP 5.4.26 PHP PHP 5.4.27 PHP PHP 5.4.28 PHP PHP 5.4.29 PHP PHP 5.4.30 PHP PHP 5.4.31 PHP PHP 5.4.32 PHP PHP 5.4.33 PHP PHP 5.4.34 PHP PHP 5.4.35 PHP PHP 5.4.36 PHP PHP 5.4.37 PHP PHP 5.4.38 PHP PHP 5.4.39 PHP PHP 5.4.40 PHP PHP 5.4.41 PHP PHP 5.4.42 PHP PHP 5.4.43 PHP PHP 5.4.44 PHP PHP 5.4.45 PHP PHP 5.5.0 PHP PHP 5.5.1 PHP PHP 5.5.2 PHP PHP 5.5.3 PHP PHP 5.5.4 PHP PHP 5.5.5 PHP PHP 5.5.6 PHP PHP 5.5.7 PHP PHP 5.5.8 PHP PHP 5.5.9 PHP PHP 5.5.10 PHP PHP 5.5.11 PHP PHP 5.5.12 PHP PHP 5.5.13 PHP PHP 5.5.14 PHP PHP 5.5.15 PHP PHP 5.5.16 PHP PHP 5.5.17 PHP PHP 5.5.18 PHP PHP 5.5.19 PHP PHP 5.5.20 PHP PHP 5.5.21 PHP PHP 5.5.22 PHP PHP 5.5.23 PHP PHP 5.5.24 PHP PHP 5.5.25 PHP PHP 5.5.26 PHP PHP 5.5.27 PHP PHP 5.5.28 PHP PHP 5.5.29 PHP PHP 5.5.30 PHP PHP 5.6.15 PHP PHP 5.6.16 PHP PHP 5.6.9 PHP PHP 5.6.3 PHP PHP 7.0.0 PHP PHP 5.6.8 PHP PHP 5.6.14	735

Common Weakness Enumeration (CWE)

CWE-200 - Information Exposure

Common Attack Pattern Enumeration and Classification (CAPEC)

Subverting Environment Variable Values
The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
Footprinting
An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
Exploiting Trust in Client (aka Make the Client Invisible)
An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
Browser Fingerprinting
An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.

Nessus

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2016-0284-1.NASL
description	This update for php5 fixes the following issues : - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service (DoS) [bsc#949961] - CVE-2016-1903: Specially crafted image files could could allow remote attackers read unspecified memory when rotating images [bsc#962057] Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-24
modified	2019-01-02
plugin id	119973
published	2019-01-02
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/119973
title	SUSE SLES12 Security Update : php5 (SUSE-SU-2016:0284-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2016:0284-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(119973); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/23"); script_cve_id("CVE-2015-7803", "CVE-2016-1903"); script_name(english:"SUSE SLES12 Security Update : php5 (SUSE-SU-2016:0284-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for php5 fixes the following issues : - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service (DoS) [bsc#949961] - CVE-2016-1903: Specially crafted image files could could allow remote attackers read unspecified memory when rotating images [bsc#962057] Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=949961" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=962057" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2015-7803/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1903/" ); # https://www.suse.com/support/update/announcement/2016/suse-su-20160284-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?7538eb50" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Software Development Kit 12-SP1 : zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-174=1 SUSE Linux Enterprise Software Development Kit 12 : zypper in -t patch SUSE-SLE-SDK-12-2016-174=1 SUSE Linux Enterprise Module for Web Scripting 12 : zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2016-174=1 To bring your system up-to-date, use 'zypper patch'." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bz2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-calendar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ctype"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dba-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dom"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dom-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-exif"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-exif-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fastcgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fileinfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ftp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gettext"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-iconv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-intl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-json-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-opcache-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pcntl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-posix"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-posix-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-shmop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-soap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sockets"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sqlite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-suhosin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvmsg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvsem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvshm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-tokenizer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-wddx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlreader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlwriter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xsl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zip-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zlib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/11"); script_set_attribute(attribute:"patch_publication_date", value:"2016/01/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release !~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S\|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php5-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php5-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bcmath-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bcmath-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bz2-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bz2-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-calendar-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-calendar-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ctype-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ctype-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-curl-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-curl-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dba-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dba-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-debugsource-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dom-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dom-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-enchant-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-enchant-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-exif-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-exif-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fastcgi-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fastcgi-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fileinfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fileinfo-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fpm-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fpm-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ftp-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ftp-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gd-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gd-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gettext-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gettext-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gmp-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gmp-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-iconv-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-iconv-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-intl-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-intl-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-json-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-json-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ldap-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ldap-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mbstring-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mbstring-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mcrypt-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mcrypt-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mysql-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mysql-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-odbc-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-odbc-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-opcache-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-opcache-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-openssl-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-openssl-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pcntl-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pcntl-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pdo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pdo-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pgsql-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pgsql-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-posix-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-posix-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pspell-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pspell-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-shmop-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-shmop-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-snmp-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-snmp-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-soap-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-soap-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sockets-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sockets-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sqlite-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sqlite-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-suhosin-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-suhosin-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvmsg-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvmsg-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvsem-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvsem-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvshm-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvshm-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-tokenizer-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-tokenizer-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-wddx-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-wddx-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlreader-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlreader-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlrpc-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlrpc-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlwriter-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlwriter-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xsl-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xsl-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zip-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zip-debuginfo-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zlib-5.5.14-42.2")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zlib-debuginfo-5.5.14-42.2")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php5"); }

NASL family	Slackware Local Security Checks
NASL id	SLACKWARE_SSA_2016-034-04.NASL
description	New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	88567
published	2016-02-04
reporter	This script is Copyright (C) 2016 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/88567
title	Slackware 14.0 / 14.1 / current : php (SSA:2016-034-04)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Slackware Security Advisory 2016-034-04. The text # itself is copyright (C) Slackware Linux, Inc. # include("compat.inc"); if (description) { script_id(88567); script_version("$Revision: 2.2 $"); script_cvs_date("$Date: 2016/10/19 14:37:26 $"); script_cve_id("CVE-2015-7803", "CVE-2015-7804", "CVE-2016-1903"); script_xref(name:"SSA", value:"2016-034-04"); script_name(english:"Slackware 14.0 / 14.1 / current : php (SSA:2016-034-04)"); script_summary(english:"Checks for updated package in /var/log/packages"); script_set_attribute( attribute:"synopsis", value:"The remote Slackware host is missing a security update." ); script_set_attribute( attribute:"description", value: "New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues." ); # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.461720 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1a6ea70a" ); script_set_attribute(attribute:"solution", value:"Update the affected php package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:php"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.1"); script_set_attribute(attribute:"patch_publication_date", value:"2016/02/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/04"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016 Tenable Network Security, Inc."); script_family(english:"Slackware Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("slackware.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware"); if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu); flag = 0; if (slackware_check(osver:"14.0", pkgname:"php", pkgver:"5.6.17", pkgarch:"i486", pkgnum:"1_slack14.1")) flag++; if (slackware_check(osver:"14.0", arch:"x86_64", pkgname:"php", pkgver:"5.6.17", pkgarch:"x86_64", pkgnum:"1_slack14.1")) flag++; if (slackware_check(osver:"14.1", pkgname:"php", pkgver:"5.6.17", pkgarch:"i486", pkgnum:"1_slack14.1")) flag++; if (slackware_check(osver:"14.1", arch:"x86_64", pkgname:"php", pkgver:"5.6.17", pkgarch:"x86_64", pkgnum:"1_slack14.1")) flag++; if (slackware_check(osver:"current", pkgname:"php", pkgver:"5.6.17", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"current", arch:"x86_64", pkgname:"php", pkgver:"5.6.17", pkgarch:"x86_64", pkgnum:"1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	CGI abuses
NASL id	PHP_7_0_2.NASL
description	According to its banner, the version of PHP running on the remote host is 7.x prior to 7.0.2. It is, therefore, affected by multiple vulnerabilities : - An out-of-bounds read error exists in the gdImageRotateInterpolated() function in file gd_interpolation.c when handling background colors. A remote attacker can exploit this to disclose memory contents or crash the application. (CVE-2016-1903) - An integer overflow condition exists in file exec.c in the escapeshellarg() and escapeshellcmd() functions due to a failure to properly validate user-supplied string input. A remote attacker can exploit this to cause a heap-based overflow, resulting in a denial of service or the execution of arbitrary code. (CVE-2016-1904) - A use-after-free error exists in file wddx.c in the php_wddx_pop_element() function when handling WDDX packet deserialization. A remote attacker can exploit this, by dereferencing already freed memory, to execute arbitrary code. - A type confusion flaw exists in file xmlrpc-epi-php.c in the PHP_to_XMLRPC_worker() function. A remote attacker can exploit this to disclose memory contents, crash the application process, or have other impact. - A type confusion flaw exists in file wddx.c when handling WDDX packet deserialization. A remote attacker can exploit this to execute arbitrary code. - An unspecified flaw exists in file fpm_log.c in the fpm_log_write() function when handling very long HTTP requests. A local attacker can exploit this to obtain sensitive information, via access to the access log file. (CVE-2016-5114) - A flaw exists in file lsapilib.c when handling requests due to the LSAPI module failing to clear its secrets in child processes. A remote attacker can exploit this to gain access to memory contents, resulting in the disclosure of sensitive information. - A flaw exists in file lsapilib.c in the parseRequest() function due to a failure to properly sanitize input passed through multiple, unspecified parameters. A remote attacker can exploit this to cause a denial of service.
last seen	2020-06-01
modified	2020-06-02
plugin id	88680
published	2016-02-10
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/88680
title	PHP 7.x < 7.0.2 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(88680); script_version("1.8"); script_cvs_date("Date: 2019/03/27 13:17:50"); script_cve_id( "CVE-2016-1903", "CVE-2016-1904", "CVE-2016-5114" ); script_bugtraq_id( 79916, 81296, 81808 ); script_name(english:"PHP 7.x < 7.0.2 Multiple Vulnerabilities"); script_summary(english:"Checks the version of PHP."); script_set_attribute(attribute:"synopsis", value: "The remote web server uses a version of PHP that is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "According to its banner, the version of PHP running on the remote host is 7.x prior to 7.0.2. It is, therefore, affected by multiple vulnerabilities : - An out-of-bounds read error exists in the gdImageRotateInterpolated() function in file gd_interpolation.c when handling background colors. A remote attacker can exploit this to disclose memory contents or crash the application. (CVE-2016-1903) - An integer overflow condition exists in file exec.c in the escapeshellarg() and escapeshellcmd() functions due to a failure to properly validate user-supplied string input. A remote attacker can exploit this to cause a heap-based overflow, resulting in a denial of service or the execution of arbitrary code. (CVE-2016-1904) - A use-after-free error exists in file wddx.c in the php_wddx_pop_element() function when handling WDDX packet deserialization. A remote attacker can exploit this, by dereferencing already freed memory, to execute arbitrary code. - A type confusion flaw exists in file xmlrpc-epi-php.c in the PHP_to_XMLRPC_worker() function. A remote attacker can exploit this to disclose memory contents, crash the application process, or have other impact. - A type confusion flaw exists in file wddx.c when handling WDDX packet deserialization. A remote attacker can exploit this to execute arbitrary code. - An unspecified flaw exists in file fpm_log.c in the fpm_log_write() function when handling very long HTTP requests. A local attacker can exploit this to obtain sensitive information, via access to the access log file. (CVE-2016-5114) - A flaw exists in file lsapilib.c when handling requests due to the LSAPI module failing to clear its secrets in child processes. A remote attacker can exploit this to gain access to memory contents, resulting in the disclosure of sensitive information. - A flaw exists in file lsapilib.c in the parseRequest() function due to a failure to properly sanitize input passed through multiple, unspecified parameters. A remote attacker can exploit this to cause a denial of service."); script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-7.php#7.0.2"); script_set_attribute(attribute:"solution", value: "Upgrade to PHP version 7.0.2 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-1904"); script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/08"); script_set_attribute(attribute:"patch_publication_date", value:"2016/01/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/10"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:php:php"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CGI abuses"); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("php_version.nasl"); script_require_ports("Services/www", 80); script_require_keys("www/PHP"); exit(0); } include("vcf.inc"); include("vcf_extras.inc"); include("http.inc"); include("webapp_func.inc"); vcf::php::initialize(); port = get_http_port(default:80, php:TRUE); app_info = vcf::php::get_app_info(port:port); constraints = [ { "min_version" : "7.0.0alpha0", "fixed_version" : "7.0.2" } ]; vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2016-100.NASL
description	This update for php5 fixes the following issues : - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service (DoS) [bsc#949961] - CVE-2015-7804: Specially crafted .phar files with a crafted ZIP archive entry referencing a file
last seen	2020-06-05
modified	2016-02-03
plugin id	88533
published	2016-02-03
reporter	This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/88533
title	openSUSE Security Update : php5 (openSUSE-2016-100)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2016-100. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(88533); script_version("2.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2015-7803", "CVE-2015-7804", "CVE-2016-1903"); script_name(english:"openSUSE Security Update : php5 (openSUSE-2016-100)"); script_summary(english:"Check for the openSUSE-2016-100 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for php5 fixes the following issues : - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service (DoS) [bsc#949961] - CVE-2015-7804: Specially crafted .phar files with a crafted ZIP archive entry referencing a file '/' allowed remote attackers to cause a Denial of Service (DoS) or potentially leak unspecified memory content [bsc#949961] - CVE-2016-1903: Specially crafted image files could allowed remote attackers read unspecified memory when rotating images [bsc#962057]" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=949961" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=949962" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=962057" ); script_set_attribute(attribute:"solution", value:"Update the affected php5 packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2"); script_set_attribute(attribute:"patch_publication_date", value:"2016/01/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE13\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.2", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE13.2", reference:"apache2-mod_php5-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"apache2-mod_php5-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-bcmath-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-bcmath-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-bz2-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-bz2-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-calendar-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-calendar-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-ctype-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-ctype-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-curl-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-curl-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-dba-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-dba-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-debugsource-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-devel-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-dom-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-dom-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-enchant-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-enchant-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-exif-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-exif-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-fastcgi-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-fastcgi-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-fileinfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-fileinfo-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-firebird-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-firebird-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-fpm-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-fpm-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-ftp-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-ftp-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-gd-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-gd-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-gettext-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-gettext-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-gmp-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-gmp-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-iconv-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-iconv-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-imap-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-imap-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-intl-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-intl-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-json-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-json-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-ldap-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-ldap-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mbstring-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mbstring-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mcrypt-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mcrypt-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mssql-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mssql-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mysql-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-mysql-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-odbc-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-odbc-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-opcache-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-opcache-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-openssl-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-openssl-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pcntl-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pcntl-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pdo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pdo-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pear-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pgsql-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pgsql-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-phar-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-phar-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-posix-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-posix-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pspell-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-pspell-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-readline-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-readline-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-shmop-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-shmop-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-snmp-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-snmp-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-soap-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-soap-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sockets-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sockets-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sqlite-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sqlite-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-suhosin-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-suhosin-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvmsg-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvmsg-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvsem-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvsem-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvshm-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-sysvshm-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-tidy-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-tidy-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-tokenizer-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-tokenizer-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-wddx-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-wddx-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlreader-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlreader-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlrpc-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlrpc-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlwriter-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xmlwriter-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xsl-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-xsl-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-zip-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-zip-debuginfo-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-zlib-5.6.1-39.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"php5-zlib-debuginfo-5.6.1-39.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc"); }

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-2952-1.NASL
description	It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. (CVE-2014-9767) It was discovered that the PHP Soap client incorrectly validated data types. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-8835, CVE-2016-3185) It was discovered that the PHP MySQL native driver incorrectly handled TLS connections to MySQL databases. A man in the middle attacker could possibly use this issue to downgrade and snoop on TLS connections. This vulnerability is known as BACKRONYM. (CVE-2015-8838) It was discovered that PHP incorrectly handled the imagerotate function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-1903) Hans Jerry Illikainen discovered that the PHP phar extension incorrectly handled certain tar archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-2554) It was discovered that the PHP WDDX extension incorrectly handled certain malformed XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-3141) It was discovered that the PHP phar extension incorrectly handled certain zip files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2016-3142) It was discovered that the PHP libxml_disable_entity_loader() setting was shared between threads. When running under PHP-FPM, this could result in XML external entity injection and entity expansion issues. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (No CVE number) It was discovered that the PHP openssl_random_pseudo_bytes() function did not return cryptographically strong pseudo-random bytes. (No CVE number) It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending) It was discovered that the PHP php_snmp_error() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE number pending) It was discovered that the PHP rawurlencode() function incorrectly handled large strings. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE number pending) It was discovered that the PHP phar extension incorrectly handled certain filenames in archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending) It was discovered that the PHP mb_strcut() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	90677
published	2016-04-22
reporter	Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/90677
title	Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : php5 vulnerabilities (USN-2952-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-2952-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(90677); script_version("2.11"); script_cvs_date("Date: 2019/09/18 12:31:45"); script_cve_id("CVE-2014-9767", "CVE-2015-8835", "CVE-2015-8838", "CVE-2016-1903", "CVE-2016-2554", "CVE-2016-3141", "CVE-2016-3142", "CVE-2016-3185"); script_xref(name:"USN", value:"2952-1"); script_name(english:"Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : php5 vulnerabilities (USN-2952-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. (CVE-2014-9767) It was discovered that the PHP Soap client incorrectly validated data types. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-8835, CVE-2016-3185) It was discovered that the PHP MySQL native driver incorrectly handled TLS connections to MySQL databases. A man in the middle attacker could possibly use this issue to downgrade and snoop on TLS connections. This vulnerability is known as BACKRONYM. (CVE-2015-8838) It was discovered that PHP incorrectly handled the imagerotate function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-1903) Hans Jerry Illikainen discovered that the PHP phar extension incorrectly handled certain tar archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-2554) It was discovered that the PHP WDDX extension incorrectly handled certain malformed XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-3141) It was discovered that the PHP phar extension incorrectly handled certain zip files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2016-3142) It was discovered that the PHP libxml_disable_entity_loader() setting was shared between threads. When running under PHP-FPM, this could result in XML external entity injection and entity expansion issues. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (No CVE number) It was discovered that the PHP openssl_random_pseudo_bytes() function did not return cryptographically strong pseudo-random bytes. (No CVE number) It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending) It was discovered that the PHP php_snmp_error() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE number pending) It was discovered that the PHP rawurlencode() function incorrectly handled large strings. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE number pending) It was discovered that the PHP phar extension incorrectly handled certain filenames in archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending) It was discovered that the PHP mb_strcut() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/2952-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-mysqlnd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-snmp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:15.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/01/19"); script_set_attribute(attribute:"patch_publication_date", value:"2016/04/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/04/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(12\.04\|14\.04\|15\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04 / 14.04 / 15.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"12.04", pkgname:"libapache2-mod-php5", pkgver:"5.3.10-1ubuntu3.22")) flag++; if (ubuntu_check(osver:"12.04", pkgname:"php5-cgi", pkgver:"5.3.10-1ubuntu3.22")) flag++; if (ubuntu_check(osver:"12.04", pkgname:"php5-cli", pkgver:"5.3.10-1ubuntu3.22")) flag++; if (ubuntu_check(osver:"12.04", pkgname:"php5-fpm", pkgver:"5.3.10-1ubuntu3.22")) flag++; if (ubuntu_check(osver:"12.04", pkgname:"php5-gd", pkgver:"5.3.10-1ubuntu3.22")) flag++; if (ubuntu_check(osver:"12.04", pkgname:"php5-mysqlnd", pkgver:"5.3.10-1ubuntu3.22")) flag++; if (ubuntu_check(osver:"12.04", pkgname:"php5-snmp", pkgver:"5.3.10-1ubuntu3.22")) flag++; if (ubuntu_check(osver:"14.04", pkgname:"libapache2-mod-php5", pkgver:"5.5.9+dfsg-1ubuntu4.16")) flag++; if (ubuntu_check(osver:"14.04", pkgname:"php5-cgi", pkgver:"5.5.9+dfsg-1ubuntu4.16")) flag++; if (ubuntu_check(osver:"14.04", pkgname:"php5-cli", pkgver:"5.5.9+dfsg-1ubuntu4.16")) flag++; if (ubuntu_check(osver:"14.04", pkgname:"php5-fpm", pkgver:"5.5.9+dfsg-1ubuntu4.16")) flag++; if (ubuntu_check(osver:"14.04", pkgname:"php5-gd", pkgver:"5.5.9+dfsg-1ubuntu4.16")) flag++; if (ubuntu_check(osver:"14.04", pkgname:"php5-mysqlnd", pkgver:"5.5.9+dfsg-1ubuntu4.16")) flag++; if (ubuntu_check(osver:"14.04", pkgname:"php5-snmp", pkgver:"5.5.9+dfsg-1ubuntu4.16")) flag++; if (ubuntu_check(osver:"15.10", pkgname:"libapache2-mod-php5", pkgver:"5.6.11+dfsg-1ubuntu3.2")) flag++; if (ubuntu_check(osver:"15.10", pkgname:"php5-cgi", pkgver:"5.6.11+dfsg-1ubuntu3.2")) flag++; if (ubuntu_check(osver:"15.10", pkgname:"php5-cli", pkgver:"5.6.11+dfsg-1ubuntu3.2")) flag++; if (ubuntu_check(osver:"15.10", pkgname:"php5-fpm", pkgver:"5.6.11+dfsg-1ubuntu3.2")) flag++; if (ubuntu_check(osver:"15.10", pkgname:"php5-gd", pkgver:"5.6.11+dfsg-1ubuntu3.2")) flag++; if (ubuntu_check(osver:"15.10", pkgname:"php5-mysqlnd", pkgver:"5.6.11+dfsg-1ubuntu3.2")) flag++; if (ubuntu_check(osver:"15.10", pkgname:"php5-snmp", pkgver:"5.6.11+dfsg-1ubuntu3.2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libapache2-mod-php5 / php5-cgi / php5-cli / php5-fpm / php5-gd / etc"); }

NASL family	CGI abuses
NASL id	PHP_5_5_31.NASL
description	According to its banner, the version of PHP running on the remote host is 5.5.x prior to 5.5.31 or 5.6.x prior to 5.6.17. It is, therefore, affected by multiple vulnerabilities : - An out-of-bounds read error exists in the gdImageRotateInterpolated() function in file gd_interpolation.c when handling background colors. A remote attacker can exploit this to disclose memory contents or crash the application. (CVE-2016-1903) - An unspecified flaw exists in file fpm_log.c in the fpm_log_write() function when handling very long HTTP requests. A local attacker can exploit this to obtain sensitive information, via access to the access log file. (CVE-2016-5114) - A use-after-free error exists in file wddx.c in the php_wddx_pop_element() function when handling WDDX packet deserialization. A remote attacker can exploit this, by dereferencing already freed memory, to execute arbitrary code. - A type confusion flaw exists in file xmlrpc-epi-php.c in the PHP_to_XMLRPC_worker() function. A remote attacker can exploit this to disclose memory contents, crash the application process, or have other impact. - A type confusion flaw exists in file wddx.c when handling WDDX packet deserialization. A remote attacker can exploit this to execute arbitrary code. - A flaw exists in file lsapilib.c when handling requests due to the LSAPI module failing to clear its secrets in child processes. A remote attacker can exploit this to gain access to memory contents, resulting in the disclosure of sensitive information. - A flaw exists in file lsapilib.c in the parseRequest() function due to a failure to properly sanitize input passed through multiple, unspecified parameters. A remote attacker can exploit this to cause a denial of service.
last seen	2020-06-01
modified	2020-06-02
plugin id	88679
published	2016-02-10
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/88679
title	PHP prior to 5.5.x < 5.5.31 / 5.6.x < 5.6.17 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(88679); script_version("1.16"); script_cvs_date("Date: 2019/11/19"); script_cve_id("CVE-2016-1903", "CVE-2016-5114"); script_bugtraq_id(79916); script_name(english:"PHP prior to 5.5.x < 5.5.31 / 5.6.x < 5.6.17 Multiple Vulnerabilities"); script_summary(english:"Checks the version of PHP."); script_set_attribute(attribute:"synopsis", value: "The remote web server uses a version of PHP that is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "According to its banner, the version of PHP running on the remote host is 5.5.x prior to 5.5.31 or 5.6.x prior to 5.6.17. It is, therefore, affected by multiple vulnerabilities : - An out-of-bounds read error exists in the gdImageRotateInterpolated() function in file gd_interpolation.c when handling background colors. A remote attacker can exploit this to disclose memory contents or crash the application. (CVE-2016-1903) - An unspecified flaw exists in file fpm_log.c in the fpm_log_write() function when handling very long HTTP requests. A local attacker can exploit this to obtain sensitive information, via access to the access log file. (CVE-2016-5114) - A use-after-free error exists in file wddx.c in the php_wddx_pop_element() function when handling WDDX packet deserialization. A remote attacker can exploit this, by dereferencing already freed memory, to execute arbitrary code. - A type confusion flaw exists in file xmlrpc-epi-php.c in the PHP_to_XMLRPC_worker() function. A remote attacker can exploit this to disclose memory contents, crash the application process, or have other impact. - A type confusion flaw exists in file wddx.c when handling WDDX packet deserialization. A remote attacker can exploit this to execute arbitrary code. - A flaw exists in file lsapilib.c when handling requests due to the LSAPI module failing to clear its secrets in child processes. A remote attacker can exploit this to gain access to memory contents, resulting in the disclosure of sensitive information. - A flaw exists in file lsapilib.c in the parseRequest() function due to a failure to properly sanitize input passed through multiple, unspecified parameters. A remote attacker can exploit this to cause a denial of service."); script_set_attribute(attribute:"see_also", value:"http://www.php.net/ChangeLog-5.php#5.6.17"); script_set_attribute(attribute:"see_also", value:"http://www.php.net/ChangeLog-5.php#5.5.31"); script_set_attribute(attribute:"solution", value: "Upgrade to PHP version 5.5.31 / 5.6.17 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-5114"); script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/08"); script_set_attribute(attribute:"patch_publication_date", value:"2016/01/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/10"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:php:php"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CGI abuses"); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("php_version.nasl"); script_require_keys("www/PHP"); script_require_ports("Services/www", 80); exit(0); } include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); include("audit.inc"); include("webapp_func.inc"); port = get_http_port(default:80, php:TRUE); php = get_php_from_kb( port : port, exit_on_fail : TRUE ); version = php["ver"]; source = php["src"]; backported = get_kb_item('www/php/'+port+'/'+version+'/backported'); if (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, "PHP "+version+" install"); if (version =~ "^5\.5\.([0-9]\|[0-2][0-9]\|30)($\|[^0-9])" \|\| version =~ "^5\.6\.([0-9]\|[0-1][0-6])($\|[^0-9])" ) { if (report_verbosity > 0) { report = '\n Version source : ' + source + '\n Installed version : ' + version + '\n Fixed version : 5.5.31 / 5.6.17\n'; security_warning(port:port, extra:report); } else security_warning(port); exit(0); } else audit(AUDIT_LISTEN_NOT_VULN, "PHP", port, version);

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-2952-2.NASL
description	USN-2952-1 fixed vulnerabilities in PHP. One of the backported patches caused a regression in the PHP Soap client. This update fixes the problem. We apologize for the inconvenience. It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. (CVE-2014-9767) It was discovered that the PHP Soap client incorrectly validated data types. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-8835, CVE-2016-3185) It was discovered that the PHP MySQL native driver incorrectly handled TLS connections to MySQL databases. A man in the middle attacker could possibly use this issue to downgrade and snoop on TLS connections. This vulnerability is known as BACKRONYM. (CVE-2015-8838) It was discovered that PHP incorrectly handled the imagerotate function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-1903) Hans Jerry Illikainen discovered that the PHP phar extension incorrectly handled certain tar archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-2554) It was discovered that the PHP WDDX extension incorrectly handled certain malformed XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-3141) It was discovered that the PHP phar extension incorrectly handled certain zip files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2016-3142) It was discovered that the PHP libxml_disable_entity_loader() setting was shared between threads. When running under PHP-FPM, this could result in XML external entity injection and entity expansion issues. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (No CVE number) It was discovered that the PHP openssl_random_pseudo_bytes() function did not return cryptographically strong pseudo-random bytes. (No CVE number) It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending) It was discovered that the PHP php_snmp_error() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE number pending) It was discovered that the PHP rawurlencode() function incorrectly handled large strings. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE number pending) It was discovered that the PHP phar extension incorrectly handled certain filenames in archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending) It was discovered that the PHP mb_strcut() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	90825
published	2016-05-02
reporter	Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/90825
title	Ubuntu 15.10 : php5 regression (USN-2952-2)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-2952-2. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(90825); script_version("2.10"); script_cvs_date("Date: 2019/09/18 12:31:45"); script_cve_id("CVE-2014-9767", "CVE-2015-8835", "CVE-2015-8838", "CVE-2016-1903", "CVE-2016-2554", "CVE-2016-3141", "CVE-2016-3142", "CVE-2016-3185"); script_xref(name:"USN", value:"2952-2"); script_name(english:"Ubuntu 15.10 : php5 regression (USN-2952-2)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "USN-2952-1 fixed vulnerabilities in PHP. One of the backported patches caused a regression in the PHP Soap client. This update fixes the problem. We apologize for the inconvenience. It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. (CVE-2014-9767) It was discovered that the PHP Soap client incorrectly validated data types. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-8835, CVE-2016-3185) It was discovered that the PHP MySQL native driver incorrectly handled TLS connections to MySQL databases. A man in the middle attacker could possibly use this issue to downgrade and snoop on TLS connections. This vulnerability is known as BACKRONYM. (CVE-2015-8838) It was discovered that PHP incorrectly handled the imagerotate function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-1903) Hans Jerry Illikainen discovered that the PHP phar extension incorrectly handled certain tar archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-2554) It was discovered that the PHP WDDX extension incorrectly handled certain malformed XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-3141) It was discovered that the PHP phar extension incorrectly handled certain zip files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2016-3142) It was discovered that the PHP libxml_disable_entity_loader() setting was shared between threads. When running under PHP-FPM, this could result in XML external entity injection and entity expansion issues. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (No CVE number) It was discovered that the PHP openssl_random_pseudo_bytes() function did not return cryptographically strong pseudo-random bytes. (No CVE number) It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending) It was discovered that the PHP php_snmp_error() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE number pending) It was discovered that the PHP rawurlencode() function incorrectly handled large strings. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE number pending) It was discovered that the PHP phar extension incorrectly handled certain filenames in archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending) It was discovered that the PHP mb_strcut() function incorrectly handled string formatting. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE number pending). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/2952-2/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-mysqlnd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-snmp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:15.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/01/19"); script_set_attribute(attribute:"patch_publication_date", value:"2016/04/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/05/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(15\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 15.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"15.10", pkgname:"libapache2-mod-php5", pkgver:"5.6.11+dfsg-1ubuntu3.3")) flag++; if (ubuntu_check(osver:"15.10", pkgname:"php5-cgi", pkgver:"5.6.11+dfsg-1ubuntu3.3")) flag++; if (ubuntu_check(osver:"15.10", pkgname:"php5-cli", pkgver:"5.6.11+dfsg-1ubuntu3.3")) flag++; if (ubuntu_check(osver:"15.10", pkgname:"php5-fpm", pkgver:"5.6.11+dfsg-1ubuntu3.3")) flag++; if (ubuntu_check(osver:"15.10", pkgname:"php5-gd", pkgver:"5.6.11+dfsg-1ubuntu3.3")) flag++; if (ubuntu_check(osver:"15.10", pkgname:"php5-mysqlnd", pkgver:"5.6.11+dfsg-1ubuntu3.3")) flag++; if (ubuntu_check(osver:"15.10", pkgname:"php5-snmp", pkgver:"5.6.11+dfsg-1ubuntu3.3")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libapache2-mod-php5 / php5-cgi / php5-cli / php5-fpm / php5-gd / etc"); }

NASL family	Amazon Linux Local Security Checks
NASL id	ALA_ALAS-2016-640.NASL
description	The imagerotate function lacked validation of the background color variable, an integer which represents an index of the color palette. A number larger than the length of the color palette could be used in the function, reading beyond the memory of the color palette and causing an information leak.
last seen	2020-06-01
modified	2020-06-02
plugin id	87974
published	2016-01-19
reporter	This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/87974
title	Amazon Linux AMI : php56 / php55 (ALAS-2016-640)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Amazon Linux AMI Security Advisory ALAS-2016-640. # include("compat.inc"); if (description) { script_id(87974); script_version("2.4"); script_cvs_date("Date: 2018/04/18 15:09:35"); script_cve_id("CVE-2016-1903"); script_xref(name:"ALAS", value:"2016-640"); script_name(english:"Amazon Linux AMI : php56 / php55 (ALAS-2016-640)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Amazon Linux AMI host is missing a security update." ); script_set_attribute( attribute:"description", value: "The imagerotate function lacked validation of the background color variable, an integer which represents an index of the color palette. A number larger than the length of the color palette could be used in the function, reading beyond the memory of the color palette and causing an information leak." ); script_set_attribute( attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2016-640.html" ); script_set_attribute( attribute:"solution", value: "Run 'yum update php56' to update your system. Run 'yum update php55' to update your system." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-embedded"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-mcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-mssql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-mysqlnd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-process"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-recode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php55-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-embedded"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-mcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-mssql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-mysqlnd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-process"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-recode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-xmlrpc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2016/01/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/01/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc."); script_family(english:"Amazon Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/AmazonLinux/release"); if (isnull(release) \|\| !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux"); os_ver = pregmatch(pattern: "^AL(A\|\d)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux"); os_ver = os_ver[1]; if (os_ver != "A") { if (os_ver == 'A') os_ver = 'AMI'; audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver); } if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (rpm_check(release:"ALA", reference:"php55-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-bcmath-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-cli-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-common-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-dba-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-debuginfo-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-devel-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-embedded-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-enchant-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-fpm-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-gd-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-gmp-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-imap-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-intl-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-ldap-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-mbstring-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-mcrypt-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-mssql-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-mysqlnd-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-odbc-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-opcache-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-pdo-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-pgsql-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-process-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-pspell-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-recode-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-snmp-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-soap-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-tidy-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-xml-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php55-xmlrpc-5.5.31-1.111.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-bcmath-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-cli-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-common-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-dba-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-dbg-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-debuginfo-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-devel-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-embedded-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-enchant-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-fpm-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-gd-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-gmp-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-imap-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-intl-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-ldap-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-mbstring-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-mcrypt-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-mssql-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-mysqlnd-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-odbc-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-opcache-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-pdo-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-pgsql-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-process-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-pspell-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-recode-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-snmp-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-soap-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-tidy-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-xml-5.6.17-1.120.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-xmlrpc-5.6.17-1.120.amzn1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php55 / php55-bcmath / php55-cli / php55-common / php55-dba / etc"); }

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2016-157.NASL
description	This update for php5 fixes the following issues : - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service (DoS) [bsc#949961] - CVE-2016-1903: Specially crafted image files could could allow remote attackers read unspecified memory when rotating images [bsc#962057] This update was imported from the SUSE:SLE-12:Update update project.
last seen	2020-06-05
modified	2016-02-08
plugin id	88611
published	2016-02-08
reporter	This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/88611
title	openSUSE Security Update : php5 (openSUSE-2016-157)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2016-157. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(88611); script_version("2.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2015-7803", "CVE-2016-1903"); script_name(english:"openSUSE Security Update : php5 (openSUSE-2016-157)"); script_summary(english:"Check for the openSUSE-2016-157 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for php5 fixes the following issues : - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service (DoS) [bsc#949961] - CVE-2016-1903: Specially crafted image files could could allow remote attackers read unspecified memory when rotating images [bsc#962057] This update was imported from the SUSE:SLE-12:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=949961" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=962057" ); script_set_attribute(attribute:"solution", value:"Update the affected php5 packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1"); script_set_attribute(attribute:"patch_publication_date", value:"2016/02/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE42.1", reference:"apache2-mod_php5-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"apache2-mod_php5-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-bcmath-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-bcmath-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-bz2-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-bz2-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-calendar-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-calendar-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-ctype-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-ctype-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-curl-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-curl-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-dba-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-dba-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-debugsource-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-devel-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-dom-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-dom-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-enchant-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-enchant-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-exif-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-exif-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-fastcgi-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-fastcgi-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-fileinfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-fileinfo-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-firebird-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-firebird-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-fpm-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-fpm-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-ftp-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-ftp-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-gd-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-gd-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-gettext-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-gettext-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-gmp-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-gmp-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-iconv-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-iconv-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-imap-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-imap-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-intl-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-intl-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-json-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-json-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-ldap-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-ldap-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-mbstring-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-mbstring-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-mcrypt-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-mcrypt-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-mssql-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-mssql-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-mysql-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-mysql-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-odbc-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-odbc-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-opcache-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-opcache-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-openssl-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-openssl-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-pcntl-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-pcntl-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-pdo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-pdo-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-pear-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-pgsql-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-pgsql-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-phar-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-phar-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-posix-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-posix-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-pspell-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-pspell-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-readline-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-readline-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-shmop-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-shmop-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-snmp-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-snmp-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-soap-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-soap-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-sockets-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-sockets-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-sqlite-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-sqlite-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-suhosin-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-suhosin-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-sysvmsg-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-sysvmsg-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-sysvsem-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-sysvsem-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-sysvshm-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-sysvshm-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-tidy-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-tidy-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-tokenizer-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-tokenizer-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-wddx-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-wddx-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-xmlreader-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-xmlreader-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-xmlrpc-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-xmlrpc-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-xmlwriter-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-xmlwriter-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-xsl-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-xsl-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-zip-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-zip-debuginfo-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-zlib-5.5.14-41.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"php5-zlib-debuginfo-5.5.14-41.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc"); }

Redhat

advisories

rhsa

id	RHSA-2016:2750

rpms

rh-php56-0:2.3-1.el6
rh-php56-0:2.3-1.el7
rh-php56-php-0:5.6.25-1.el6
rh-php56-php-0:5.6.25-1.el7
rh-php56-php-bcmath-0:5.6.25-1.el6
rh-php56-php-bcmath-0:5.6.25-1.el7
rh-php56-php-cli-0:5.6.25-1.el6
rh-php56-php-cli-0:5.6.25-1.el7
rh-php56-php-common-0:5.6.25-1.el6
rh-php56-php-common-0:5.6.25-1.el7
rh-php56-php-dba-0:5.6.25-1.el6
rh-php56-php-dba-0:5.6.25-1.el7
rh-php56-php-dbg-0:5.6.25-1.el6
rh-php56-php-dbg-0:5.6.25-1.el7
rh-php56-php-debuginfo-0:5.6.25-1.el6
rh-php56-php-debuginfo-0:5.6.25-1.el7
rh-php56-php-devel-0:5.6.25-1.el6
rh-php56-php-devel-0:5.6.25-1.el7
rh-php56-php-embedded-0:5.6.25-1.el6
rh-php56-php-embedded-0:5.6.25-1.el7
rh-php56-php-enchant-0:5.6.25-1.el6
rh-php56-php-enchant-0:5.6.25-1.el7
rh-php56-php-fpm-0:5.6.25-1.el6
rh-php56-php-fpm-0:5.6.25-1.el7
rh-php56-php-gd-0:5.6.25-1.el6
rh-php56-php-gd-0:5.6.25-1.el7
rh-php56-php-gmp-0:5.6.25-1.el6
rh-php56-php-gmp-0:5.6.25-1.el7
rh-php56-php-imap-0:5.6.25-1.el6
rh-php56-php-intl-0:5.6.25-1.el6
rh-php56-php-intl-0:5.6.25-1.el7
rh-php56-php-ldap-0:5.6.25-1.el6
rh-php56-php-ldap-0:5.6.25-1.el7
rh-php56-php-mbstring-0:5.6.25-1.el6
rh-php56-php-mbstring-0:5.6.25-1.el7
rh-php56-php-mysqlnd-0:5.6.25-1.el6
rh-php56-php-mysqlnd-0:5.6.25-1.el7
rh-php56-php-odbc-0:5.6.25-1.el6
rh-php56-php-odbc-0:5.6.25-1.el7
rh-php56-php-opcache-0:5.6.25-1.el6
rh-php56-php-opcache-0:5.6.25-1.el7
rh-php56-php-pdo-0:5.6.25-1.el6
rh-php56-php-pdo-0:5.6.25-1.el7
rh-php56-php-pear-1:1.9.5-4.el6
rh-php56-php-pear-1:1.9.5-4.el7
rh-php56-php-pgsql-0:5.6.25-1.el6
rh-php56-php-pgsql-0:5.6.25-1.el7
rh-php56-php-process-0:5.6.25-1.el6
rh-php56-php-process-0:5.6.25-1.el7
rh-php56-php-pspell-0:5.6.25-1.el6
rh-php56-php-pspell-0:5.6.25-1.el7
rh-php56-php-recode-0:5.6.25-1.el6
rh-php56-php-recode-0:5.6.25-1.el7
rh-php56-php-snmp-0:5.6.25-1.el6
rh-php56-php-snmp-0:5.6.25-1.el7
rh-php56-php-soap-0:5.6.25-1.el6
rh-php56-php-soap-0:5.6.25-1.el7
rh-php56-php-tidy-0:5.6.25-1.el6
rh-php56-php-xml-0:5.6.25-1.el6
rh-php56-php-xml-0:5.6.25-1.el7
rh-php56-php-xmlrpc-0:5.6.25-1.el6
rh-php56-php-xmlrpc-0:5.6.25-1.el7
rh-php56-runtime-0:2.3-1.el6
rh-php56-runtime-0:2.3-1.el7
rh-php56-scldevel-0:2.3-1.el6
rh-php56-scldevel-0:2.3-1.el7