Vulnerabilities > CVE-2019-11034 - Out-of-bounds Read vulnerability in multiple products

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(123753);
  script_version("1.5");
  script_cvs_date("Date: 2019/10/30 13:24:46");

  script_cve_id("CVE-2019-11034", "CVE-2019-11035");
  script_bugtraq_id(107794);

  script_name(english:"PHP 7.1.x < 7.1.28 Multiple vulnerabilities.");
  script_summary(english:"Checks the version of PHP.");

  script_set_attribute(attribute:"synopsis", value:
"An application installed on the remote host is affected by
 multiple vulnerabilities."
);
  script_set_attribute(attribute:"description", value:
"According to its banner, the version of PHP running on the remote web
server is 7.1.x prior to 7.1.28. It is, therefore, affected by
multiple vulnerabilities:

  - A heap-based buffer over-read condition exists in 
    php_ifd_get32s in exif.c.

  - A heap-based buffer overflow condition exists in 
    exif_iif_add_value in exif.c as a result of improperly
    checking input length."
);

  script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-7.php#7.1.28");
  script_set_attribute(attribute:"solution", value:
"Upgrade to PHP version 7.1.28 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-11034");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/04/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/04");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:php:php");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("php_version.nasl");
  script_require_keys("www/PHP");
  script_require_ports("Services/www", 80);

  exit(0);
}

include('audit.inc');
include('global_settings.inc');
include('misc_func.inc');
include('http.inc');
include('webapp_func.inc');

fix = '7.1.28';
minver = '7.1.0alpha1';

regexes = make_array(
  -3, 'alpha(\\d+)',
  -2, 'beta(\\d+)',
  -1, 'RC(\\d+)'
);

port = get_http_port(default:80, php:TRUE);

php = get_php_from_kb(
  port : port,
  exit_on_fail : TRUE
);

ver = php["ver"];
source = php["src"];
backported = get_kb_item('www/php/' + port + '/' + ver + '/backported');

if ((report_paranoia < 2) && backported)
  audit(AUDIT_BACKPORT_SERVICE, port, 'PHP ' + ver + ' install');

vulnerable = ver_compare(minver:minver, ver:ver, fix:fix, regexes:regexes);
if (isnull(vulnerable)) exit(1, 'The version of PHP ' + ver + ' is not within the checked ranges.');
if (vulnerable > -1) audit(AUDIT_LISTEN_NOT_VULN, 'PHP', port, ver);

report =
'\n  Version source    : ' + source +
'\n  Installed version : ' + ver +
'\n  Fixed version     : ' + fix +
'\n';
security_report_v4(port:port, extra:report, severity:SECURITY_WARNING);

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from the FreeBSD VuXML database :
#
# Copyright 2003-2020 Jacques Vidrine and contributors
#
# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
# HTML, PDF, PostScript, RTF and so forth) with or without modification,
# are permitted provided that the following conditions are met:
# 1. Redistributions of source code (VuXML) must retain the above
#    copyright notice, this list of conditions and the following
#    disclaimer as the first lines of this file unmodified.
# 2. Redistributions in compiled form (transformed to other DTDs,
#    published online in any format, converted to PDF, PostScript,
#    RTF and other formats) must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer
#    in the documentation and/or other materials provided with the
#    distribution.
# 
# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#

include("compat.inc");

if (description)
{
  script_id(124789);
  script_version("1.2");
  script_cvs_date("Date: 2020/01/17");

  script_cve_id("CVE-2019-11034", "CVE-2019-11035");

  script_name(english:"FreeBSD : PHP -- Multiple vulnerabilities in EXIF module (c2d1693b-73cb-11e9-a1c7-b499baebfeaf)");
  script_summary(english:"Checks for updated packages in pkg_info output");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote FreeBSD host is missing one or more security-related
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The PHP project reports :

Heap-buffer-overflow in php_ifd_get32s (CVE-2019-11034)

Heap-buffer-overflow in exif_iif_add_value (CVE-2019-11035)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.php.net/ChangeLog-7.php"
  );
  # https://vuxml.freebsd.org/freebsd/c2d1693b-73cb-11e9-a1c7-b499baebfeaf.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?1e2f0141"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:php71-exif");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:php72-exif");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:php73-exif");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/05/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/13");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"FreeBSD Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");

  exit(0);
}


include("audit.inc");
include("freebsd_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (pkg_test(save_report:TRUE, pkg:"php71-exif<7.1.28")) flag++;
if (pkg_test(save_report:TRUE, pkg:"php72-exif<7.2.17")) flag++;
if (pkg_test(save_report:TRUE, pkg:"php73-exif<7.3.4")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2019-1503.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(125700);
  script_version("1.2");
  script_cvs_date("Date: 2020/01/13");

  script_cve_id("CVE-2019-11034", "CVE-2019-11035", "CVE-2019-11036", "CVE-2019-9637", "CVE-2019-9638", "CVE-2019-9639", "CVE-2019-9640", "CVE-2019-9675");

  script_name(english:"openSUSE Security Update : php5 (openSUSE-2019-1503)");
  script_summary(english:"Check for the openSUSE-2019-1503 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update for php5 fixes the following issues :

Security issues fixed :

  - CVE-2019-11034: Fixed a heap-buffer overflow in
    php_ifd_get32si() (bsc#1132838).

  - CVE-2019-11035: Fixed a heap-buffer overflow in
    exif_iif_add_value() (bsc#1132837).

  - CVE-2019-9637: Fixed a potential information disclosure
    in rename() (bsc#1128892).

  - CVE-2019-9675: Fixed a potential buffer overflow in
    phar_tar_writeheaders_int() (bsc#1128886).

  - CVE-2019-9638: Fixed an uninitialized read in
    exif_process_IFD_in_MAKERNOTE() related to value_len
    (bsc#1128889).

  - CVE-2019-9639: Fixed an uninitialized read in
    exif_process_IFD_in_MAKERNOTE() related to data_len
    (bsc#1128887).

  - CVE-2019-9640: Fixed an invalid Read in
    exif_process_SOFn() (bsc#1128883).

  - CVE-2019-11036: Fixed buffer over-read in
    exif_process_IFD_TAG function leading to information
    disclosure (bsc#1134322).

This update was imported from the SUSE:SLE-12:Update update project."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1128883"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1128886"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1128887"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1128889"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1128892"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1132837"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1132838"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1134322"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected php5 packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-9675");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-curl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dba-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-dom-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-exif-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gd-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-imap-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-intl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-json-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pear");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-phar-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-posix-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-readline-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-soap-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zip-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/06/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/04");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE42.3", reference:"apache2-mod_php5-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"apache2-mod_php5-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-bcmath-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-bcmath-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-bz2-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-bz2-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-calendar-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-calendar-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-ctype-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-ctype-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-curl-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-curl-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-dba-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-dba-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-debugsource-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-devel-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-dom-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-dom-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-enchant-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-enchant-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-exif-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-exif-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-fastcgi-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-fastcgi-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-fileinfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-fileinfo-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-firebird-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-firebird-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-fpm-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-fpm-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-ftp-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-ftp-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-gd-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-gd-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-gettext-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-gettext-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-gmp-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-gmp-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-iconv-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-iconv-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-imap-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-imap-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-intl-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-intl-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-json-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-json-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-ldap-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-ldap-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-mbstring-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-mbstring-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-mcrypt-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-mcrypt-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-mssql-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-mssql-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-mysql-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-mysql-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-odbc-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-odbc-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-opcache-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-opcache-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-openssl-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-openssl-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-pcntl-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-pcntl-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-pdo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-pdo-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-pear-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-pgsql-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-pgsql-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-phar-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-phar-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-posix-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-posix-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-pspell-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-pspell-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-readline-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-readline-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-shmop-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-shmop-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-snmp-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-snmp-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-soap-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-soap-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-sockets-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-sockets-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-sqlite-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-sqlite-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-suhosin-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-suhosin-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-sysvmsg-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-sysvmsg-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-sysvsem-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-sysvsem-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-sysvshm-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-sysvshm-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-tidy-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-tidy-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-tokenizer-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-tokenizer-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-wddx-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-wddx-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-xmlreader-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-xmlreader-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-xmlrpc-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-xmlrpc-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-xmlwriter-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-xmlwriter-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-xsl-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-xsl-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-zip-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-zip-debuginfo-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-zlib-5.5.14-118.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php5-zlib-debuginfo-5.5.14-118.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2019:1461-1.
# The text itself is copyright (C) SUSE.
#

include("compat.inc");

if (description)
{
  script_id(125850);
  script_version("1.3");
  script_cvs_date("Date: 2020/01/10");

  script_cve_id("CVE-2018-19935", "CVE-2018-20783", "CVE-2019-11034", "CVE-2019-11035", "CVE-2019-11036", "CVE-2019-9020", "CVE-2019-9021", "CVE-2019-9022", "CVE-2019-9023", "CVE-2019-9024", "CVE-2019-9637", "CVE-2019-9638", "CVE-2019-9639", "CVE-2019-9640", "CVE-2019-9641", "CVE-2019-9675");

  script_name(english:"SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2019:1461-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update for php7 fixes the following issues :

Security issues fixed :

CVE-2019-9637: Fixed improper implementation of rename function and
multiple invalid memory access in EXIF extension (bsc#1128892).

CVE-2019-9675: Fixed improper implementation of rename function and
multiple invalid memory access in EXIF extension (bsc#1128886).

CVE-2019-9638: Fixed improper implementation of rename function and
multiple invalid memory access in EXIF extension ((bsc#1128889).

CVE-2019-9639: Fixed improper implementation of rename function and
multiple invalid memory access in EXIF extension (bsc#1128887).

CVE-2019-9640: Fixed improper implementation of rename function and
multiple invalid memory access in EXIF extension (bsc#1128883).

CVE-2019-9022: Fixed a vulnerability which could allow a hostile DNS
server to make PHP misuse memcpy (bsc#1126827).

CVE-2019-9024: Fixed a vulnerability in xmlrpc_decode function which
could allow to a hostile XMLRPC server to cause memory read outside
the allocated areas (bsc#1126821).

CVE-2019-9020: Fixed a heap out of bounds in xmlrpc_decode function
(bsc#1126711).

CVE-2018-20783: Fixed a buffer over-read in PHAR reading functions
which could allow an attacker to read allocated and unallocated memory
when parsing a phar file (bsc#1127122).

CVE-2019-9021: Fixed a heap buffer-based buffer over-read in PHAR
reading functions which could allow an attacker to read allocated and
unallocated memory when parsing a phar file (bsc#1126713).

CVE-2019-9023: Fixed multiple heap-based buffer over-read instances in
mbstring regular expression functions (bsc#1126823).

CVE-2019-9641: Fixed multiple invalid memory access in EXIF extension
and improved insecure implementation of rename function (bsc#1128722).

CVE-2018-19935: Fixed a Denial of Service in php_imap.c which could be
triggered via an empty string in the message argument to imap_mail
(bsc#1118832).

CVE-2019-11034: Fixed a heap-buffer overflow in php_ifd_get32si()
(bsc#1132838).

CVE-2019-11035: Fixed a heap-buffer overflow in exif_iif_add_value()
(bsc#1132837).

CVE-2019-11036: Fixed buffer over-read in exif_process_IFD_TAG
function leading to information disclosure (bsc#1134322).

Other issue addressed: Deleted README.default_socket_timeout which is
not needed anymore (bsc#1129032).

Enabled php7 testsuite (bsc#1119396).

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1118832"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1119396"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1126711"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1126713"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1126821"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1126823"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1126827"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1127122"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1128722"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1128883"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1128886"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1128887"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1128889"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1128892"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1129032"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1132837"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1132838"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1134322"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-19935/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-20783/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-11034/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-11035/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-11036/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-9020/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-9021/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-9022/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-9023/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-9024/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-9637/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-9638/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-9639/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-9640/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-9641/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-9675/"
  );
  # https://www.suse.com/support/update/announcement/2019/suse-su-20191461-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?56a55ab6"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Module for Web Scripting 15:zypper in -t patch
SUSE-SLE-Module-Web-Scripting-15-2019-1461=1

SUSE Linux Enterprise Module for Packagehub Subpackages 15:zypper in
-t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2019-1461=1

SUSE Linux Enterprise Module for Open Buildservice Development Tools
15:zypper in -t patch
SUSE-SLE-Module-Development-Tools-OBS-15-2019-1461=1"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php7-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-bcmath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-bcmath-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-bz2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-bz2-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-calendar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-calendar-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ctype");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ctype-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-curl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-curl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-dba");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-dba-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-dom");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-dom-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-embed");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-embed-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-enchant");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-enchant-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-exif");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-exif-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fastcgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fastcgi-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fileinfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fileinfo-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fpm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fpm-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ftp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ftp-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gd-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gettext");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gettext-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gmp-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-iconv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-iconv-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-intl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-intl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-json");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-json-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ldap-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-mbstring");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-mbstring-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-mysql-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-odbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-odbc-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-opcache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-opcache-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-openssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-openssl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pcntl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pcntl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pdo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pdo-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pgsql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pgsql-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-phar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-phar-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-posix");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-posix-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-readline");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-readline-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-shmop");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-shmop-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-snmp-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-soap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-soap-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sockets");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sockets-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sodium");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sodium-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sqlite");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sqlite-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvmsg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvmsg-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvsem");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvsem-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvshm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvshm-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-tidy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-tidy-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-tokenizer");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-tokenizer-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-wddx");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-wddx-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlreader");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlreader-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlrpc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlrpc-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlwriter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlwriter-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xsl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xsl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-zip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-zip-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-zlib-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/06/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0", os_ver + " SP" + sp);
if (os_ver == "SLED15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES15", sp:"0", reference:"apache2-mod_php7-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"apache2-mod_php7-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-bcmath-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-bcmath-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-bz2-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-bz2-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-calendar-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-calendar-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-ctype-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-ctype-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-curl-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-curl-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-dba-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-dba-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-debugsource-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-devel-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-dom-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-dom-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-enchant-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-enchant-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-exif-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-exif-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-fastcgi-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-fastcgi-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-fileinfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-fileinfo-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-fpm-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-fpm-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-ftp-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-ftp-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-gd-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-gd-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-gettext-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-gettext-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-gmp-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-gmp-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-iconv-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-iconv-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-intl-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-intl-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-json-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-json-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-ldap-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-ldap-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-mbstring-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-mbstring-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-mysql-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-mysql-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-odbc-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-odbc-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-opcache-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-opcache-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-openssl-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-openssl-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-pcntl-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-pcntl-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-pdo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-pdo-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-pgsql-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-pgsql-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-phar-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-phar-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-posix-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-posix-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-shmop-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-shmop-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-snmp-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-snmp-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-soap-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-soap-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sockets-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sockets-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sodium-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sodium-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sqlite-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sqlite-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sysvmsg-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sysvmsg-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sysvsem-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sysvsem-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sysvshm-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sysvshm-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-tokenizer-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-tokenizer-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-wddx-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-wddx-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-xmlreader-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-xmlreader-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-xmlrpc-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-xmlrpc-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-xmlwriter-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-xmlwriter-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-xsl-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-xsl-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-zip-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-zip-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-zlib-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-zlib-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-debugsource-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-embed-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-embed-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-debugsource-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-embed-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-embed-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-readline-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-readline-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sodium-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-sodium-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-tidy-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"php7-tidy-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-debugsource-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-embed-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-embed-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-debugsource-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-embed-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-embed-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-readline-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-readline-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-sodium-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-sodium-debuginfo-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-tidy-7.2.5-4.32.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"php7-tidy-debuginfo-7.2.5-4.32.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php7");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2019-1501.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(125699);
  script_version("1.2");
  script_cvs_date("Date: 2020/01/13");

  script_cve_id("CVE-2019-11034", "CVE-2019-11035", "CVE-2019-11036");

  script_name(english:"openSUSE Security Update : php7 (openSUSE-2019-1501)");
  script_summary(english:"Check for the openSUSE-2019-1501 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update for php7 fixes the following issues :

Security issues fixed :

  - CVE-2019-11034: Fixed a heap-buffer overflow in
    php_ifd_get32si() (bsc#1132838).

  - CVE-2019-11035: Fixed a heap-buffer overflow in
    exif_iif_add_value() (bsc#1132837).

  - CVE-2019-11036: Fixed buffer over-read in
    exif_process_IFD_TAG function leading to information
    disclosure (bsc#1134322).

This update was imported from the SUSE:SLE-12:Update update project."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1132837"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1132838"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1134322"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected php7 packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php7-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bcmath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bcmath-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bz2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bz2-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-calendar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-calendar-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ctype");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ctype-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-curl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-curl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dba");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dba-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dom");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dom-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-enchant");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-enchant-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-exif");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-exif-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fastcgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fastcgi-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fileinfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fileinfo-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-firebird");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-firebird-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fpm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fpm-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ftp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ftp-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gd-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gettext");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gettext-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gmp-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-iconv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-iconv-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-imap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-imap-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-intl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-intl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-json");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-json-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ldap-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mbstring");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mbstring-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mcrypt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mcrypt-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mysql-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-odbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-odbc-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-opcache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-opcache-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-openssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-openssl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pcntl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pcntl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pdo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pdo-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pear");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pear-Archive_Tar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pgsql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pgsql-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-phar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-phar-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-posix");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-posix-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pspell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pspell-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-readline");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-readline-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-shmop");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-shmop-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-snmp-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-soap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-soap-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sockets");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sockets-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sqlite");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sqlite-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvmsg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvmsg-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvsem");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvsem-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvshm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvshm-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tidy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tidy-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tokenizer");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tokenizer-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-wddx");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-wddx-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlreader");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlreader-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlrpc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlrpc-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlwriter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlwriter-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xsl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xsl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zip-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zlib-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/06/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/04");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE42.3", reference:"apache2-mod_php7-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"apache2-mod_php7-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-bcmath-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-bcmath-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-bz2-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-bz2-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-calendar-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-calendar-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-ctype-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-ctype-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-curl-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-curl-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-dba-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-dba-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-debugsource-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-devel-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-dom-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-dom-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-enchant-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-enchant-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-exif-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-exif-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-fastcgi-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-fastcgi-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-fileinfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-fileinfo-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-firebird-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-firebird-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-fpm-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-fpm-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-ftp-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-ftp-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-gd-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-gd-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-gettext-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-gettext-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-gmp-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-gmp-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-iconv-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-iconv-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-imap-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-imap-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-intl-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-intl-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-json-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-json-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-ldap-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-ldap-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-mbstring-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-mbstring-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-mcrypt-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-mcrypt-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-mysql-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-mysql-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-odbc-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-odbc-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-opcache-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-opcache-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-openssl-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-openssl-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-pcntl-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-pcntl-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-pdo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-pdo-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-pear-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-pear-Archive_Tar-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-pgsql-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-pgsql-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-phar-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-phar-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-posix-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-posix-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-pspell-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-pspell-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-readline-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-readline-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-shmop-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-shmop-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-snmp-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-snmp-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-soap-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-soap-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-sockets-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-sockets-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-sqlite-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-sqlite-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-sysvmsg-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-sysvmsg-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-sysvsem-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-sysvsem-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-sysvshm-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-sysvshm-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-tidy-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-tidy-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-tokenizer-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-tokenizer-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-wddx-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-wddx-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-xmlreader-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-xmlreader-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-xmlrpc-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-xmlrpc-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-xmlwriter-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-xmlwriter-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-xsl-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-xsl-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-zip-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-zip-debuginfo-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-zlib-7.0.7-61.1") ) flag++;
if ( rpm_check(release:"SUSE42.3", reference:"php7-zlib-debuginfo-7.0.7-61.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2-mod_php7 / apache2-mod_php7-debuginfo / php7 / php7-bcmath / etc");
}

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(123755);
  script_version("1.5");
  script_cvs_date("Date: 2019/10/30 13:24:46");

  script_cve_id("CVE-2019-11034", "CVE-2019-11035");
  script_bugtraq_id(107794);

  script_name(english:"PHP 7.3.x < 7.3.4 Multiple vulnerabilities.");
  script_summary(english:"Checks the version of PHP.");

  script_set_attribute(attribute:"synopsis", value:
"An application installed on the remote host is affected by
 multiple vulnerabilities."
);
  script_set_attribute(attribute:"description", value:
"According to its banner, the version of PHP running on the remote web
server is 7.3.x prior to 7.3.4. It is, therefore, affected by
multiple vulnerabilities:

  - A heap-based buffer over-read condition exists in 
    php_ifd_get32s in exif.c.

  - A heap-based buffer overflow condition exists in 
    exif_iif_add_value in exif.c as a result of improperly
    checking input length."
);

  script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-7.php#7.3.4");
  script_set_attribute(attribute:"solution", value:
"Upgrade to PHP version 7.3.4 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-11034");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/04/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/04");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:php:php");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("php_version.nasl");
  script_require_keys("www/PHP");
  script_require_ports("Services/www", 80);

  exit(0);
}

include('audit.inc');
include('global_settings.inc');
include('misc_func.inc');
include('http.inc');
include('webapp_func.inc');

fix = '7.3.4';
minver = '7.3.0alpha1';

regexes = make_array(
  -3, 'alpha(\\d+)',
  -2, 'beta(\\d+)',
  -1, 'RC(\\d+)'
);

port = get_http_port(default:80, php:TRUE);

php = get_php_from_kb(
  port : port,
  exit_on_fail : TRUE
);

ver = php["ver"];
source = php["src"];
backported = get_kb_item('www/php/' + port + '/' + ver + '/backported');

if ((report_paranoia < 2) && backported)
  audit(AUDIT_BACKPORT_SERVICE, port, 'PHP ' + ver + ' install');

vulnerable = ver_compare(minver:minver, ver:ver, fix:fix, regexes:regexes);
if (isnull(vulnerable)) exit(1, 'The version of PHP ' + ver + ' is not within the checked ranges.');
if (vulnerable > -1) audit(AUDIT_LISTEN_NOT_VULN, 'PHP', port, ver);

report =
'\n  Version source    : ' + source +
'\n  Installed version : ' + ver +
'\n  Fixed version     : ' + fix +
'\n';
security_report_v4(port:port, extra:report, severity:SECURITY_WARNING);

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-3953-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(124275);
  script_version("1.3");
  script_cvs_date("Date: 2020/01/23");

  script_cve_id("CVE-2019-11034", "CVE-2019-11035");
  script_xref(name:"USN", value:"3953-1");

  script_name(english:"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : php7.0, php7.2 vulnerabilities (USN-3953-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"It was discovered that PHP incorrectly handled certain exif tags in
JPEG images. A remote attacker could use this issue to cause PHP to
crash, resulting in a denial of service, or possibly execute arbitrary
code.

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/3953-1/"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-cgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-cli");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-fpm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.2-cgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.2-cli");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.2-fpm");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:19.04");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/04/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/24");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(16\.04|18\.04|18\.10|19\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04 / 18.04 / 18.10 / 19.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"16.04", pkgname:"libapache2-mod-php7.0", pkgver:"7.0.33-0ubuntu0.16.04.4")) flag++;
if (ubuntu_check(osver:"16.04", pkgname:"php7.0-cgi", pkgver:"7.0.33-0ubuntu0.16.04.4")) flag++;
if (ubuntu_check(osver:"16.04", pkgname:"php7.0-cli", pkgver:"7.0.33-0ubuntu0.16.04.4")) flag++;
if (ubuntu_check(osver:"16.04", pkgname:"php7.0-fpm", pkgver:"7.0.33-0ubuntu0.16.04.4")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"libapache2-mod-php7.2", pkgver:"7.2.17-0ubuntu0.18.04.1")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"php7.2-cgi", pkgver:"7.2.17-0ubuntu0.18.04.1")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"php7.2-cli", pkgver:"7.2.17-0ubuntu0.18.04.1")) flag++;
if (ubuntu_check(osver:"18.04", pkgname:"php7.2-fpm", pkgver:"7.2.17-0ubuntu0.18.04.1")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"libapache2-mod-php7.2", pkgver:"7.2.17-0ubuntu0.18.10.1")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"php7.2-cgi", pkgver:"7.2.17-0ubuntu0.18.10.1")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"php7.2-cli", pkgver:"7.2.17-0ubuntu0.18.10.1")) flag++;
if (ubuntu_check(osver:"18.10", pkgname:"php7.2-fpm", pkgver:"7.2.17-0ubuntu0.18.10.1")) flag++;
if (ubuntu_check(osver:"19.04", pkgname:"libapache2-mod-php7.2", pkgver:"7.2.17-0ubuntu0.19.04.1")) flag++;
if (ubuntu_check(osver:"19.04", pkgname:"php7.2-cgi", pkgver:"7.2.17-0ubuntu0.19.04.1")) flag++;
if (ubuntu_check(osver:"19.04", pkgname:"php7.2-cli", pkgver:"7.2.17-0ubuntu0.19.04.1")) flag++;
if (ubuntu_check(osver:"19.04", pkgname:"php7.2-fpm", pkgver:"7.2.17-0ubuntu0.19.04.1")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libapache2-mod-php7.0 / libapache2-mod-php7.2 / php7.0-cgi / etc");
}

#
# (C) Tenable Network Security, Inc.
#

# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2020:1624. The text
# itself is copyright (C) Red Hat, Inc.
#


include('compat.inc');

if (description)
{
  script_id(136057);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/20");

  script_cve_id(
    "CVE-2018-20783",
    "CVE-2019-9020",
    "CVE-2019-9021",
    "CVE-2019-9022",
    "CVE-2019-9023",
    "CVE-2019-9024",
    "CVE-2019-9637",
    "CVE-2019-9638",
    "CVE-2019-9639",
    "CVE-2019-9640",
    "CVE-2019-11034",
    "CVE-2019-11035",
    "CVE-2019-11036",
    "CVE-2019-11039",
    "CVE-2019-11040",
    "CVE-2019-11041",
    "CVE-2019-11042"
  );
  script_bugtraq_id(
    107121,
    107154,
    107156,
    107379,
    107794,
    108177,
    108520,
    108525
  );
  script_xref(name:"RHSA", value:"2020:1624");

  script_name(english:"RHEL 8 : php:7.2 (RHSA-2020:1624)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2020:1624 advisory.

  - php: Buffer over-read in PHAR reading functions
    (CVE-2018-20783)

  - php: Heap buffer overflow in function
    exif_process_IFD_TAG() (CVE-2019-11034)

  - php: Heap buffer overflow in function
    exif_iif_add_value() (CVE-2019-11035)

  - php: Buffer over-read in exif_process_IFD_TAG() leading
    to information disclosure (CVE-2019-11036)

  - php: Out-of-bounds read due to integer overflow in
    iconv_mime_decode_headers() (CVE-2019-11039)

  - php: Buffer over-read in exif_read_data()
    (CVE-2019-11040)

  - php: Heap buffer over-read in exif_scan_thumbnail()
    (CVE-2019-11041)

  - php: Heap buffer over-read in
    exif_process_user_comment() (CVE-2019-11042)

  - php: Invalid memory access in function xmlrpc_decode()
    (CVE-2019-9020)

  - php: Heap-based buffer over-read in PHAR reading
    functions (CVE-2019-9021)

  - php: memcpy with negative length via crafted DNS
    response (CVE-2019-9022)

  - php: Heap-based buffer over-read in mbstring regular
    expression functions (CVE-2019-9023)

  - php: Out-of-bounds read in base64_decode_xmlrpc in
    ext/xmlrpc/libxmlrpc/base64.c (CVE-2019-9024)

  - php: File rename across filesystems may allow unwanted
    access during processing (CVE-2019-9637)

  - php: Uninitialized read in exif_process_IFD_in_MAKERNOTE
    (CVE-2019-9638, CVE-2019-9639)

  - php: Invalid read in exif_process_SOFn() (CVE-2019-9640)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/190.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/125.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/125.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/120.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/120.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/119.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/119.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/122.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/125.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/266.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/665.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/665.html");
  script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/125.html");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:1624");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2018-20783");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-11034");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-11035");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-11036");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-11039");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-11040");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-11041");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-11042");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9020");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9021");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9022");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9023");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9024");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9637");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9638");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9639");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9640");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1680545");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1685123");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1685132");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1685398");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1685404");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1685412");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1688897");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1688922");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1688934");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1688939");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1702246");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1702256");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1707299");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1724152");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1724154");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1739459");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1739465");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-9023");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_cwe_id(119, 120, 122, 125, 190, 266, 665);

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/02/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/04/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/28");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:enterprise_linux:8");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:enterprise_linux:8::appstream");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apcu-panel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libzip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libzip-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libzip-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libzip-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-bcmath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-cli");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-dba");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-embedded");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-enchant");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-fpm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-gd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-gmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-intl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-json");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-mbstring");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-mysqlnd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-odbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-opcache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-pdo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-pear");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-pecl-zip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-pecl-zip-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-pgsql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-process");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-recode");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-soap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-xml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include('audit.inc');
include('global_settings.inc');
include('misc_func.inc');
include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item('Host/RedHat/release');
if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);

module_ver = get_kb_item('Host/RedHat/appstream/php');
if (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module php:7.2');
if ('7.2' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module php:' + module_ver);

appstreams = {
    'php:7.2': [
      {'reference':'apcu-panel-5.1.12-2.module+el8.1.0+3202+af5476b9', 'release':'8'},
      {'reference':'libzip-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},
      {'reference':'libzip-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},
      {'reference':'libzip-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},
      {'reference':'libzip-debugsource-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},
      {'reference':'libzip-debugsource-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},
      {'reference':'libzip-debugsource-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},
      {'reference':'libzip-devel-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},
      {'reference':'libzip-devel-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},
      {'reference':'libzip-devel-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},
      {'reference':'libzip-tools-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},
      {'reference':'libzip-tools-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},
      {'reference':'libzip-tools-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-bcmath-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-bcmath-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-bcmath-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-cli-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-cli-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-cli-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-common-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-common-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-common-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-dba-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-dba-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-dba-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-dbg-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-dbg-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-dbg-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-debugsource-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-debugsource-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-debugsource-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-devel-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-devel-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-devel-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-embedded-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-embedded-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-embedded-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-enchant-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-enchant-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-enchant-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-fpm-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-fpm-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-fpm-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-gd-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-gd-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-gd-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-gmp-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-gmp-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-gmp-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-intl-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-intl-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-intl-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-json-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-json-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-json-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-ldap-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-ldap-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-ldap-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-mbstring-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-mbstring-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-mbstring-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-mysqlnd-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-mysqlnd-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-mysqlnd-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-odbc-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-odbc-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-odbc-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-opcache-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-opcache-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-opcache-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-pdo-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-pdo-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-pdo-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-pear-1.10.5-9.module+el8.1.0+3202+af5476b9', 'release':'8', 'epoch':'1'},
      {'reference':'php-pecl-apcu-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-pecl-apcu-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-pecl-apcu-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-pecl-apcu-debugsource-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-pecl-apcu-debugsource-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-pecl-apcu-debugsource-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-pecl-apcu-devel-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-pecl-apcu-devel-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-pecl-apcu-devel-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-pecl-zip-1.15.3-1.module+el8.1.0+3186+20164e6f', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-pecl-zip-1.15.3-1.module+el8.1.0+3186+20164e6f', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-pecl-zip-1.15.3-1.module+el8.1.0+3186+20164e6f', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-pecl-zip-debugsource-1.15.3-1.module+el8.1.0+3186+20164e6f', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-pecl-zip-debugsource-1.15.3-1.module+el8.1.0+3186+20164e6f', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-pecl-zip-debugsource-1.15.3-1.module+el8.1.0+3186+20164e6f', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-pgsql-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-pgsql-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-pgsql-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-process-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-process-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-process-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-recode-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-recode-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-recode-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-snmp-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-snmp-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-snmp-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-soap-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-soap-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-soap-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-xml-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-xml-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-xml-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'},
      {'reference':'php-xmlrpc-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'aarch64', 'release':'8'},
      {'reference':'php-xmlrpc-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'s390x', 'release':'8'},
      {'reference':'php-xmlrpc-7.2.24-1.module+el8.2.0+4601+7c76a223', 'cpu':'x86_64', 'release':'8'}
    ],
};

flag = 0;
appstreams_found = 0;
foreach module (keys(appstreams)) {
  appstream = NULL;
  appstream_name = NULL;
  appstream_version = NULL;
  appstream_split = split(module, sep:':', keep:FALSE);
  if (!empty_or_null(appstream_split)) {
    appstream_name = appstream_split[0];
    appstream_version = appstream_split[1];
    appstream = get_kb_item('Host/RedHat/appstream/' + appstream_name);
  }
  if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {
    appstreams_found++;
    foreach package_array ( appstreams[module] ) {
      reference = NULL;
      release = NULL;
      sp = NULL;
      cpu = NULL;
      el_string = NULL;
      rpm_spec_vers_cmp = NULL;
      epoch = NULL;
      if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
      if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];
      if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
      if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
      if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
      if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
      if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
      if (reference && release) {
        if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
      }
    }
  }
}

if (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module php:7.2');

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apcu-panel / libzip / libzip-debugsource / etc');
}

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(126547);
  script_version("1.2");
  script_cvs_date("Date: 2020/01/08");

  script_cve_id(
    "CVE-2019-11034",
    "CVE-2019-11035"
  );

  script_name(english:"EulerOS Virtualization for ARM 64 3.0.2.0 : php (EulerOS-SA-2019-1705)");
  script_summary(english:"Checks the rpm output for the updated packages.");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization for ARM 64 host is missing multiple security
updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the php packages installed, the EulerOS
Virtualization for ARM 64 installation on the remote host is affected
by the following vulnerabilities :

  - When processing certain files, PHP EXIF extension in
    versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and
    7.3.x below 7.3.4 can be caused to read past allocated
    buffer in exif_iif_add_value function. This may lead to
    information disclosure or crash.(CVE-2019-11035)

  - When processing certain files, PHP EXIF extension in
    versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and
    7.3.x below 7.3.4 can be caused to read past allocated
    buffer in exif_process_IFD_TAG function. This may lead
    to information disclosure or crash.(CVE-2019-11034)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1705
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3218da6e");
  script_set_attribute(attribute:"solution", value:
"Update the affected php packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"patch_publication_date", value:"2019/07/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/09");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-cli");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-common");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "3.0.2.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.2.0");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);

flag = 0;

pkgs = ["php-5.4.16-45.h10",
        "php-cli-5.4.16-45.h10",
        "php-common-5.4.16-45.h10"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php");
}