Vulnerabilities > CVE-2019-11043 - Out-of-bounds Write vulnerability in multiple products

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

Vulnerable Configurations

Part	Description	Count
Application	Php PHP PHP 7.1.0 PHP PHP 7.1.1 PHP PHP 7.1.2 PHP PHP 7.1.3 PHP PHP 7.1.4 PHP PHP 7.1.5 PHP PHP 7.1.6 PHP PHP 7.1.7 PHP PHP 7.1.8 PHP PHP 7.1.9 PHP PHP 7.1.10 PHP PHP 7.1.11 PHP PHP 7.1.12 PHP PHP 7.1.13 PHP PHP 7.1.14 PHP PHP 7.1.15 PHP PHP 7.1.16 PHP PHP 7.1.17 PHP PHP 7.1.18 PHP PHP 7.1.19 PHP PHP 7.1.20 PHP PHP 7.1.21 PHP PHP 7.1.22 PHP PHP 7.1.23 PHP PHP 7.1.24 PHP PHP 7.1.25 PHP PHP 7.1.26 PHP PHP 7.1.27 PHP PHP 7.1.28 PHP PHP 7.1.29 PHP PHP 7.1.30 PHP PHP 7.1.31 PHP PHP 7.1.32 PHP PHP 7.2.0 PHP PHP 7.2.1 PHP PHP 7.2.2 PHP PHP 7.2.3 PHP PHP 7.2.4 PHP PHP 7.2.5 PHP PHP 7.2.6 PHP PHP 7.2.7 PHP PHP 7.2.8 PHP PHP 7.2.9 PHP PHP 7.2.10 PHP PHP 7.2.11 PHP PHP 7.2.12 PHP PHP 7.2.13 PHP PHP 7.2.14 PHP PHP 7.2.15 PHP PHP 7.2.16 PHP PHP 7.2.17 PHP PHP 7.2.18 PHP PHP 7.2.19 PHP PHP 7.2.20 PHP PHP 7.2.21 PHP PHP 7.2.22 PHP PHP 7.2.23 PHP PHP 7.3.0 PHP PHP 7.3.1 PHP PHP 7.3.2 PHP PHP 7.3.3 PHP PHP 7.3.4 PHP PHP 7.3.5 PHP PHP 7.3.6 PHP PHP 7.3.7 PHP PHP 7.3.8 PHP PHP 7.3.9 PHP PHP 7.3.10	191
Application	Tenable Tenable Tenable.Sc - Tenable Tenable.Sc 5.13.0 Tenable Tenable.Sc 5.14.0 Tenable Tenable.Sc 5.14.1 Tenable Tenable.Sc 5.16.0 Tenable Tenable.Sc 5.17.0 Tenable Tenable.Sc 5.18.0 Tenable Tenable.Sc 5.19.0	8
Application	Redhat Redhat Software Collections 1.0	1
OS	Canonical Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 12.04 Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 19.04 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 19.10	6
OS	Debian Debian Debian Linux 9.0 Debian Debian Linux 10.0	2
OS	Fedoraproject Fedoraproject Fedora 29 Fedoraproject Fedora 30 Fedoraproject Fedora 31	3
OS	Redhat Redhat Enterprise Linux Desktop 7.0 Redhat Enterprise Linux Desktop 6.0 Redhat Enterprise Linux Workstation 7.0 Redhat Enterprise Linux Workstation 6.0 Redhat Enterprise Linux FOR Scientific Computing 7.0 Redhat Enterprise Linux Server 7.0 Redhat Enterprise Linux Server 6.0 Redhat Enterprise Linux 8.0 Redhat Enterprise Linux Server AUS 7.7 Redhat Enterprise Linux Server AUS 8.2 Redhat Enterprise Linux Server AUS 8.4 Redhat Enterprise Linux Server AUS 8.6 Redhat Enterprise Linux Server TUS 7.7 Redhat Enterprise Linux Server TUS 8.2 Redhat Enterprise Linux Server TUS 8.4 Redhat Enterprise Linux Server TUS 8.6 Redhat Enterprise Linux Server TUS 8.8 Redhat Enterprise Linux EUS 7.7 Redhat Enterprise Linux EUS 8.1 Redhat Enterprise Linux EUS 8.2 Redhat Enterprise Linux EUS 8.4 Redhat Enterprise Linux EUS 8.6 Redhat Enterprise Linux EUS 8.8 Redhat Enterprise Linux FOR Power BIG Endian EUS 7.7_Ppc64 Redhat Enterprise Linux FOR Power Little Endian 8.0_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian 7.0_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian EUS 8.8_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian EUS 8.6_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian EUS 8.4_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian EUS 7.7_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian EUS 8.2_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian EUS 8.1_Ppc64Le Redhat Enterprise Linux FOR IBM Z Systems EUS 8.8_S390X Redhat Enterprise Linux FOR IBM Z Systems EUS 8.6_S390X Redhat Enterprise Linux FOR IBM Z Systems EUS 7.7_S390X Redhat Enterprise Linux FOR IBM Z Systems EUS 8.4_S390X Redhat Enterprise Linux FOR IBM Z Systems EUS 8.2_S390X Redhat Enterprise Linux FOR IBM Z Systems EUS 8.1_S390X Redhat Enterprise Linux FOR IBM Z Systems 8.0_S390X Redhat Enterprise Linux FOR IBM Z Systems 7.0_S390X Redhat Enterprise Linux FOR IBM Z Systems 6.0_S390X Redhat Enterprise Linux FOR ARM 64 EUS 8.6_Aarch64 Redhat Enterprise Linux FOR ARM 64 EUS 8.8_Aarch64 Redhat Enterprise Linux FOR ARM 64 EUS 8.4_Aarch64 Redhat Enterprise Linux FOR ARM 64 EUS 8.2_Aarch64 Redhat Enterprise Linux FOR ARM 64 EUS 8.1_Aarch64 Redhat Enterprise Linux FOR ARM 64 8.0_Aarch64 Redhat Enterprise Linux FOR Power BIG Endian 7.0_Ppc64 Redhat Enterprise Linux FOR Power BIG Endian 6.0_Ppc64 Redhat Enterprise Linux EUS Compute Node 7.7	50

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Exploit-Db

id EDB-ID:47553
last seen 2019-10-30
modified 2019-10-28
published 2019-10-28
reporter Exploit-DB
source https://www.exploit-db.com/download/47553
title PHP-FPM + Nginx - Remote Code Execution
id EDB-ID:48182
last seen 2020-03-09
modified 2020-03-09
published 2020-03-09
reporter Exploit-DB
source https://www.exploit-db.com/download/48182
title PHP-FPM - Underflow Remote Code Execution (Metasploit)

Metasploit

description	This module exploits an underflow vulnerability in versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 of PHP-FPM on Nginx. Only servers with certains Nginx + PHP-FPM configurations are exploitable. This is a port of the original neex's exploit code (see refs.). First, it detects the correct parameters (Query String Length and custom header length) needed to trigger code execution. This step determines if the target is actually vulnerable (Check method). Then, the exploit sets a series of PHP INI directives to create a file locally on the target, which enables code execution through a query string parameter. This is used to execute normal payload stagers. Finally, this module does some cleanup by killing local PHP-FPM workers (those are spawned automatically once killed) and removing the created local file.
id	MSF:EXPLOIT/MULTI/HTTP/PHP_FPM_RCE
last seen	2020-06-12
modified	2020-03-06
published	2020-01-20
references	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11043 https://github.com/neex/phuip-fpizdam https://bugs.php.net/bug.php?id=78599 https://blog.orange.tw/2019/10/an-analysis-and-thought-about-recently.html
reporter	Rapid7
source	https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/http/php_fpm_rce.rb
title	PHP-FPM Underflow RCE

Nessus

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-2546.NASL
description	According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.(CVE-2011-4718) - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.(CVE-2019-11043) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-08
modified	2019-12-09
plugin id	131820
published	2019-12-09
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131820
title	EulerOS 2.0 SP5 : php (EulerOS-SA-2019-2546)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(131820); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/07"); script_cve_id( "CVE-2011-4718", "CVE-2019-11043" ); script_bugtraq_id( 61929 ); script_name(english:"EulerOS 2.0 SP5 : php (EulerOS-SA-2019-2546)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.(CVE-2011-4718) - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.(CVE-2019-11043) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2546 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?02bff10d"); script_set_attribute(attribute:"solution", value: "Update the affected php packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'PHP-FPM Underflow RCE'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"patch_publication_date", value:"2019/12/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/09"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-process"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-recode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:php-xmlrpc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp"); script_exclude_keys("Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) \|\| release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); if (release !~ "^EulerOS release 2\.0(\D\|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0"); sp = get_kb_item("Host/EulerOS/sp"); if (isnull(sp) \|\| sp !~ "^(5)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5", "EulerOS UVP " + uvp); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu); flag = 0; pkgs = ["php-5.4.16-45.h21.eulerosv2r7", "php-cli-5.4.16-45.h21.eulerosv2r7", "php-common-5.4.16-45.h21.eulerosv2r7", "php-gd-5.4.16-45.h21.eulerosv2r7", "php-ldap-5.4.16-45.h21.eulerosv2r7", "php-mysql-5.4.16-45.h21.eulerosv2r7", "php-odbc-5.4.16-45.h21.eulerosv2r7", "php-pdo-5.4.16-45.h21.eulerosv2r7", "php-pgsql-5.4.16-45.h21.eulerosv2r7", "php-process-5.4.16-45.h21.eulerosv2r7", "php-recode-5.4.16-45.h21.eulerosv2r7", "php-soap-5.4.16-45.h21.eulerosv2r7", "php-xml-5.4.16-45.h21.eulerosv2r7", "php-xmlrpc-5.4.16-45.h21.eulerosv2r7"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", sp:"5", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php"); }

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-2457.NASL
description	This update for php7 fixes the following issues : Security issue fixed : - CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999). This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-03-18
modified	2019-11-12
plugin id	130888
published	2019-11-12
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130888
title	openSUSE Security Update : php7 (openSUSE-2019-2457)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-2457. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(130888); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/09"); script_cve_id("CVE-2019-11043"); script_name(english:"openSUSE Security Update : php7 (openSUSE-2019-2457)"); script_summary(english:"Check for the openSUSE-2019-2457 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for php7 fixes the following issues : Security issue fixed : - CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999). This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1154999" ); script_set_attribute(attribute:"solution", value:"Update the affected php7 packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'PHP-FPM Underflow RCE'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php7-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bcmath-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bz2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bz2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-calendar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-calendar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ctype"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ctype-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dba-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dom"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dom-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-embed"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-embed-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-enchant-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-exif"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-exif-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fastcgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fastcgi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fileinfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fileinfo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-firebird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-firebird-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fpm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ftp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ftp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gettext"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gettext-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-iconv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-iconv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-intl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-json-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ldap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mbstring-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mysql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-odbc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-opcache-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-openssl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pcntl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pcntl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pdo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pear"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pear-Archive_Tar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pgsql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-phar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-phar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-posix"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-posix-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-readline"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-readline-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-shmop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-shmop-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-snmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-soap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sockets"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sockets-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sodium"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sodium-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sqlite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sqlite-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvmsg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvmsg-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvsem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvsem-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvshm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvshm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-test"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tidy-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tokenizer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tokenizer-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-wddx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-wddx-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlreader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlreader-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlrpc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlwriter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlwriter-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xsl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xsl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zip-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zlib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zlib-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/10/28"); script_set_attribute(attribute:"patch_publication_date", value:"2019/11/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"apache2-mod_php7-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"apache2-mod_php7-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-bcmath-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-bcmath-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-bz2-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-bz2-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-calendar-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-calendar-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-ctype-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-ctype-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-curl-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-curl-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-dba-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-dba-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-debugsource-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-devel-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-dom-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-dom-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-embed-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-embed-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-enchant-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-enchant-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-exif-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-exif-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-fastcgi-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-fastcgi-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-fileinfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-fileinfo-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-firebird-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-firebird-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-fpm-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-fpm-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-ftp-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-ftp-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-gd-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-gd-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-gettext-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-gettext-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-gmp-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-gmp-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-iconv-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-iconv-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-intl-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-intl-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-json-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-json-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-ldap-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-ldap-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-mbstring-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-mbstring-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-mysql-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-mysql-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-odbc-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-odbc-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-opcache-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-opcache-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-openssl-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-openssl-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-pcntl-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-pcntl-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-pdo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-pdo-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-pear-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-pear-Archive_Tar-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-pgsql-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-pgsql-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-phar-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-phar-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-posix-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-posix-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-readline-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-readline-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-shmop-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-shmop-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-snmp-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-snmp-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-soap-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-soap-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-sockets-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-sockets-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-sodium-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-sodium-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-sqlite-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-sqlite-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-sysvmsg-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-sysvmsg-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-sysvsem-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-sysvsem-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-sysvshm-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-sysvshm-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-test-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-tidy-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-tidy-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-tokenizer-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-tokenizer-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-wddx-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-wddx-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-xmlreader-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-xmlreader-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-xmlrpc-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-xmlrpc-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-xmlwriter-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-xmlwriter-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-xsl-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-xsl-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-zip-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-zip-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-zlib-7.2.5-lp150.2.29.2") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"php7-zlib-debuginfo-7.2.5-lp150.2.29.2") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2-mod_php7 / apache2-mod_php7-debuginfo / php7 / php7-bcmath / etc"); }

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2019-3736.NASL
description	From Red Hat Security Advisory 2019:3736 : An update for the php:7.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-03-18
modified	2019-11-25
plugin id	131271
published	2019-11-25
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131271
title	Oracle Linux 8 : php:7.3 (ELSA-2019-3736)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2019:3736 and # Oracle Linux Security Advisory ELSA-2019-3736 respectively. # include("compat.inc"); if (description) { script_id(131271); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/09"); script_cve_id("CVE-2019-11043"); script_xref(name:"RHSA", value:"2019:3736"); script_name(english:"Oracle Linux 8 : php:7.3 (ELSA-2019-3736)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2019:3736 : An update for the php:7.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2019-November/009384.html" ); script_set_attribute( attribute:"solution", value:"Update the affected php:7.3 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'PHP-FPM Underflow RCE'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:apcu-panel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libzip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libzip-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libzip-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-embedded"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-mysqlnd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-pear"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-pecl-apcu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-pecl-apcu-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-pecl-zip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-process"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-recode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-xmlrpc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:8"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/10/28"); script_set_attribute(attribute:"patch_publication_date", value:"2019/11/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/25"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| !pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^8([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 8", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu); flag = 0; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"apcu-panel-5.1.17-1.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"libzip-1.5.2-1.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"libzip-devel-1.5.2-1.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"libzip-tools-1.5.2-1.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-bcmath-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-cli-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-common-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-dba-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-dbg-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-devel-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-embedded-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-enchant-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-fpm-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-gd-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-gmp-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-intl-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-json-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-ldap-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-mbstring-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-mysqlnd-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-odbc-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-opcache-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-pdo-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-pear-1.10.9-1.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-pecl-apcu-5.1.17-1.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-pecl-apcu-devel-5.1.17-1.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-pecl-zip-1.15.4-1.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-pgsql-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-process-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-recode-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-snmp-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-soap-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-xml-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (rpm_check(release:"EL8", cpu:"x86_64", reference:"php-xmlrpc-7.3.5-5.module+el8.1.0+5441+020cccf5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apcu-panel / libzip / libzip-devel / libzip-tools / php / etc"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2020-0522-1.NASL
description	This update for php5 fixes the following issues : Security issues fixed : CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail() (bsc#1146360). CVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment() (bsc#1145095). CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999). CVE-2019-11045: Fixed an issue with the PHP DirectoryIterator class that accepts filenames with embedded \0 bytes (bsc#1159923). CVE-2019-11046: Fixed an out-of-bounds read in bc_shift_addsub (bsc#1159924). CVE-2019-11047: Fixed an information disclosure in exif_read_data (bsc#1159922). CVE-2019-11050: Fixed a buffer over-read in the EXIF extension (bsc#1159927). CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex (bsc#1162629). CVE-2020-7060: Fixed a global buffer-overflow in mbfl_filt_conv_big5_wchar (bsc#1162632). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-18
modified	2020-03-02
plugin id	134199
published	2020-03-02
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134199
title	SUSE SLES12 Security Update : php5 (SUSE-SU-2020:0522-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2020:0522-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(134199); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/09"); script_cve_id("CVE-2019-11041", "CVE-2019-11042", "CVE-2019-11043", "CVE-2019-11045", "CVE-2019-11046", "CVE-2019-11047", "CVE-2019-11050", "CVE-2020-7059", "CVE-2020-7060"); script_name(english:"SUSE SLES12 Security Update : php5 (SUSE-SU-2020:0522-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for php5 fixes the following issues : Security issues fixed : CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail() (bsc#1146360). CVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment() (bsc#1145095). CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999). CVE-2019-11045: Fixed an issue with the PHP DirectoryIterator class that accepts filenames with embedded \0 bytes (bsc#1159923). CVE-2019-11046: Fixed an out-of-bounds read in bc_shift_addsub (bsc#1159924). CVE-2019-11047: Fixed an information disclosure in exif_read_data (bsc#1159922). CVE-2019-11050: Fixed a buffer over-read in the EXIF extension (bsc#1159927). CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex (bsc#1162629). CVE-2020-7060: Fixed a global buffer-overflow in mbfl_filt_conv_big5_wchar (bsc#1162632). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1145095" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1146360" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1154999" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159922" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159923" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159924" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159927" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161982" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162629" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162632" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11041/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11042/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11043/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11045/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11046/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11047/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11050/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-7059/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-7060/" ); # https://www.suse.com/support/update/announcement/2020/suse-su-20200522-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?7e9a53cf" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t patch SUSE-SLE-SDK-12-SP4-2020-522=1 SUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2020-522=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'PHP-FPM Underflow RCE'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bz2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-calendar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ctype"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dba-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dom"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dom-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-exif"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-exif-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fastcgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fileinfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ftp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gettext"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-iconv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-imap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-intl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-json-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-opcache-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pcntl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-phar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-phar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-posix"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-posix-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-shmop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-soap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sockets"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sqlite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-suhosin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvmsg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvsem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvshm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-tokenizer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-wddx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlreader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlwriter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xsl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zip-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zlib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/09"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release !~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S\|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php5-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php5-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bcmath-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bcmath-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bz2-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bz2-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-calendar-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-calendar-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ctype-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ctype-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-curl-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-curl-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dba-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dba-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-debugsource-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dom-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dom-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-enchant-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-enchant-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-exif-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-exif-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fastcgi-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fastcgi-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fileinfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fileinfo-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fpm-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fpm-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ftp-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ftp-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gd-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gd-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gettext-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gettext-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gmp-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gmp-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-iconv-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-iconv-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-imap-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-imap-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-intl-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-intl-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-json-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-json-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ldap-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ldap-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mbstring-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mbstring-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mcrypt-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mcrypt-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mysql-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mysql-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-odbc-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-odbc-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-opcache-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-opcache-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-openssl-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-openssl-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pcntl-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pcntl-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pdo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pdo-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pgsql-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pgsql-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-phar-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-phar-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-posix-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-posix-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pspell-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pspell-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-shmop-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-shmop-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-snmp-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-snmp-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-soap-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-soap-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sockets-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sockets-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sqlite-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sqlite-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-suhosin-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-suhosin-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvmsg-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvmsg-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvsem-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvsem-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvshm-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvshm-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-tokenizer-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-tokenizer-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-wddx-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-wddx-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlreader-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlreader-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlrpc-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlrpc-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlwriter-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlwriter-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xsl-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xsl-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zip-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zip-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zlib-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zlib-debuginfo-5.5.14-109.68.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php5"); }

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2019-3287.NASL
description	From Red Hat Security Advisory 2019:3287 : An update for php is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-03-18
modified	2019-11-04
plugin id	130497
published	2019-11-04
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130497
title	Oracle Linux 6 : php (ELSA-2019-3287)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2019:3287 and # Oracle Linux Security Advisory ELSA-2019-3287 respectively. # include("compat.inc"); if (description) { script_id(130497); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/09"); script_cve_id("CVE-2019-11043"); script_xref(name:"RHSA", value:"2019:3287"); script_name(english:"Oracle Linux 6 : php (ELSA-2019-3287)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2019:3287 : An update for php is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2019-November/009315.html" ); script_set_attribute(attribute:"solution", value:"Update the affected php packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'PHP-FPM Underflow RCE'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-embedded"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-process"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-recode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:php-zts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/10/28"); script_set_attribute(attribute:"patch_publication_date", value:"2019/11/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/04"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| !pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL6", reference:"php-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-bcmath-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-cli-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-common-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-dba-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-devel-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-embedded-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-enchant-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-fpm-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-gd-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-imap-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-intl-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-ldap-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-mbstring-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-mysql-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-odbc-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-pdo-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-pgsql-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-process-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-pspell-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-recode-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-snmp-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-soap-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-tidy-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-xml-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-xmlrpc-5.3.3-50.el6_10")) flag++; if (rpm_check(release:"EL6", reference:"php-zts-5.3.3-50.el6_10")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc"); }

NASL family	Amazon Linux Local Security Checks
NASL id	ALA_ALAS-2019-1315.NASL
description	In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.(CVE-2019-11043)
last seen	2020-03-17
modified	2019-11-04
plugin id	130471
published	2019-11-04
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130471
title	Amazon Linux AMI : php71 / php72,php73,php56 (ALAS-2019-1315)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Amazon Linux AMI Security Advisory ALAS-2019-1315. # include("compat.inc"); if (description) { script_id(130471); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/09"); script_cve_id("CVE-2019-11043"); script_xref(name:"ALAS", value:"2019-1315"); script_name(english:"Amazon Linux AMI : php71 / php72,php73,php56 (ALAS-2019-1315)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Amazon Linux AMI host is missing a security update." ); script_set_attribute( attribute:"description", value: "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.(CVE-2019-11043)" ); script_set_attribute( attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2019-1315.html" ); script_set_attribute( attribute:"solution", value: "Run 'yum update php71' to update your system. Run 'yum update php72' to update your system. Run 'yum update php73' to update your system. Run 'yum update php56' to update your system." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'PHP-FPM Underflow RCE'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-embedded"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-mcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-mssql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-mysqlnd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-process"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-recode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php56-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-embedded"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-mcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-mysqlnd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-pdo-dblib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-process"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-recode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php71-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-embedded"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-mysqlnd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-pdo-dblib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-process"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-recode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-embedded"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-mysqlnd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pdo-dblib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-process"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-recode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-xmlrpc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/10/28"); script_set_attribute(attribute:"patch_publication_date", value:"2019/11/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/04"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Amazon Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/AmazonLinux/release"); if (isnull(release) \|\| !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux"); os_ver = pregmatch(pattern: "^AL(A\|\d)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux"); os_ver = os_ver[1]; if (os_ver != "A") { if (os_ver == 'A') os_ver = 'AMI'; audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver); } if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (rpm_check(release:"ALA", reference:"php56-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-bcmath-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-cli-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-common-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-dba-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-dbg-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-debuginfo-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-devel-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-embedded-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-enchant-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-fpm-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-gd-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-gmp-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-imap-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-intl-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-ldap-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-mbstring-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-mcrypt-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-mssql-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-mysqlnd-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-odbc-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-opcache-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-pdo-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-pgsql-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-process-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-pspell-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-recode-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-snmp-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-soap-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-tidy-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-xml-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php56-xmlrpc-5.6.40-1.143.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-bcmath-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-cli-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-common-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-dba-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-dbg-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-debuginfo-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-devel-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-embedded-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-enchant-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-fpm-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-gd-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-gmp-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-imap-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-intl-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-json-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-ldap-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-mbstring-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-mcrypt-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-mysqlnd-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-odbc-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-opcache-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-pdo-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-pdo-dblib-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-pgsql-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-process-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-pspell-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-recode-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-snmp-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-soap-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-tidy-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-xml-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php71-xmlrpc-7.1.33-1.43.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-bcmath-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-cli-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-common-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-dba-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-dbg-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-debuginfo-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-devel-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-embedded-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-enchant-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-fpm-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-gd-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-gmp-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-imap-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-intl-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-json-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-ldap-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-mbstring-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-mysqlnd-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-odbc-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-opcache-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-pdo-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-pdo-dblib-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-pgsql-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-process-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-pspell-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-recode-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-snmp-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-soap-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-tidy-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-xml-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-xmlrpc-7.2.24-1.18.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-bcmath-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-cli-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-common-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-dba-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-dbg-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-debuginfo-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-devel-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-embedded-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-enchant-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-fpm-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-gd-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-gmp-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-imap-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-intl-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-json-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-ldap-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-mbstring-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-mysqlnd-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-odbc-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-opcache-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-pdo-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-pdo-dblib-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-pgsql-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-process-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-pspell-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-recode-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-snmp-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-soap-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-tidy-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-xml-7.3.11-1.21.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-xmlrpc-7.3.11-1.21.amzn1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php56 / php56-bcmath / php56-cli / php56-common / php56-dba / etc"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2019-187AE3128D.NASL
description	PHP version 7.2.24 (24 Oct 2019) Core: - Fixed bug php#78535 (auto_detect_line_endings value not parsed as bool). (bugreportuser) - Fixed bug php#78620 (Out of memory error). (cmb, Nikita) Exif: - Fixed bug php#78442 (
last seen	2020-03-17
modified	2019-11-04
plugin id	130476
published	2019-11-04
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130476
title	Fedora 29 : php (2019-187ae3128d)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2019-187ae3128d. # include("compat.inc"); if (description) { script_id(130476); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/09"); script_cve_id("CVE-2019-11043"); script_xref(name:"FEDORA", value:"2019-187ae3128d"); script_name(english:"Fedora 29 : php (2019-187ae3128d)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "PHP version 7.2.24 (24 Oct 2019) Core: - Fixed bug php#78535 (auto_detect_line_endings value not parsed as bool). (bugreportuser) - Fixed bug php#78620 (Out of memory error). (cmb, Nikita) Exif: - Fixed bug php#78442 ('Illegal component' on exif_read_data since PHP7) (Kalle) FPM: - Fixed bug php#78599 (env_path_info underflow in fpm_main.c can lead to RCE). (CVE-2019-11043) (Jakub Zelenka) MBString: - Fixed bug php#78579 (mb_decode_numericentity: args number inconsistency). (cmb) - Fixed bug php#78609 (mb_check_encoding() no longer supports stringable objects). (cmb) MySQLi: - Fixed bug php#76809 (SSL settings aren't respected when persistent connections are used). (fabiomsouto) PDO_MySQL: - Fixed bug php#78623 (Regression caused by 'SP call yields additional empty result set'). (cmb) Session: - Fixed bug php#78624 (session_gc return value for user defined session handlers). (bshaffer) Standard: - Fixed bug php#76342 (file_get_contents waits twice specified timeout). (Thomas Calvet) - Fixed bug php#78612 (strtr leaks memory when integer keys are used and the subject string shorter). (Nikita) - Fixed bug php#76859 (stream_get_line skips data if used with data-generating filter). (kkopachev) Zip: - Fixed bug php#78641 (addGlob can modify given remove_path value). (cmb) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-187ae3128d" ); script_set_attribute(attribute:"solution", value:"Update the affected php package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'PHP-FPM Underflow RCE'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:php"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:29"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/10/28"); script_set_attribute(attribute:"patch_publication_date", value:"2019/11/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/04"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^29([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 29", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC29", reference:"php-7.2.24-1.fc29")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php"); }

NASL family	MacOS X Local Security Checks
NASL id	MACOS_HT210919.NASL
description	The remote host is running a version of macOS / Mac OS X that is 10.15.x prior to 10.15.3, 10.13.x prior to 10.13.6, 10.14.x prior to 10.14.6. It is, therefore, affected by multiple vulnerabilities: - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. (CVE-2019-11043) - An arbitrary code exution vulnerability exists due to a misconfiguration. An authenticated, local attacker can exploit this to execute arbitrary code on the remote host. (CVE-2019-18634) - An arbitrary code exution vulnerability exists due to the ability to process a maliciously crafted image. An unauthenticated, remote attacker can exploit this to execute arbitrary code on the remote host. (CVE-2020-3826 CVE-2020-3827 CVE-2020-3870 CVE-2020-3878) - A privilege escalation vulnerability exists in due to an out-of-bounds read issue. An unauthenticated, remote attacker can exploit this, to gain elevated access to the system. (CVE-2020-3829) - An arbitrary file write vulnerability exists in the handling of symlinks. A malicious program crafted by an attacker can exploit this to overwrite arbitrary files on the remote host. (CVE-2020-3830 CVE-2020-3835 CVE-2020-3855) - An information disclosure vulnerability exists in the access control handling of applications. A malicious application crafted by attacker can exploit this to disclose the kernel memory layout. (CVE-2020-3836) - An arbitrary code exution vulnerability exists due to a memory corruption issue. A malicious application crafted by a remote attacker may be able to execute arbitrary code with kernel privileges on the remote host. (CVE-2020-3837 CVE-2020-3842 CVE-2020-3871) - An arbitrary code exution vulnerability exists due to a permissions logic flaw. A malicious application crafted by a remote attacker may be able to execute arbitrary code with system privileges on the remote host. (CVE-2019-18634 CVE-2020-3854 CVE-2020-3845 CVE-2020-3853 CVE-2020-3857) - An information disclosure vulnerability exists in the input sanitization logic. A malicious application crafted by attacker can exploit this to read restricted memory. (CVE-2020-3839 CVE-2020-3847) - An arbitrary code exution vulnerability exists due to the loading of a maliciously crafted racoon configuration file. An authenticated, local attacker can exploit this to execute arbitrary code on the remote host. (CVE-2020-3840) - A denial of service (DoS) vulnerability exists due to a memory corruption issue. An unauthenticated, remote attacker can exploit this issue, via malicious input, to cause the system to crash, stop responding, or corrupt the kernel memory. (CVE-2020-3843) - An arbitrary code exution vulnerability exists due to either a buffer overflow or out-of-bounds read issue. An authenticated, local attacker can exploit this to execute arbitrary code on the remote host or cause an unexpected application to terminate. (CVE-2020-3846 CVE-2020-3848 CVE-2020-3849 CVE-2020-3850 CVE-2020-3877) - A memory corruption vulnerability exists due to a malicious crafted string. An unauthenticated, remote attacker can exploit this issue, via malicious input, to cause the corruption of the heap memory. (CVE-2020-3856) - An security bypass vulnerability exists in the handling of files from an attacker controlled NFS mount. A remote attacker with local access could search for and open a file from an attacker controlled NFS mount and bypass Gatekeeper Security features. (CVE-2020-3866) - An information disclosure vulnerability exists where an application can read restricted memory. A local, authorized attacker can exploit this to read restricted memory. (CVE-2020-3872 CVE-2020-3875) Note that Nessus has not tested for this issue but has instead relied only on the operating system
last seen	2020-06-12
modified	2020-02-07
plugin id	133531
published	2020-02-07
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/133531
title	macOS 10.15.x < 10.15.3 / 10.14.x < 10.14.6 / 10.13.x < 10.13.6

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20191031_PHP_ON_SL6_X.NASL
description	Security Fix(es) : - php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)
last seen	2020-03-18
modified	2019-11-04
plugin id	130499
published	2019-11-04
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130499
title	Scientific Linux Security Update : php on SL6.x i386/x86_64 (20191031)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-2819-1.NASL
description	This update for php7 fixes the following issues : Security issue fixed : CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-18
modified	2019-10-31
plugin id	130421
published	2019-10-31
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130421
title	SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2019:2819-1)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2020-0329.NASL
description	An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es) : * golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling (CVE-2019-16276) * golang: invalid public key causes panic in dsa.Verify (CVE-2019-17596) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-05-21
modified	2020-02-05
plugin id	133478
published	2020-02-05
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/133478
title	RHEL 8 : go-toolset:rhel8 (RHSA-2020:0329)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-2809-1.NASL
description	This update for php7 fixes the following issues : Security issue fixed : CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-18
modified	2019-10-30
plugin id	130390
published	2019-10-30
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130390
title	SUSE SLES12 Security Update : php7 (SUSE-SU-2019:2809-1)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2019-3286.NASL
description	From Red Hat Security Advisory 2019:3286 : An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-03-18
modified	2019-11-01
plugin id	130442
published	2019-11-01
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130442
title	Oracle Linux 7 : php (ELSA-2019-3286)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-4552.NASL
description	Emil Lerner and Andrew Danau discovered that insufficient validation in the path handling code of PHP FPM could result in the execution of arbitrary code in some setups.
last seen	2020-03-17
modified	2019-10-29
plugin id	130349
published	2019-10-29
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130349
title	Debian DSA-4552-1 : php7.0 - security update

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-2649.NASL
description	According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTED Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says
last seen	2020-05-08
modified	2019-12-18
plugin id	132184
published	2019-12-18
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/132184
title	EulerOS 2.0 SP3 : php (EulerOS-SA-2019-2649)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2019-7BB07C3B02.NASL
description	PHP version 7.3.11 (24 Oct 2019) Core: - Fixed bug php#78535 (auto_detect_line_endings value not parsed as bool). (bugreportuser) - Fixed bug php#78620 (Out of memory error). (cmb, Nikita) Exif : - Fixed bug php#78442 (
last seen	2020-03-17
modified	2019-11-04
plugin id	130482
published	2019-11-04
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130482
title	Fedora 30 : php (2019-7bb07c3b02)

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201910-01.NASL
description	The remote host is affected by the vulnerability described in GLSA-201910-01 (PHP: Arbitrary code execution) A underflow in env_path_info in PHP-FPM under certain configurations can be exploited to gain remote code execution. Impact : A remote attacker, by sending special crafted HTTP requests, could possibly execute arbitrary code with the privileges of the process, or cause a Denial of Service condition. Workaround : If patching is not feasible, the suggested workaround is to include checks to verify whether or not a file exists before passing to PHP.
last seen	2020-03-18
modified	2019-10-28
plugin id	130329
published	2019-10-28
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130329
title	GLSA-201910-01 : PHP: Arbitrary code execution

NASL family	NewStart CGSL Local Security Checks
NASL id	NEWSTART_CGSL_NS-SA-2020-0018_PHP.NASL
description	The remote NewStart CGSL host, running version MAIN 4.05, has php packages installed that are affected by a vulnerability: - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. (CVE-2019-11043) Note that Nessus has not tested for this issue but has instead relied only on the application
last seen	2020-03-18
modified	2020-03-08
plugin id	134323
published	2020-03-08
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134323
title	NewStart CGSL MAIN 4.05 : php Vulnerability (NS-SA-2020-0018)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-3736.NASL
description	An update for the php:7.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-05-23
modified	2019-11-08
plugin id	130739
published	2019-11-08
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130739
title	RHEL 8 : php:7.3 (RHSA-2019:3736)

NASL family	Virtuozzo Local Security Checks
NASL id	VIRTUOZZO_VZLSA-2019-3286.NASL
description	An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2019-11-08
plugin id	130758
published	2019-11-08
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130758
title	Virtuozzo 7 : php / php-bcmath / php-cli / php-common / php-dba / etc (VZLSA-2019-3286)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20191031_PHP_ON_SL7_X.NASL
description	Security Fix(es) : - php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)
last seen	2020-03-18
modified	2019-11-01
plugin id	130447
published	2019-11-01
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130447
title	Scientific Linux Security Update : php on SL7.x x86_64 (20191031)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2019-3287.NASL
description	An update for php is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-03-17
modified	2019-11-04
plugin id	130474
published	2019-11-04
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130474
title	CentOS 6 : php (CESA-2019:3287)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-2441.NASL
description	This update for php7 fixes the following issues : Security issue fixed : - CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999). This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-03-18
modified	2019-11-06
plugin id	130580
published	2019-11-06
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130580
title	openSUSE Security Update : php7 (openSUSE-2019-2441)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-4553.NASL
description	Emil Lerner and Andrew Danau discovered that insufficient validation in the path handling code of PHP FPM could result in the execution of arbitrary code in some setups.
last seen	2020-03-17
modified	2019-10-29
plugin id	130350
published	2019-10-29
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130350
title	Debian DSA-4553-1 : php7.3 - security update

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2019-4ADC49A476.NASL
description	PHP version 7.3.11 (24 Oct 2019) Core: - Fixed bug php#78535 (auto_detect_line_endings value not parsed as bool). (bugreportuser) - Fixed bug php#78620 (Out of memory error). (cmb, Nikita) Exif : - Fixed bug php#78442 (
last seen	2020-03-17
modified	2019-10-31
plugin id	130411
published	2019-10-31
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130411
title	Fedora 31 : php (2019-4adc49a476)

NASL family	NewStart CGSL Local Security Checks
NASL id	NEWSTART_CGSL_NS-SA-2020-0001_PHP.NASL
description	The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has php packages installed that are affected by a vulnerability: - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. (CVE-2019-11043) Note that Nessus has not tested for this issue but has instead relied only on the application
last seen	2020-03-18
modified	2020-01-20
plugin id	133087
published	2020-01-20
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/133087
title	NewStart CGSL CORE 5.05 / MAIN 5.05 : php Vulnerability (NS-SA-2020-0001)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2020-1058.NASL
description	According to the versions of the php packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.(CVE-2019-11043) - ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function.(CVE-2018-19935) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2020-01-13
plugin id	132812
published	2020-01-13
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/132812
title	EulerOS Virtualization for ARM 64 3.0.5.0 : php (EulerOS-SA-2020-1058)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2019-3286.NASL
description	An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-03-17
modified	2019-11-04
plugin id	130473
published	2019-11-04
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130473
title	CentOS 7 : php (CESA-2019:3286)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-3735.NASL
description	An update for the php:7.2 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-05-23
modified	2019-11-08
plugin id	130738
published	2019-11-08
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130738
title	RHEL 8 : php:7.2 (RHSA-2019:3735)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-2295.NASL
description	According to the version of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.(CVE-2019-11043) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-03
modified	2019-11-27
plugin id	131361
published	2019-11-27
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131361
title	EulerOS 2.0 SP8 : php (EulerOS-SA-2019-2295)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-3286.NASL
description	An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-03-18
modified	2019-11-01
plugin id	130445
published	2019-11-01
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130445
title	RHEL 7 : php (RHSA-2019:3286)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2020-0322.NASL
description	An update for the php:7.2 module is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-05-21
modified	2020-02-04
plugin id	133446
published	2020-02-04
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/133446
title	RHEL 8 : php:7.2 (RHSA-2020:0322)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DLA-1970.NASL
description	Emil Lerner, beched and d90pwn found a buffer underflow in php5-fpm, a Fast Process Manager for the PHP language, which can lead to remote code execution. Instances are vulnerable depending on the web server configuration, in particular PATH_INFO handling. For a full list of preconditions, check: https://github.com/neex/phuip-fpizdam For Debian 8
last seen	2020-03-17
modified	2019-10-28
plugin id	130283
published	2019-10-28
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130283
title	Debian DLA-1970-1 : php5 security update

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_6A7C2AB000DD11EA83CE705A0F828759.NASL
description	The PHP project reports : The PHP development team announces the immediate availability of PHP 7.3.11. This is a security release which also contains several bug fixes. The PHP development team announces the immediate availability of PHP 7.2.24. This is a security release which also contains several bug fixes. The PHP development team announces the immediate availability of PHP 7.1.33. This is a security release which also contains several bug fixes.
last seen	2020-03-18
modified	2019-11-07
plugin id	130617
published	2019-11-07
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130617
title	FreeBSD : php -- env_path_info underflow in fpm_main.c can lead to RCE (6a7c2ab0-00dd-11ea-83ce-705a0f828759)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-2909-1.NASL
description	This update for php72 fixes the following issues : Security issue fixed : CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-18
modified	2019-11-07
plugin id	130621
published	2019-11-07
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130621
title	SUSE SLES12 Security Update : php72 (SUSE-SU-2019:2909-1)

NASL family	NewStart CGSL Local Security Checks
NASL id	NEWSTART_CGSL_NS-SA-2019-0214_PHP.NASL
description	The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has php packages installed that are affected by a vulnerability: - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. (CVE-2019-11043) Note that Nessus has not tested for this issue but has instead relied only on the application
last seen	2020-03-18
modified	2019-12-02
plugin id	131418
published	2019-12-02
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131418
title	NewStart CGSL CORE 5.04 / MAIN 5.04 : php Vulnerability (NS-SA-2019-0214)

NASL family	CGI abuses
NASL id	PHP_7_3_11.NASL
description	According to its banner, the version of PHP running on the remote web server is prior to 7.1.33, 7.2.x prior to 7.2.24, or 7.3.x prior to 7.3.11. It is, therefore, affected by a remote code execution vulnerability due to insufficient validation of user input. An unauthenticated, remote attacker can exploit this, by sending a specially crafted request, to cause the execution of arbitrary code by breaking the fastcgi_split_path_info directive.
last seen	2020-04-30
modified	2019-10-25
plugin id	130276
published	2019-10-25
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130276
title	PHP < 7.1.33 / 7.2.x < 7.2.24 / 7.3.x < 7.3.11 Remote Code Execution Vulnerability.

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-4166-1.NASL
description	It was discovered that PHP incorrectly handled certain paths when being used in FastCGI configurations. A remote attacker could possibly use this issue to execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-18
modified	2019-10-29
plugin id	130362
published	2019-10-29
reporter	Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130362
title	Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : php7.0, php7.2, php7.3 vulnerability (USN-4166-1)

NASL family	Amazon Linux Local Security Checks
NASL id	AL2_ALAS-2019-1344.NASL
description	In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.(CVE-2019-11043)
last seen	2020-03-17
modified	2019-11-04
plugin id	130470
published	2019-11-04
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130470
title	Amazon Linux 2 : php (ALAS-2019-1344)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-2438.NASL
description	According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.(CVE-2019-11043) - The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP.(CVE-2017-12933) - ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call.(CVE-2016-7124) - The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))\|(((?:(?:(?:(?:abc\|(?:abcdef))))b)abcdefghi )abc)\|((ACCEPT)))/ pattern and related patterns involving (ACCEPT), which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (partially initialized memory and application crash) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-2547.(CVE-2015-8382) - An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.(CVE-2018-5712) - exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.(CVE-2018-14851) - The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data.(CVE-2016-7480) - ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object.(CVE-2016-7411) - The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table.(CVE-2015-8879) - In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension
last seen	2020-05-08
modified	2019-12-04
plugin id	131592
published	2019-12-04
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131592
title	EulerOS 2.0 SP2 : php (EulerOS-SA-2019-2438)

NASL family	CGI abuses
NASL id	PHP_7_4_0.NASL
description	According to its banner, the version of PHP running on the remote web server is 7.4.x prior to 7.4.0. It is, therefore, affected by multiple vulnerabilities including a buffer overflow
last seen	2020-03-18
modified	2019-12-06
plugin id	131732
published	2019-12-06
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131732
title	PHP 7.4.x < 7.4.0 Multiple Vulnerabilities.

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-3287.NASL
description	An update for php is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-03-18
modified	2019-11-01
plugin id	130446
published	2019-11-01
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130446
title	RHEL 6 : php (RHSA-2019:3287)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2019-3735.NASL
description	From Red Hat Security Advisory 2019:3735 : An update for the php:7.2 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es) : * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-03-18
modified	2019-11-25
plugin id	131270
published	2019-11-25
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131270
title	Oracle Linux 8 : php:7.2 (ELSA-2019-3735)

Packetstorm

data source	https://packetstormsecurity.com/files/download/156642/php_fpm_rce.rb.txt
id	PACKETSTORM:156642
last seen	2020-03-06
published	2020-03-05
reporter	cdelafuente-r7
source	https://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html
title	PHP-FPM 7.x Remote Code Execution

Redhat

advisories

bugzilla

id	1766378
title	CVE-2019-11043 php: underflow in env_path_info in fpm_main.c

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

AND
comment php-snmp is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286001
comment php-snmp is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195038
AND
comment php-pspell is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286003
comment php-pspell is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195026
AND
comment php-mysqlnd is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286005
comment php-mysqlnd is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141013034
AND
comment php-mbstring is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286007
comment php-mbstring is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195044
AND
comment php-intl is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286009
comment php-intl is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195050
AND
comment php-fpm is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286011
comment php-fpm is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20130514038
AND
comment php-enchant is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286013
comment php-enchant is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195030
AND
comment php-embedded is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286015
comment php-embedded is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195046
AND
comment php-devel is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286017
comment php-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195052
AND
comment php-dba is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286019
comment php-dba is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195034
AND
comment php-bcmath is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286021
comment php-bcmath is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195048
AND
comment php-xmlrpc is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286023
comment php-xmlrpc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195016
AND
comment php-xml is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286025
comment php-xml is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195020
AND
comment php-soap is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286027
comment php-soap is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195010
AND
comment php-recode is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286029
comment php-recode is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195042
AND
comment php-process is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286031
comment php-process is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195028
AND
comment php-pgsql is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286033
comment php-pgsql is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195022
AND
comment php-pdo is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286035
comment php-pdo is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195024
AND
comment php-odbc is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286037
comment php-odbc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195004
AND
comment php-mysql is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286039
comment php-mysql is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195006
AND
comment php-ldap is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286041
comment php-ldap is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195012
AND
comment php-gd is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286043
comment php-gd is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195008
AND
comment php-common is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286045
comment php-common is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195014
AND
comment php-cli is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286047
comment php-cli is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195002
AND
comment php is earlier than 0:5.4.16-46.1.el7_7
oval oval:com.redhat.rhsa:tst:20193286049
comment php is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195018

rhsa

id	RHSA-2019:3286
released	2019-10-31
severity	Critical
title	RHSA-2019:3286: php security update (Critical)

bugzilla

id	1766378
title	CVE-2019-11043 php: underflow in env_path_info in fpm_main.c

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND
comment php-process is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287001
comment php-process is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195028
AND
comment php-mbstring is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287003
comment php-mbstring is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195044
AND
comment php-intl is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287005
comment php-intl is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195050
AND
comment php-imap is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287007
comment php-imap is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195040
AND
comment php-fpm is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287009
comment php-fpm is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20130514038
AND
comment php-enchant is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287011
comment php-enchant is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195030
AND
comment php-embedded is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287013
comment php-embedded is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195046
AND
comment php-devel is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287015
comment php-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195052
AND
comment php-dba is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287017
comment php-dba is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195034
AND
comment php-bcmath is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287019
comment php-bcmath is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195048
AND
comment php-zts is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287021
comment php-zts is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195032
AND
comment php-tidy is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287023
comment php-tidy is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195036
AND
comment php-snmp is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287025
comment php-snmp is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195038
AND
comment php-recode is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287027
comment php-recode is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195042
AND
comment php-pspell is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287029
comment php-pspell is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195026
AND
comment php-xmlrpc is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287031
comment php-xmlrpc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195016
AND
comment php-xml is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287033
comment php-xml is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195020
AND
comment php-soap is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287035
comment php-soap is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195010
AND
comment php-pgsql is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287037
comment php-pgsql is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195022
AND
comment php-pdo is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287039
comment php-pdo is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195024
AND
comment php-odbc is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287041
comment php-odbc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195004
AND
comment php-mysql is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287043
comment php-mysql is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195006
AND
comment php-ldap is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287045
comment php-ldap is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195012
AND
comment php-gd is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287047
comment php-gd is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195008
AND
comment php-common is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287049
comment php-common is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195014
AND
comment php-cli is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287051
comment php-cli is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195002
AND
comment php is earlier than 0:5.3.3-50.el6_10
oval oval:com.redhat.rhsa:tst:20193287053
comment php is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195018

rhsa

id	RHSA-2019:3287
released	2019-10-31
severity	Critical
title	RHSA-2019:3287: php security update (Critical)

bugzilla

id	1766378
title	CVE-2019-11043 php: underflow in env_path_info in fpm_main.c

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 8 is installed
oval oval:com.redhat.rhba:tst:20193384074
comment Module php:7.2 is enabled
oval oval:com.redhat.rhsa:tst:20193735079

AND

comment php-xmlrpc is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735001
comment php-xmlrpc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195016

AND

comment php-xml is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735003
comment php-xml is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195020

AND

comment php-soap is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735005
comment php-soap is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195010

AND

comment php-snmp is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735007
comment php-snmp is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195038

AND

comment php-recode is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735009
comment php-recode is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195042

AND

comment php-process is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735011
comment php-process is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195028

AND

comment php-pgsql is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735013
comment php-pgsql is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195022

AND

comment php-pecl-zip-debugsource is earlier than 0:1.15.3-1.module+el8.1.0+3186+20164e6f
oval oval:com.redhat.rhsa:tst:20193735015
comment php-pecl-zip-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735016

AND

comment php-pecl-zip is earlier than 0:1.15.3-1.module+el8.1.0+3186+20164e6f
oval oval:com.redhat.rhsa:tst:20193735017
comment php-pecl-zip is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735018

AND

comment php-pecl-apcu-devel is earlier than 0:5.1.12-2.module+el8.1.0+3202+af5476b9
oval oval:com.redhat.rhsa:tst:20193735019
comment php-pecl-apcu-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735020

AND

comment php-pecl-apcu-debugsource is earlier than 0:5.1.12-2.module+el8.1.0+3202+af5476b9
oval oval:com.redhat.rhsa:tst:20193735021
comment php-pecl-apcu-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735022

AND

comment php-pecl-apcu is earlier than 0:5.1.12-2.module+el8.1.0+3202+af5476b9
oval oval:com.redhat.rhsa:tst:20193735023
comment php-pecl-apcu is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735024

AND

comment php-pdo is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735025
comment php-pdo is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195024

AND

comment php-opcache is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735027
comment php-opcache is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735028

AND

comment php-odbc is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735029
comment php-odbc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195004

AND

comment php-mysqlnd is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735031
comment php-mysqlnd is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141013034

AND

comment php-mbstring is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735033
comment php-mbstring is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195044

AND

comment php-ldap is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735035
comment php-ldap is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195012

AND

comment php-json is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735037
comment php-json is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735038

AND

comment php-intl is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735039
comment php-intl is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195050

AND

comment php-gmp is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735041
comment php-gmp is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735042

AND

comment php-gd is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735043
comment php-gd is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195008

AND

comment php-fpm is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735045
comment php-fpm is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20130514038

AND

comment php-enchant is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735047
comment php-enchant is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195030

AND

comment php-embedded is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735049
comment php-embedded is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195046

AND

comment php-devel is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735051
comment php-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195052

AND

comment php-debugsource is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735053
comment php-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735054

AND

comment php-dbg is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735055
comment php-dbg is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735056

AND

comment php-dba is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735057
comment php-dba is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195034

AND

comment php-common is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735059
comment php-common is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195014

AND

comment php-cli is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735061
comment php-cli is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195002

AND

comment php-bcmath is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735063
comment php-bcmath is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195048

AND

comment php is earlier than 0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
oval oval:com.redhat.rhsa:tst:20193735065
comment php is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195018

AND

comment libzip-tools is earlier than 0:1.5.1-2.module+el8.1.0+3202+af5476b9
oval oval:com.redhat.rhsa:tst:20193735067
comment libzip-tools is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735068

AND

comment libzip-devel is earlier than 0:1.5.1-2.module+el8.1.0+3202+af5476b9
oval oval:com.redhat.rhsa:tst:20193735069
comment libzip-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735070

AND

comment libzip-debugsource is earlier than 0:1.5.1-2.module+el8.1.0+3202+af5476b9
oval oval:com.redhat.rhsa:tst:20193735071
comment libzip-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735072

AND

comment libzip is earlier than 0:1.5.1-2.module+el8.1.0+3202+af5476b9
oval oval:com.redhat.rhsa:tst:20193735073
comment libzip is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735074

AND

comment php-pear is earlier than 1:1.10.5-9.module+el8.1.0+3202+af5476b9
oval oval:com.redhat.rhsa:tst:20193735075
comment php-pear is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111741002

AND

comment apcu-panel is earlier than 0:5.1.12-2.module+el8.1.0+3202+af5476b9
oval oval:com.redhat.rhsa:tst:20193735077
comment apcu-panel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735078

rhsa

id	RHSA-2019:3735
released	2019-11-06
severity	Critical
title	RHSA-2019:3735: php:7.2 security update (Critical)

bugzilla

id	1766378
title	CVE-2019-11043 php: underflow in env_path_info in fpm_main.c

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 8 is installed
oval oval:com.redhat.rhba:tst:20193384074
comment Module php:7.3 is enabled
oval oval:com.redhat.rhsa:tst:20193736079

AND

comment php-xmlrpc is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736001
comment php-xmlrpc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195016

AND

comment php-xml is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736003
comment php-xml is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195020

AND

comment php-soap is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736005
comment php-soap is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195010

AND

comment php-snmp is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736007
comment php-snmp is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195038

AND

comment php-recode is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736009
comment php-recode is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195042

AND

comment php-process is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736011
comment php-process is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195028

AND

comment php-pgsql is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736013
comment php-pgsql is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195022

AND

comment php-pecl-zip-debugsource is earlier than 0:1.15.4-1.module+el8.1.0+3189+a1bff096
oval oval:com.redhat.rhsa:tst:20193736015
comment php-pecl-zip-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735016

AND

comment php-pecl-zip is earlier than 0:1.15.4-1.module+el8.1.0+3189+a1bff096
oval oval:com.redhat.rhsa:tst:20193736017
comment php-pecl-zip is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735018

AND

comment php-pecl-apcu-devel is earlier than 0:5.1.17-1.module+el8.1.0+3189+a1bff096
oval oval:com.redhat.rhsa:tst:20193736019
comment php-pecl-apcu-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735020

AND

comment php-pecl-apcu-debugsource is earlier than 0:5.1.17-1.module+el8.1.0+3189+a1bff096
oval oval:com.redhat.rhsa:tst:20193736021
comment php-pecl-apcu-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735022

AND

comment php-pecl-apcu is earlier than 0:5.1.17-1.module+el8.1.0+3189+a1bff096
oval oval:com.redhat.rhsa:tst:20193736023
comment php-pecl-apcu is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735024

AND

comment php-pdo is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736025
comment php-pdo is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195024

AND

comment php-opcache is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736027
comment php-opcache is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735028

AND

comment php-odbc is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736029
comment php-odbc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195004

AND

comment php-mysqlnd is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736031
comment php-mysqlnd is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141013034

AND

comment php-mbstring is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736033
comment php-mbstring is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195044

AND

comment php-ldap is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736035
comment php-ldap is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195012

AND

comment php-json is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736037
comment php-json is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735038

AND

comment php-intl is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736039
comment php-intl is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195050

AND

comment php-gmp is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736041
comment php-gmp is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735042

AND

comment php-gd is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736043
comment php-gd is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195008

AND

comment php-fpm is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736045
comment php-fpm is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20130514038

AND

comment php-enchant is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736047
comment php-enchant is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195030

AND

comment php-embedded is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736049
comment php-embedded is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195046

AND

comment php-devel is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736051
comment php-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195052

AND

comment php-debugsource is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736053
comment php-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735054

AND

comment php-dbg is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736055
comment php-dbg is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735056

AND

comment php-dba is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736057
comment php-dba is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195034

AND

comment php-common is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736059
comment php-common is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195014

AND

comment php-cli is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736061
comment php-cli is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195002

AND

comment php-bcmath is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736063
comment php-bcmath is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195048

AND
comment php is earlier than 0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
oval oval:com.redhat.rhsa:tst:20193736065
comment php is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110195018

AND

comment libzip-tools is earlier than 0:1.5.2-1.module+el8.1.0+3189+a1bff096
oval oval:com.redhat.rhsa:tst:20193736067
comment libzip-tools is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735068

AND

comment libzip-devel is earlier than 0:1.5.2-1.module+el8.1.0+3189+a1bff096
oval oval:com.redhat.rhsa:tst:20193736069
comment libzip-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735070

AND

comment libzip-debugsource is earlier than 0:1.5.2-1.module+el8.1.0+3189+a1bff096
oval oval:com.redhat.rhsa:tst:20193736071
comment libzip-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735072

AND

comment libzip is earlier than 0:1.5.2-1.module+el8.1.0+3189+a1bff096
oval oval:com.redhat.rhsa:tst:20193736073
comment libzip is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735074

AND

comment php-pear is earlier than 1:1.10.9-1.module+el8.1.0+3189+a1bff096
oval oval:com.redhat.rhsa:tst:20193736075
comment php-pear is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111741002

AND

comment apcu-panel is earlier than 0:5.1.17-1.module+el8.1.0+3189+a1bff096
oval oval:com.redhat.rhsa:tst:20193736077
comment apcu-panel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193735078

rhsa

id	RHSA-2019:3736
released	2019-11-06
severity	Critical
title	RHSA-2019:3736: php:7.3 security update (Critical)

rhsa
id RHSA-2019:3299
rhsa
id RHSA-2019:3300
rhsa
id RHSA-2019:3724
rhsa
id RHSA-2020:0322

rpms

php-0:5.4.16-46.1.el7_7
php-bcmath-0:5.4.16-46.1.el7_7
php-cli-0:5.4.16-46.1.el7_7
php-common-0:5.4.16-46.1.el7_7
php-dba-0:5.4.16-46.1.el7_7
php-debuginfo-0:5.4.16-46.1.el7_7
php-devel-0:5.4.16-46.1.el7_7
php-embedded-0:5.4.16-46.1.el7_7
php-enchant-0:5.4.16-46.1.el7_7
php-fpm-0:5.4.16-46.1.el7_7
php-gd-0:5.4.16-46.1.el7_7
php-intl-0:5.4.16-46.1.el7_7
php-ldap-0:5.4.16-46.1.el7_7
php-mbstring-0:5.4.16-46.1.el7_7
php-mysql-0:5.4.16-46.1.el7_7
php-mysqlnd-0:5.4.16-46.1.el7_7
php-odbc-0:5.4.16-46.1.el7_7
php-pdo-0:5.4.16-46.1.el7_7
php-pgsql-0:5.4.16-46.1.el7_7
php-process-0:5.4.16-46.1.el7_7
php-pspell-0:5.4.16-46.1.el7_7
php-recode-0:5.4.16-46.1.el7_7
php-snmp-0:5.4.16-46.1.el7_7
php-soap-0:5.4.16-46.1.el7_7
php-xml-0:5.4.16-46.1.el7_7
php-xmlrpc-0:5.4.16-46.1.el7_7
php-0:5.3.3-50.el6_10
php-bcmath-0:5.3.3-50.el6_10
php-cli-0:5.3.3-50.el6_10
php-common-0:5.3.3-50.el6_10
php-dba-0:5.3.3-50.el6_10
php-debuginfo-0:5.3.3-50.el6_10
php-devel-0:5.3.3-50.el6_10
php-embedded-0:5.3.3-50.el6_10
php-enchant-0:5.3.3-50.el6_10
php-fpm-0:5.3.3-50.el6_10
php-gd-0:5.3.3-50.el6_10
php-imap-0:5.3.3-50.el6_10
php-intl-0:5.3.3-50.el6_10
php-ldap-0:5.3.3-50.el6_10
php-mbstring-0:5.3.3-50.el6_10
php-mysql-0:5.3.3-50.el6_10
php-odbc-0:5.3.3-50.el6_10
php-pdo-0:5.3.3-50.el6_10
php-pgsql-0:5.3.3-50.el6_10
php-process-0:5.3.3-50.el6_10
php-pspell-0:5.3.3-50.el6_10
php-recode-0:5.3.3-50.el6_10
php-snmp-0:5.3.3-50.el6_10
php-soap-0:5.3.3-50.el6_10
php-tidy-0:5.3.3-50.el6_10
php-xml-0:5.3.3-50.el6_10
php-xmlrpc-0:5.3.3-50.el6_10
php-zts-0:5.3.3-50.el6_10
rh-php72-php-0:7.2.24-1.el7
rh-php72-php-bcmath-0:7.2.24-1.el7
rh-php72-php-cli-0:7.2.24-1.el7
rh-php72-php-common-0:7.2.24-1.el7
rh-php72-php-dba-0:7.2.24-1.el7
rh-php72-php-dbg-0:7.2.24-1.el7
rh-php72-php-debuginfo-0:7.2.24-1.el7
rh-php72-php-devel-0:7.2.24-1.el7
rh-php72-php-embedded-0:7.2.24-1.el7
rh-php72-php-enchant-0:7.2.24-1.el7
rh-php72-php-fpm-0:7.2.24-1.el7
rh-php72-php-gd-0:7.2.24-1.el7
rh-php72-php-gmp-0:7.2.24-1.el7
rh-php72-php-intl-0:7.2.24-1.el7
rh-php72-php-json-0:7.2.24-1.el7
rh-php72-php-ldap-0:7.2.24-1.el7
rh-php72-php-mbstring-0:7.2.24-1.el7
rh-php72-php-mysqlnd-0:7.2.24-1.el7
rh-php72-php-odbc-0:7.2.24-1.el7
rh-php72-php-opcache-0:7.2.24-1.el7
rh-php72-php-pdo-0:7.2.24-1.el7
rh-php72-php-pgsql-0:7.2.24-1.el7
rh-php72-php-process-0:7.2.24-1.el7
rh-php72-php-pspell-0:7.2.24-1.el7
rh-php72-php-recode-0:7.2.24-1.el7
rh-php72-php-snmp-0:7.2.24-1.el7
rh-php72-php-soap-0:7.2.24-1.el7
rh-php72-php-xml-0:7.2.24-1.el7
rh-php72-php-xmlrpc-0:7.2.24-1.el7
rh-php72-php-zip-0:7.2.24-1.el7
rh-php71-php-0:7.1.30-2.el7
rh-php71-php-bcmath-0:7.1.30-2.el7
rh-php71-php-cli-0:7.1.30-2.el7
rh-php71-php-common-0:7.1.30-2.el7
rh-php71-php-dba-0:7.1.30-2.el7
rh-php71-php-dbg-0:7.1.30-2.el7
rh-php71-php-debuginfo-0:7.1.30-2.el7
rh-php71-php-devel-0:7.1.30-2.el7
rh-php71-php-embedded-0:7.1.30-2.el7
rh-php71-php-enchant-0:7.1.30-2.el7
rh-php71-php-fpm-0:7.1.30-2.el7
rh-php71-php-gd-0:7.1.30-2.el7
rh-php71-php-gmp-0:7.1.30-2.el7
rh-php71-php-intl-0:7.1.30-2.el7
rh-php71-php-json-0:7.1.30-2.el7
rh-php71-php-ldap-0:7.1.30-2.el7
rh-php71-php-mbstring-0:7.1.30-2.el7
rh-php71-php-mysqlnd-0:7.1.30-2.el7
rh-php71-php-odbc-0:7.1.30-2.el7
rh-php71-php-opcache-0:7.1.30-2.el7
rh-php71-php-pdo-0:7.1.30-2.el7
rh-php71-php-pgsql-0:7.1.30-2.el7
rh-php71-php-process-0:7.1.30-2.el7
rh-php71-php-pspell-0:7.1.30-2.el7
rh-php71-php-recode-0:7.1.30-2.el7
rh-php71-php-snmp-0:7.1.30-2.el7
rh-php71-php-soap-0:7.1.30-2.el7
rh-php71-php-xml-0:7.1.30-2.el7
rh-php71-php-xmlrpc-0:7.1.30-2.el7
rh-php71-php-zip-0:7.1.30-2.el7
rh-php70-php-0:7.0.27-2.el6
rh-php70-php-0:7.0.27-2.el7
rh-php70-php-bcmath-0:7.0.27-2.el6
rh-php70-php-bcmath-0:7.0.27-2.el7
rh-php70-php-cli-0:7.0.27-2.el6
rh-php70-php-cli-0:7.0.27-2.el7
rh-php70-php-common-0:7.0.27-2.el6
rh-php70-php-common-0:7.0.27-2.el7
rh-php70-php-dba-0:7.0.27-2.el6
rh-php70-php-dba-0:7.0.27-2.el7
rh-php70-php-dbg-0:7.0.27-2.el6
rh-php70-php-dbg-0:7.0.27-2.el7
rh-php70-php-debuginfo-0:7.0.27-2.el6
rh-php70-php-debuginfo-0:7.0.27-2.el7
rh-php70-php-devel-0:7.0.27-2.el6
rh-php70-php-devel-0:7.0.27-2.el7
rh-php70-php-embedded-0:7.0.27-2.el6
rh-php70-php-embedded-0:7.0.27-2.el7
rh-php70-php-enchant-0:7.0.27-2.el6
rh-php70-php-enchant-0:7.0.27-2.el7
rh-php70-php-fpm-0:7.0.27-2.el6
rh-php70-php-fpm-0:7.0.27-2.el7
rh-php70-php-gd-0:7.0.27-2.el6
rh-php70-php-gd-0:7.0.27-2.el7
rh-php70-php-gmp-0:7.0.27-2.el6
rh-php70-php-gmp-0:7.0.27-2.el7
rh-php70-php-imap-0:7.0.27-2.el6
rh-php70-php-intl-0:7.0.27-2.el6
rh-php70-php-intl-0:7.0.27-2.el7
rh-php70-php-json-0:7.0.27-2.el6
rh-php70-php-json-0:7.0.27-2.el7
rh-php70-php-ldap-0:7.0.27-2.el6
rh-php70-php-ldap-0:7.0.27-2.el7
rh-php70-php-mbstring-0:7.0.27-2.el6
rh-php70-php-mbstring-0:7.0.27-2.el7
rh-php70-php-mysqlnd-0:7.0.27-2.el6
rh-php70-php-mysqlnd-0:7.0.27-2.el7
rh-php70-php-odbc-0:7.0.27-2.el6
rh-php70-php-odbc-0:7.0.27-2.el7
rh-php70-php-opcache-0:7.0.27-2.el6
rh-php70-php-opcache-0:7.0.27-2.el7
rh-php70-php-pdo-0:7.0.27-2.el6
rh-php70-php-pdo-0:7.0.27-2.el7
rh-php70-php-pgsql-0:7.0.27-2.el6
rh-php70-php-pgsql-0:7.0.27-2.el7
rh-php70-php-process-0:7.0.27-2.el6
rh-php70-php-process-0:7.0.27-2.el7
rh-php70-php-pspell-0:7.0.27-2.el6
rh-php70-php-pspell-0:7.0.27-2.el7
rh-php70-php-recode-0:7.0.27-2.el6
rh-php70-php-recode-0:7.0.27-2.el7
rh-php70-php-snmp-0:7.0.27-2.el6
rh-php70-php-snmp-0:7.0.27-2.el7
rh-php70-php-soap-0:7.0.27-2.el6
rh-php70-php-soap-0:7.0.27-2.el7
rh-php70-php-tidy-0:7.0.27-2.el6
rh-php70-php-xml-0:7.0.27-2.el6
rh-php70-php-xml-0:7.0.27-2.el7
rh-php70-php-xmlrpc-0:7.0.27-2.el6
rh-php70-php-xmlrpc-0:7.0.27-2.el7
rh-php70-php-zip-0:7.0.27-2.el6
rh-php70-php-zip-0:7.0.27-2.el7
apcu-panel-0:5.1.12-2.module+el8.1.0+3202+af5476b9
libzip-0:1.5.1-2.module+el8.1.0+3202+af5476b9
libzip-debuginfo-0:1.5.1-2.module+el8.1.0+3202+af5476b9
libzip-debugsource-0:1.5.1-2.module+el8.1.0+3202+af5476b9
libzip-devel-0:1.5.1-2.module+el8.1.0+3202+af5476b9
libzip-tools-0:1.5.1-2.module+el8.1.0+3202+af5476b9
libzip-tools-debuginfo-0:1.5.1-2.module+el8.1.0+3202+af5476b9
php-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-bcmath-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-bcmath-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-cli-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-cli-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-common-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-common-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-dba-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-dba-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-dbg-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-dbg-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-debugsource-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-devel-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-embedded-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-embedded-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-enchant-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-enchant-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-fpm-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-fpm-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-gd-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-gd-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-gmp-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-gmp-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-intl-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-intl-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-json-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-json-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-ldap-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-ldap-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-mbstring-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-mbstring-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-mysqlnd-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-mysqlnd-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-odbc-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-odbc-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-opcache-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-opcache-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-pdo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-pdo-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-pear-1:1.10.5-9.module+el8.1.0+3202+af5476b9
php-pecl-apcu-0:5.1.12-2.module+el8.1.0+3202+af5476b9
php-pecl-apcu-debuginfo-0:5.1.12-2.module+el8.1.0+3202+af5476b9
php-pecl-apcu-debugsource-0:5.1.12-2.module+el8.1.0+3202+af5476b9
php-pecl-apcu-devel-0:5.1.12-2.module+el8.1.0+3202+af5476b9
php-pecl-zip-0:1.15.3-1.module+el8.1.0+3186+20164e6f
php-pecl-zip-debuginfo-0:1.15.3-1.module+el8.1.0+3186+20164e6f
php-pecl-zip-debugsource-0:1.15.3-1.module+el8.1.0+3186+20164e6f
php-pgsql-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-pgsql-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-process-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-process-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-recode-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-recode-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-snmp-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-snmp-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-soap-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-soap-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-xml-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-xml-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-xmlrpc-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
php-xmlrpc-debuginfo-0:7.2.11-4.module+el8.1.0+4555+f5cb8e18
apcu-panel-0:5.1.17-1.module+el8.1.0+3189+a1bff096
libzip-0:1.5.2-1.module+el8.1.0+3189+a1bff096
libzip-debuginfo-0:1.5.2-1.module+el8.1.0+3189+a1bff096
libzip-debugsource-0:1.5.2-1.module+el8.1.0+3189+a1bff096
libzip-devel-0:1.5.2-1.module+el8.1.0+3189+a1bff096
libzip-tools-0:1.5.2-1.module+el8.1.0+3189+a1bff096
libzip-tools-debuginfo-0:1.5.2-1.module+el8.1.0+3189+a1bff096
php-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-bcmath-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-bcmath-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-cli-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-cli-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-common-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-common-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-dba-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-dba-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-dbg-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-dbg-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-debugsource-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-devel-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-embedded-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-embedded-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-enchant-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-enchant-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-fpm-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-fpm-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-gd-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-gd-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-gmp-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-gmp-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-intl-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-intl-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-json-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-json-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-ldap-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-ldap-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-mbstring-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-mbstring-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-mysqlnd-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-mysqlnd-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-odbc-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-odbc-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-opcache-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-opcache-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-pdo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-pdo-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-pear-1:1.10.9-1.module+el8.1.0+3189+a1bff096
php-pecl-apcu-0:5.1.17-1.module+el8.1.0+3189+a1bff096
php-pecl-apcu-debuginfo-0:5.1.17-1.module+el8.1.0+3189+a1bff096
php-pecl-apcu-debugsource-0:5.1.17-1.module+el8.1.0+3189+a1bff096
php-pecl-apcu-devel-0:5.1.17-1.module+el8.1.0+3189+a1bff096
php-pecl-zip-0:1.15.4-1.module+el8.1.0+3189+a1bff096
php-pecl-zip-debuginfo-0:1.15.4-1.module+el8.1.0+3189+a1bff096
php-pecl-zip-debugsource-0:1.15.4-1.module+el8.1.0+3189+a1bff096
php-pgsql-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-pgsql-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-process-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-process-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-recode-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-recode-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-snmp-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-snmp-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-soap-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-soap-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-xml-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-xml-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-xmlrpc-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
php-xmlrpc-debuginfo-0:7.3.5-5.module+el8.1.0+4560+e0eee7d6
apcu-panel-0:5.1.12-1.module+el8+2561+1aca3413
libzip-0:1.5.1-1.module+el8+2561+1aca3413
libzip-debuginfo-0:1.5.1-1.module+el8+2561+1aca3413
libzip-debugsource-0:1.5.1-1.module+el8+2561+1aca3413
libzip-devel-0:1.5.1-1.module+el8+2561+1aca3413
libzip-tools-0:1.5.1-1.module+el8+2561+1aca3413
libzip-tools-debuginfo-0:1.5.1-1.module+el8+2561+1aca3413
php-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-bcmath-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-bcmath-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-cli-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-cli-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-common-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-common-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-dba-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-dba-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-dbg-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-dbg-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-debugsource-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-devel-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-embedded-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-embedded-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-enchant-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-enchant-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-fpm-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-fpm-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-gd-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-gd-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-gmp-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-gmp-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-intl-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-intl-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-json-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-json-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-ldap-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-ldap-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-mbstring-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-mbstring-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-mysqlnd-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-mysqlnd-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-odbc-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-odbc-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-opcache-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-opcache-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-pdo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-pdo-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-pear-1:1.10.5-8.module+el8+2561+1aca3413
php-pecl-apcu-0:5.1.12-1.module+el8+2561+1aca3413
php-pecl-apcu-debuginfo-0:5.1.12-1.module+el8+2561+1aca3413
php-pecl-apcu-debugsource-0:5.1.12-1.module+el8+2561+1aca3413
php-pecl-apcu-devel-0:5.1.12-1.module+el8+2561+1aca3413
php-pecl-zip-0:1.15.3-1.module+el8+2561+1aca3413
php-pecl-zip-debuginfo-0:1.15.3-1.module+el8+2561+1aca3413
php-pecl-zip-debugsource-0:1.15.3-1.module+el8+2561+1aca3413
php-pgsql-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-pgsql-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-process-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-process-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-recode-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-recode-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-snmp-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-snmp-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-soap-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-soap-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-xml-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-xml-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-xmlrpc-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65
php-xmlrpc-debuginfo-0:7.2.11-1.1.module+el8.0.0+4664+17bd8d65

The Hacker News

id	THN:B9AD1A8C118DBF486256A5AD0D9ECBE6
last seen	2019-10-27
modified	2019-10-27
published	2019-10-26
reporter	The Hacker News
source	https://thehackernews.com/2019/10/nginx-php-fpm-hacking.html
title	New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers

id	EDB-ID:47553
last seen	2019-10-30
modified	2019-10-28
published	2019-10-28
reporter	Exploit-DB
source	https://www.exploit-db.com/download/47553
title	PHP-FPM + Nginx - Remote Code Execution

id	EDB-ID:48182
last seen	2020-03-09
modified	2020-03-09
published	2020-03-09
reporter	Exploit-DB
source	https://www.exploit-db.com/download/48182
title	PHP-FPM - Underflow Remote Code Execution (Metasploit)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

Metasploit

Nessus

Packetstorm

Redhat

The Hacker News

Related news

References