Vulnerabilities > CVE-2020-7060 - Out-of-bounds Read vulnerability in multiple products

047910
CVSS 9.1 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
php
tenable
oracle
opensuse
debian
CWE-125
critical
nessus

Summary

When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.

Vulnerable Configurations

Part Description Count
Application
Php
122
Application
Tenable
7
Application
Oracle
10
OS
Opensuse
1
OS
Debian
1

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Overread Buffers
    An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.

Nessus

  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4279-1.NASL
    descriptionIt was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2015-9253) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-7059) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2020-7060). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-18
    modified2020-02-18
    plugin id133764
    published2020-02-18
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133764
    titleUbuntu 16.04 LTS / 18.04 LTS / 19.10 : php5, php7.0, php7.2, php7.3 vulnerabilities (USN-4279-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-4279-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(133764);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/20");
    
      script_cve_id("CVE-2015-9253", "CVE-2020-7059", "CVE-2020-7060");
      script_xref(name:"USN", value:"4279-1");
    
      script_name(english:"Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : php5, php7.0, php7.2, php7.3 vulnerabilities (USN-4279-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "It was discovered that PHP incorrectly handled certain scripts. An
    attacker could possibly use this issue to cause a denial of service.
    This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu
    16.04 LTS. (CVE-2015-9253)
    
    It was discovered that PHP incorrectly handled certain inputs. An
    attacker could possibly use this issue to expose sensitive
    information. (CVE-2020-7059)
    
    It was discovered that PHP incorrectly handled certain inputs. An
    attacker could possibly use this issue to execute arbitrary code. This
    issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04
    LTS and Ubuntu 19.10. (CVE-2020-7060).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/4279-1/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-7060");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-cgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.2-cgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.2-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.2-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.3-cgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.3-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.3-fpm");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:19.10");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/02/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/02/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/18");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(12\.04|14\.04|16\.04|18\.04|19\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04 / 14.04 / 16.04 / 18.04 / 19.10", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"16.04", pkgname:"libapache2-mod-php7.0", pkgver:"7.0.33-0ubuntu0.16.04.11")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"php7.0-cgi", pkgver:"7.0.33-0ubuntu0.16.04.11")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"php7.0-cli", pkgver:"7.0.33-0ubuntu0.16.04.11")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"php7.0-fpm", pkgver:"7.0.33-0ubuntu0.16.04.11")) flag++;
    if (ubuntu_check(osver:"18.04", pkgname:"libapache2-mod-php7.2", pkgver:"7.2.24-0ubuntu0.18.04.3")) flag++;
    if (ubuntu_check(osver:"18.04", pkgname:"php7.2-cgi", pkgver:"7.2.24-0ubuntu0.18.04.3")) flag++;
    if (ubuntu_check(osver:"18.04", pkgname:"php7.2-cli", pkgver:"7.2.24-0ubuntu0.18.04.3")) flag++;
    if (ubuntu_check(osver:"18.04", pkgname:"php7.2-fpm", pkgver:"7.2.24-0ubuntu0.18.04.3")) flag++;
    if (ubuntu_check(osver:"19.10", pkgname:"libapache2-mod-php7.3", pkgver:"7.3.11-0ubuntu0.19.10.3")) flag++;
    if (ubuntu_check(osver:"19.10", pkgname:"php7.3-cgi", pkgver:"7.3.11-0ubuntu0.19.10.3")) flag++;
    if (ubuntu_check(osver:"19.10", pkgname:"php7.3-cli", pkgver:"7.3.11-0ubuntu0.19.10.3")) flag++;
    if (ubuntu_check(osver:"19.10", pkgname:"php7.3-fpm", pkgver:"7.3.11-0ubuntu0.19.10.3")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libapache2-mod-php5 / libapache2-mod-php7.0 / libapache2-mod-php7.2 / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0622-1.NASL
    descriptionThis update for php7 fixes the following issues : CVE-2020-7062: Fixed a NULL pointer dereference when using file upload functionality under specific circumstances (bsc#1165280). CVE-2020-7063: Fixed an issue where adding files change the permissions to default (bsc#1165289). CVE-2020-7059: Fixed an out of bounds read in php_strip_tags_ex which may have led to denial of service (bsc#1162629). CVE-2020-7060: Fixed a global buffer overflow in mbfl_filt_conv_big5_wchar which may have led to memory corruption (bsc#1162632). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-18
    modified2020-03-10
    plugin id134365
    published2020-03-10
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134365
    titleSUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2020:0622-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2020:0622-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(134365);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2020-7059", "CVE-2020-7060", "CVE-2020-7062", "CVE-2020-7063");
    
      script_name(english:"SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2020:0622-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for php7 fixes the following issues :
    
    CVE-2020-7062: Fixed a NULL pointer dereference when using file upload
    functionality under specific circumstances (bsc#1165280).
    
    CVE-2020-7063: Fixed an issue where adding files change the
    permissions to default (bsc#1165289).
    
    CVE-2020-7059: Fixed an out of bounds read in php_strip_tags_ex which
    may have led to denial of service (bsc#1162629).
    
    CVE-2020-7060: Fixed a global buffer overflow in
    mbfl_filt_conv_big5_wchar which may have led to memory corruption
    (bsc#1162632).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1162629"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1162632"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1165280"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1165289"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2020-7059/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2020-7060/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2020-7062/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2020-7063/"
      );
      # https://www.suse.com/support/update/announcement/2020/suse-su-20200622-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?2eb108d0"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Server for SAP 15:zypper in -t patch
    SUSE-SLE-Product-SLES_SAP-15-2020-622=1
    
    SUSE Linux Enterprise Server 15-LTSS:zypper in -t patch
    SUSE-SLE-Product-SLES-15-2020-622=1
    
    SUSE Linux Enterprise Module for Web Scripting 15-SP1:zypper in -t
    patch SUSE-SLE-Module-Web-Scripting-15-SP1-2020-622=1
    
    SUSE Linux Enterprise Module for Open Buildservice Development Tools
    15-SP1:zypper in -t patch
    SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-622=1
    
    SUSE Linux Enterprise High Performance Computing 15-LTSS:zypper in -t
    patch SUSE-SLE-Product-HPC-15-2020-622=1
    
    SUSE Linux Enterprise High Performance Computing 15-ESPOS:zypper in -t
    patch SUSE-SLE-Product-HPC-15-2020-622=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php7");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php7-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-bcmath-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-bz2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-calendar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ctype-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-curl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-dba-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-dom-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-embed");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-embed-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-enchant-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-exif-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fastcgi-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fileinfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fileinfo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fpm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ftp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gettext-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-iconv-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-intl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-json-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ldap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-mbstring-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-mysql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-odbc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-opcache");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-opcache-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-openssl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pcntl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pdo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pgsql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-phar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-phar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-posix-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-readline");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-readline-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-shmop-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-snmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-soap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sockets-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sodium");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sodium-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sqlite-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvmsg-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvsem-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvshm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-tidy-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-tokenizer-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-wddx-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlreader-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlrpc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlwriter-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xsl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-zip-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-zlib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-zlib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/03/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/10");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES15" && (! preg(pattern:"^(0|1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0/1", os_ver + " SP" + sp);
    if (os_ver == "SLED15" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP1", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES15", sp:"1", reference:"apache2-mod_php7-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"apache2-mod_php7-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-bcmath-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-bcmath-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-bz2-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-bz2-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-calendar-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-calendar-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-ctype-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-ctype-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-curl-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-curl-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-dba-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-dba-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-debugsource-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-devel-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-dom-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-dom-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-enchant-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-enchant-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-exif-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-exif-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-fastcgi-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-fastcgi-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-fileinfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-fileinfo-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-fpm-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-fpm-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-ftp-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-ftp-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-gd-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-gd-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-gettext-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-gettext-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-gmp-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-gmp-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-iconv-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-iconv-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-intl-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-intl-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-json-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-json-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-ldap-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-ldap-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-mbstring-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-mbstring-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-mysql-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-mysql-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-odbc-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-odbc-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-opcache-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-opcache-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-openssl-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-openssl-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-pcntl-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-pcntl-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-pdo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-pdo-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-pgsql-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-pgsql-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-phar-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-phar-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-posix-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-posix-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-shmop-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-shmop-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-snmp-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-snmp-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-soap-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-soap-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sockets-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sockets-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sodium-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sodium-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sqlite-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sqlite-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sysvmsg-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sysvmsg-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sysvsem-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sysvsem-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sysvshm-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sysvshm-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-tokenizer-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-tokenizer-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-wddx-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-wddx-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xmlreader-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xmlreader-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xmlrpc-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xmlrpc-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xmlwriter-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xmlwriter-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xsl-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xsl-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-zip-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-zip-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-zlib-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-zlib-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-debugsource-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-embed-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-embed-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-readline-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-readline-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sodium-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sodium-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-tidy-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", reference:"php7-tidy-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"apache2-mod_php7-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"apache2-mod_php7-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-bcmath-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-bcmath-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-bz2-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-bz2-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-calendar-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-calendar-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-ctype-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-ctype-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-curl-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-curl-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-dba-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-dba-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-debugsource-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-devel-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-dom-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-dom-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-enchant-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-enchant-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-exif-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-exif-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-fastcgi-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-fastcgi-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-fileinfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-fileinfo-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-fpm-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-fpm-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-ftp-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-ftp-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-gd-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-gd-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-gettext-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-gettext-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-gmp-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-gmp-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-iconv-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-iconv-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-intl-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-intl-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-json-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-json-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-ldap-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-ldap-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-mbstring-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-mbstring-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-mysql-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-mysql-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-odbc-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-odbc-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-opcache-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-opcache-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-openssl-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-openssl-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-pcntl-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-pcntl-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-pdo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-pdo-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-pgsql-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-pgsql-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-phar-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-phar-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-posix-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-posix-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-shmop-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-shmop-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-snmp-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-snmp-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-soap-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-soap-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sockets-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sockets-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sodium-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sodium-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sqlite-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sqlite-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sysvmsg-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sysvmsg-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sysvsem-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sysvsem-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sysvshm-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sysvshm-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-tokenizer-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-tokenizer-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-wddx-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-wddx-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xmlreader-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xmlreader-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xmlrpc-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xmlrpc-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xmlwriter-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xmlwriter-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xsl-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xsl-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-zip-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-zip-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-zlib-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-zlib-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"php7-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"php7-debugsource-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"php7-embed-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"php7-embed-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"php7-readline-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"php7-readline-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"php7-sodium-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"php7-sodium-debuginfo-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"php7-tidy-7.2.5-4.52.4")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", reference:"php7-tidy-debuginfo-7.2.5-4.52.4")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php7");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0522-1.NASL
    descriptionThis update for php5 fixes the following issues : Security issues fixed : CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail() (bsc#1146360). CVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment() (bsc#1145095). CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999). CVE-2019-11045: Fixed an issue with the PHP DirectoryIterator class that accepts filenames with embedded \0 bytes (bsc#1159923). CVE-2019-11046: Fixed an out-of-bounds read in bc_shift_addsub (bsc#1159924). CVE-2019-11047: Fixed an information disclosure in exif_read_data (bsc#1159922). CVE-2019-11050: Fixed a buffer over-read in the EXIF extension (bsc#1159927). CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex (bsc#1162629). CVE-2020-7060: Fixed a global buffer-overflow in mbfl_filt_conv_big5_wchar (bsc#1162632). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-18
    modified2020-03-02
    plugin id134199
    published2020-03-02
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134199
    titleSUSE SLES12 Security Update : php5 (SUSE-SU-2020:0522-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2020:0522-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(134199);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/09");
    
      script_cve_id("CVE-2019-11041", "CVE-2019-11042", "CVE-2019-11043", "CVE-2019-11045", "CVE-2019-11046", "CVE-2019-11047", "CVE-2019-11050", "CVE-2020-7059", "CVE-2020-7060");
    
      script_name(english:"SUSE SLES12 Security Update : php5 (SUSE-SU-2020:0522-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for php5 fixes the following issues :
    
    Security issues fixed :
    
    CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail()
    (bsc#1146360).
    
    CVE-2019-11042: Fixed heap buffer over-read in
    exif_process_user_comment() (bsc#1145095).
    
    CVE-2019-11043: Fixed possible remote code execution via env_path_info
    underflow in fpm_main.c (bsc#1154999).
    
    CVE-2019-11045: Fixed an issue with the PHP DirectoryIterator class
    that accepts filenames with embedded \0 bytes (bsc#1159923).
    
    CVE-2019-11046: Fixed an out-of-bounds read in bc_shift_addsub
    (bsc#1159924).
    
    CVE-2019-11047: Fixed an information disclosure in exif_read_data
    (bsc#1159922).
    
    CVE-2019-11050: Fixed a buffer over-read in the EXIF extension
    (bsc#1159927).
    
    CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex
    (bsc#1162629).
    
    CVE-2020-7060: Fixed a global buffer-overflow in
    mbfl_filt_conv_big5_wchar (bsc#1162632).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1145095"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1146360"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1154999"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1159922"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1159923"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1159924"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1159927"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1161982"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1162629"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1162632"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11041/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11042/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11043/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11045/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11046/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11047/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11050/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2020-7059/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2020-7060/"
      );
      # https://www.suse.com/support/update/announcement/2020/suse-su-20200522-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?7e9a53cf"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t
    patch SUSE-SLE-SDK-12-SP4-2020-522=1
    
    SUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch
    SUSE-SLE-Module-Web-Scripting-12-2020-522=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'PHP-FPM Underflow RCE');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-curl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dba-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dom-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-exif-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fileinfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-imap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-intl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-json-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-opcache");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-opcache-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-phar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-phar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-posix-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-soap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-suhosin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zip-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zlib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/09");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/02/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/02");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php5-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php5-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bcmath-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bcmath-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bz2-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bz2-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-calendar-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-calendar-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ctype-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ctype-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-curl-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-curl-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dba-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dba-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-debugsource-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dom-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dom-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-enchant-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-enchant-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-exif-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-exif-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fastcgi-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fastcgi-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fileinfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fileinfo-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fpm-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fpm-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ftp-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ftp-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gd-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gd-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gettext-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gettext-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gmp-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gmp-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-iconv-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-iconv-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-imap-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-imap-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-intl-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-intl-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-json-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-json-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ldap-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ldap-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mbstring-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mbstring-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mcrypt-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mcrypt-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mysql-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mysql-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-odbc-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-odbc-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-opcache-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-opcache-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-openssl-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-openssl-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pcntl-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pcntl-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pdo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pdo-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pgsql-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pgsql-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-phar-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-phar-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-posix-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-posix-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pspell-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pspell-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-shmop-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-shmop-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-snmp-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-snmp-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-soap-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-soap-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sockets-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sockets-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sqlite-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sqlite-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-suhosin-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-suhosin-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvmsg-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvmsg-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvsem-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvsem-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvshm-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvshm-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-tokenizer-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-tokenizer-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-wddx-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-wddx-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlreader-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlreader-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlrpc-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlrpc-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlwriter-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlwriter-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xsl-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xsl-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zip-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zip-debuginfo-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zlib-5.5.14-109.68.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zlib-debuginfo-5.5.14-109.68.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php5");
    }
    
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2020-1347.NASL
    descriptionWhen using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash. (CVE-2020-7059) When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash. (CVE-2020-7060)
    last seen2020-03-17
    modified2020-02-28
    plugin id134120
    published2020-02-28
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134120
    titleAmazon Linux AMI : php73 (ALAS-2020-1347)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Amazon Linux AMI Security Advisory ALAS-2020-1347.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(134120);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/06");
    
      script_cve_id("CVE-2020-7059", "CVE-2020-7060");
      script_xref(name:"ALAS", value:"2020-1347");
    
      script_name(english:"Amazon Linux AMI : php73 (ALAS-2020-1347)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Amazon Linux AMI host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "When using fgetss() function to read data with stripping tags, in PHP
    versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2
    it is possible to supply data that will cause this function to read
    past the allocated buffer. This may lead to information disclosure or
    crash. (CVE-2020-7059)
    
    When using certain mbstring functions to convert multibyte encodings,
    in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below
    7.4.2 it is possible to supply data that will cause function
    mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may
    lead to information disclosure or crash. (CVE-2020-7060)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://alas.aws.amazon.com/ALAS-2020-1347.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Run 'yum update php73' to update your system."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-embedded");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-mysqlnd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-opcache");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pdo-dblib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-process");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-recode");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-xml");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/02/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/28");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Amazon Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/AmazonLinux/release");
    if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
    os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
    os_ver = os_ver[1];
    if (os_ver != "A")
    {
      if (os_ver == 'A') os_ver = 'AMI';
      audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
    }
    
    if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (rpm_check(release:"ALA", reference:"php73-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-bcmath-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-cli-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-common-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-dba-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-dbg-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-debuginfo-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-devel-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-embedded-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-enchant-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-fpm-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-gd-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-gmp-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-imap-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-intl-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-json-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-ldap-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-mbstring-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-mysqlnd-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-odbc-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-opcache-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-pdo-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-pdo-dblib-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-pgsql-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-process-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-pspell-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-recode-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-snmp-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-soap-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-tidy-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-xml-7.3.14-1.23.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php73-xmlrpc-7.3.14-1.23.amzn1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php73 / php73-bcmath / php73-cli / php73-common / php73-dba / etc");
    }
    
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2020-1346.NASL
    descriptionWhen using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash. (CVE-2020-7059) When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash. (CVE-2020-7060)
    last seen2020-03-17
    modified2020-02-28
    plugin id134119
    published2020-02-28
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134119
    titleAmazon Linux AMI : php72 (ALAS-2020-1346)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Amazon Linux AMI Security Advisory ALAS-2020-1346.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(134119);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/06");
    
      script_cve_id("CVE-2020-7059", "CVE-2020-7060");
      script_xref(name:"ALAS", value:"2020-1346");
    
      script_name(english:"Amazon Linux AMI : php72 (ALAS-2020-1346)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Amazon Linux AMI host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "When using fgetss() function to read data with stripping tags, in PHP
    versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2
    it is possible to supply data that will cause this function to read
    past the allocated buffer. This may lead to information disclosure or
    crash. (CVE-2020-7059)
    
    When using certain mbstring functions to convert multibyte encodings,
    in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below
    7.4.2 it is possible to supply data that will cause function
    mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may
    lead to information disclosure or crash. (CVE-2020-7060)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://alas.aws.amazon.com/ALAS-2020-1346.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Run 'yum update php72' to update your system."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-embedded");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-mysqlnd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-opcache");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-pdo-dblib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-process");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-recode");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-xml");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/02/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/28");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Amazon Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/AmazonLinux/release");
    if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
    os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
    os_ver = os_ver[1];
    if (os_ver != "A")
    {
      if (os_ver == 'A') os_ver = 'AMI';
      audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
    }
    
    if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (rpm_check(release:"ALA", reference:"php72-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-bcmath-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-cli-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-common-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-dba-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-dbg-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-debuginfo-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-devel-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-embedded-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-enchant-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-fpm-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-gd-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-gmp-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-imap-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-intl-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-json-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-ldap-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-mbstring-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-mysqlnd-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-odbc-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-opcache-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-pdo-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-pdo-dblib-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-pgsql-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-process-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-pspell-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-recode-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-snmp-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-soap-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-tidy-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-xml-7.2.27-1.20.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"php72-xmlrpc-7.2.27-1.20.amzn1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php72 / php72-bcmath / php72-cli / php72-common / php72-dba / etc");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2020-DCA9810FD2.NASL
    description**PHP version 7.3.14** (23 Jan 2020) **Core** - Fixed bug php#78999 (Cycle leak when using function result as temporary). (Dmitry) **CURL:** - Fixed bug php#79033 (Curl timeout error with specific url and post). (cmb) **Date:** - Fixed bug php#79015 (undefined-behavior in php_date.c). (cmb) **DBA:** - Fixed bug php#78808 ([LMDB] MDB_MAP_FULL: Environment mapsize limit reached). (cmb) **Fileinfo:** - Fixed bug php#74170 (locale information change after mime_content_type). (Sergei Turchanov) **GD:** - Fixed bug php#78923 (Artifacts when convoluting image with transparency). (wilson chen) - Fixed bug php#79067 (gdTransformAffineCopy() may use uninitialized values). (cmb) - Fixed bug php#79068 (gdTransformAffineCopy() changes interpolation method). (cmb) **Libxml:** - Fixed bug php#79029 (Use After Free
    last seen2020-06-01
    modified2020-06-02
    plugin id133430
    published2020-02-03
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133430
    titleFedora 31 : php (2020-dca9810fd2)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2020-dca9810fd2.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(133430);
      script_version("1.4");
      script_cvs_date("Date: 2020/02/14");
    
      script_cve_id("CVE-2020-7059", "CVE-2020-7060");
      script_xref(name:"FEDORA", value:"2020-dca9810fd2");
    
      script_name(english:"Fedora 31 : php (2020-dca9810fd2)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "**PHP version 7.3.14** (23 Jan 2020)
    
    **Core**
    
      - Fixed bug php#78999 (Cycle leak when using function
        result as temporary). (Dmitry)
    
    **CURL:**
    
      - Fixed bug php#79033 (Curl timeout error with specific
        url and post). (cmb)
    
    **Date:**
    
      - Fixed bug php#79015 (undefined-behavior in php_date.c).
        (cmb)
    
    **DBA:**
    
      - Fixed bug php#78808 ([LMDB] MDB_MAP_FULL: Environment
        mapsize limit reached). (cmb)
    
    **Fileinfo:**
    
      - Fixed bug php#74170 (locale information change after
        mime_content_type). (Sergei Turchanov)
    
    **GD:**
    
      - Fixed bug php#78923 (Artifacts when convoluting image
        with transparency). (wilson chen)
    
      - Fixed bug php#79067 (gdTransformAffineCopy() may use
        uninitialized values). (cmb)
    
      - Fixed bug php#79068 (gdTransformAffineCopy() changes
        interpolation method). (cmb)
    
    **Libxml:**
    
      - Fixed bug php#79029 (Use After Free's in XMLReader /
        XMLWriter). (Laruence)
    
    **Mbstring:**
    
      - Fixed bug php#79037 (global buffer-overflow in
        `mbfl_filt_conv_big5_wchar`). (CVE-2020-7060) (Nikita)
    
    **OPcache:**
    
      - Fixed bug php#79040 (Warning Opcode handlers are
        unusable due to ASLR). (cmb)
    
    **Pcntl:**
    
      - Fixed bug php#78402 (Converting null to string in error
        message is bad DX). (SAT&#x14C; Kentar&#x14D;)
    
    **PDO_PgSQL:**
    
      - Fixed bug php#78983 (pdo_pgsql config.w32 cannot find
        libpq-fe.h). (SAT&#x14C; Kentar&#x14D;)
    
      - Fixed bug php#78980 (pgsqlGetNotify() overlooks dead
        connection). (SAT&#x14C; Kentar&#x14D;)
    
      - Fixed bug php#78982 (pdo_pgsql returns dead persistent
        connection). (SAT&#x14C; Kentar&#x14D;)
    
    **Session:**
    
      - Fixed bug php#79091 (heap use-after-free in
        session_create_id()). (cmb, Nikita)
    
    **Shmop:**
    
      - Fixed bug php#78538 (shmop memory leak). (cmb)
    
    **Standard:**
    
      - Fixed bug php#79099 (OOB read in php_strip_tags_ex).
        (CVE-2020-7059). (cmb)
    
      - Fixed bug php#54298 (Using empty additional_headers
        adding extraneous CRLF). (cmb)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2020-dca9810fd2"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected php package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:php");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:31");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/02/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/03");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^31([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 31", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC31", reference:"php-7.3.14-1.fc31")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4628.NASL
    descriptionMultiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names.
    last seen2020-03-17
    modified2020-02-20
    plugin id133815
    published2020-02-20
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133815
    titleDebian DSA-4628-1 : php7.0 - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-4628. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(133815);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24");
    
      script_cve_id("CVE-2019-11045", "CVE-2019-11046", "CVE-2019-11047", "CVE-2019-11050", "CVE-2020-7059", "CVE-2020-7060");
      script_xref(name:"DSA", value:"4628");
    
      script_name(english:"Debian DSA-4628-1 : php7.0 - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple security issues were found in PHP, a widely-used open source
    general purpose scripting language which could result in information
    disclosure, denial of service or incorrect validation of path names."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/source-package/php7.0"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/stretch/php7.0"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2020/dsa-4628"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the php7.0 packages.
    
    For the oldstable distribution (stretch), these problems have been
    fixed in version 7.0.33-0+deb9u7."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php7.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/23");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/02/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/20");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"9.0", prefix:"libapache2-mod-php7.0", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"libphp7.0-embed", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-bcmath", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-bz2", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-cgi", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-cli", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-common", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-curl", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-dba", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-dev", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-enchant", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-fpm", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-gd", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-gmp", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-imap", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-interbase", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-intl", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-json", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-ldap", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-mbstring", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-mcrypt", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-mysql", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-odbc", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-opcache", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-pgsql", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-phpdbg", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-pspell", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-readline", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-recode", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-snmp", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-soap", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-sqlite3", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-sybase", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-tidy", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-xml", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-xmlrpc", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-xsl", reference:"7.0.33-0+deb9u7")) flag++;
    if (deb_check(release:"9.0", prefix:"php7.0-zip", reference:"7.0.33-0+deb9u7")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-2124.NASL
    descriptionTwo issues have been found in php5, a server-side, HTML-embedded scripting language. Both issues are related to crafted data that could lead to reading after an allocated buffer and result in information disclosure or crash. For Debian 8
    last seen2020-03-17
    modified2020-03-02
    plugin id134175
    published2020-03-02
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134175
    titleDebian DLA-2124-1 : php5 security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Debian Security Advisory DLA-2124-1. The text
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(134175);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/06");
    
      script_cve_id("CVE-2020-7059", "CVE-2020-7060");
    
      script_name(english:"Debian DLA-2124-1 : php5 security update");
      script_summary(english:"Checks dpkg output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Two issues have been found in php5, a server-side, HTML-embedded
    scripting language. Both issues are related to crafted data that could
    lead to reading after an allocated buffer and result in information
    disclosure or crash.
    
    For Debian 8 'Jessie', these problems have been fixed in version
    5.6.40+dfsg-0+deb8u9.
    
    We recommend that you upgrade your php5 packages.
    
    NOTE: Tenable Network Security has extracted the preceding description
    block directly from the DLA security advisory. Tenable has attempted
    to automatically clean and format it as much as possible without
    introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/jessie/php5"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libapache2-mod-php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libphp5-embed");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php-pear");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-cgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-interbase");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-mcrypt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-mysqlnd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-phpdbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-readline");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-recode");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-sybase");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-xsl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/02/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/02");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"8.0", prefix:"libapache2-mod-php5", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"libapache2-mod-php5filter", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"libphp5-embed", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php-pear", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-cgi", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-cli", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-common", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-curl", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-dbg", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-dev", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-enchant", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-fpm", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-gd", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-gmp", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-imap", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-interbase", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-intl", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-ldap", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-mcrypt", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-mysql", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-mysqlnd", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-odbc", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-pgsql", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-phpdbg", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-pspell", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-readline", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-recode", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-snmp", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-sqlite", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-sybase", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-tidy", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-xmlrpc", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    if (deb_check(release:"8.0", prefix:"php5-xsl", reference:"5.6.40+dfsg-0+deb8u9")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-202003-57.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-202003-57 (PHP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly execute arbitrary shell commands, cause a Denial of Service condition or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen2020-04-30
    modified2020-03-27
    plugin id134965
    published2020-03-27
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134965
    titleGLSA-202003-57 : PHP: Multiple vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 202003-57.
    #
    # The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(134965);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/04/24");
    
      script_cve_id("CVE-2018-19518", "CVE-2020-7059", "CVE-2020-7060", "CVE-2020-7061", "CVE-2020-7062", "CVE-2020-7063", "CVE-2020-7064", "CVE-2020-7065", "CVE-2020-7066");
      script_xref(name:"GLSA", value:"202003-57");
    
      script_name(english:"GLSA-202003-57 : PHP: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-202003-57
    (PHP: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in PHP. Please review the
          CVE identifiers referenced below for details.
      
    Impact :
    
        An attacker could possibly execute arbitrary shell commands, cause a
          Denial of Service condition or obtain sensitive information.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/202003-57"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All PHP 7.2.x users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=dev-lang/php-7.2.29:7.2'
        All PHP 7.3.x users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=dev-lang/php-7.3.16:7.3'
        All PHP 7.4.x users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=dev-lang/php-7.4.4:7.4'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-19518");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'php imap_open Remote Code Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:php");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/11/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/03/26");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/27");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"dev-lang/php", unaffected:make_list("ge 7.2.29", "ge 7.3.16", "ge 7.4.4"), vulnerable:make_list("lt 7.2.29", "lt 7.3.16", "lt 7.4.4"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "PHP");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4626.NASL
    descriptionMultiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names.
    last seen2020-03-17
    modified2020-02-18
    plugin id133733
    published2020-02-18
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133733
    titleDebian DSA-4626-1 : php7.3 - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-4626. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(133733);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/20");
    
      script_cve_id("CVE-2019-11045", "CVE-2019-11046", "CVE-2019-11047", "CVE-2019-11049", "CVE-2019-11050", "CVE-2020-7059", "CVE-2020-7060");
      script_xref(name:"DSA", value:"4626");
    
      script_name(english:"Debian DSA-4626-1 : php7.3 - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple security issues were found in PHP, a widely-used open source
    general purpose scripting language which could result in information
    disclosure, denial of service or incorrect validation of path names."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/source-package/php7.3"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/buster/php7.3"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2020/dsa-4626"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the php7.3 packages.
    
    For the stable distribution (buster), these problems have been fixed
    in version 7.3.14-1~deb10u1."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php7.3");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/23");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/02/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/18");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"10.0", prefix:"libapache2-mod-php7.3", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libphp7.3-embed", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-bcmath", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-bz2", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-cgi", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-cli", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-common", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-curl", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-dba", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-dev", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-enchant", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-fpm", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-gd", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-gmp", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-imap", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-interbase", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-intl", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-json", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-ldap", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-mbstring", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-mysql", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-odbc", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-opcache", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-pgsql", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-phpdbg", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-pspell", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-readline", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-recode", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-snmp", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-soap", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-sqlite3", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-sybase", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-tidy", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-xml", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-xmlrpc", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-xsl", reference:"7.3.14-1~deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"php7.3-zip", reference:"7.3.14-1~deb10u1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2020-F9D2203F3B.NASL
    description**PHP version 7.3.14** (23 Jan 2020) **Core** - Fixed bug php#78999 (Cycle leak when using function result as temporary). (Dmitry) **CURL:** - Fixed bug php#79033 (Curl timeout error with specific url and post). (cmb) **Date:** - Fixed bug php#79015 (undefined-behavior in php_date.c). (cmb) **DBA:** - Fixed bug php#78808 ([LMDB] MDB_MAP_FULL: Environment mapsize limit reached). (cmb) **Fileinfo:** - Fixed bug php#74170 (locale information change after mime_content_type). (Sergei Turchanov) **GD:** - Fixed bug php#78923 (Artifacts when convoluting image with transparency). (wilson chen) - Fixed bug php#79067 (gdTransformAffineCopy() may use uninitialized values). (cmb) - Fixed bug php#79068 (gdTransformAffineCopy() changes interpolation method). (cmb) **Libxml:** - Fixed bug php#79029 (Use After Free
    last seen2020-06-01
    modified2020-06-02
    plugin id133379
    published2020-01-31
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133379
    titleFedora 30 : php (2020-f9d2203f3b)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2020-f9d2203f3b.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(133379);
      script_version("1.4");
      script_cvs_date("Date: 2020/02/14");
    
      script_cve_id("CVE-2020-7059", "CVE-2020-7060");
      script_xref(name:"FEDORA", value:"2020-f9d2203f3b");
    
      script_name(english:"Fedora 30 : php (2020-f9d2203f3b)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "**PHP version 7.3.14** (23 Jan 2020)
    
    **Core**
    
      - Fixed bug php#78999 (Cycle leak when using function
        result as temporary). (Dmitry)
    
    **CURL:**
    
      - Fixed bug php#79033 (Curl timeout error with specific
        url and post). (cmb)
    
    **Date:**
    
      - Fixed bug php#79015 (undefined-behavior in php_date.c).
        (cmb)
    
    **DBA:**
    
      - Fixed bug php#78808 ([LMDB] MDB_MAP_FULL: Environment
        mapsize limit reached). (cmb)
    
    **Fileinfo:**
    
      - Fixed bug php#74170 (locale information change after
        mime_content_type). (Sergei Turchanov)
    
    **GD:**
    
      - Fixed bug php#78923 (Artifacts when convoluting image
        with transparency). (wilson chen)
    
      - Fixed bug php#79067 (gdTransformAffineCopy() may use
        uninitialized values). (cmb)
    
      - Fixed bug php#79068 (gdTransformAffineCopy() changes
        interpolation method). (cmb)
    
    **Libxml:**
    
      - Fixed bug php#79029 (Use After Free's in XMLReader /
        XMLWriter). (Laruence)
    
    **Mbstring:**
    
      - Fixed bug php#79037 (global buffer-overflow in
        `mbfl_filt_conv_big5_wchar`). (CVE-2020-7060) (Nikita)
    
    **OPcache:**
    
      - Fixed bug php#79040 (Warning Opcode handlers are
        unusable due to ASLR). (cmb)
    
    **Pcntl:**
    
      - Fixed bug php#78402 (Converting null to string in error
        message is bad DX). (SAT&#x14C; Kentar&#x14D;)
    
    **PDO_PgSQL:**
    
      - Fixed bug php#78983 (pdo_pgsql config.w32 cannot find
        libpq-fe.h). (SAT&#x14C; Kentar&#x14D;)
    
      - Fixed bug php#78980 (pgsqlGetNotify() overlooks dead
        connection). (SAT&#x14C; Kentar&#x14D;)
    
      - Fixed bug php#78982 (pdo_pgsql returns dead persistent
        connection). (SAT&#x14C; Kentar&#x14D;)
    
    **Session:**
    
      - Fixed bug php#79091 (heap use-after-free in
        session_create_id()). (cmb, Nikita)
    
    **Shmop:**
    
      - Fixed bug php#78538 (shmop memory leak). (cmb)
    
    **Standard:**
    
      - Fixed bug php#79099 (OOB read in php_strip_tags_ex).
        (CVE-2020-7059). (cmb)
    
      - Fixed bug php#54298 (Using empty additional_headers
        adding extraneous CRLF). (cmb)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2020-f9d2203f3b"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected php package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:php");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:30");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/01/31");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/31");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^30([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 30", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC30", reference:"php-7.3.14-1.fc30")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2020-341.NASL
    descriptionThis update for php7 fixes the following issues : - CVE-2020-7062: Fixed a NULL pointer dereference when using file upload functionality under specific circumstances (bsc#1165280). - CVE-2020-7063: Fixed an issue where adding files change the permissions to default (bsc#1165289). - CVE-2020-7059: Fixed an out of bounds read in php_strip_tags_ex which may have led to denial of service (bsc#1162629). - CVE-2020-7060: Fixed a global buffer overflow in mbfl_filt_conv_big5_wchar which may have led to memory corruption (bsc#1162632). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-03-19
    modified2020-03-16
    plugin id134618
    published2020-03-16
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134618
    titleopenSUSE Security Update : php7 (openSUSE-2020-341)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2020-341.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(134618);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/18");
    
      script_cve_id("CVE-2020-7059", "CVE-2020-7060", "CVE-2020-7062", "CVE-2020-7063");
    
      script_name(english:"openSUSE Security Update : php7 (openSUSE-2020-341)");
      script_summary(english:"Check for the openSUSE-2020-341 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for php7 fixes the following issues :
    
      - CVE-2020-7062: Fixed a NULL pointer dereference when
        using file upload functionality under specific
        circumstances (bsc#1165280).
    
      - CVE-2020-7063: Fixed an issue where adding files change
        the permissions to default (bsc#1165289).
    
      - CVE-2020-7059: Fixed an out of bounds read in
        php_strip_tags_ex which may have led to denial of
        service (bsc#1162629).
    
      - CVE-2020-7060: Fixed a global buffer overflow in
        mbfl_filt_conv_big5_wchar which may have led to memory
        corruption (bsc#1162632). 
    
    This update was imported from the SUSE:SLE-15:Update update project."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1162629"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1162632"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1165280"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1165289"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected php7 packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php7");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php7-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bcmath-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bz2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-calendar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ctype-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-curl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dba-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dom-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-embed");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-embed-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-enchant-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-exif-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fastcgi-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fileinfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fileinfo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-firebird");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-firebird-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fpm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ftp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gettext-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-iconv-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-intl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-json-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ldap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mbstring-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mysql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-odbc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-opcache");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-opcache-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-openssl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pcntl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pdo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pear");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pear-Archive_Tar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pgsql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-phar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-phar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-posix-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-readline");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-readline-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-shmop-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-snmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-soap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sockets-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sodium");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sodium-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sqlite-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvmsg-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvsem-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvshm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-test");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tidy-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tokenizer-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-wddx-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlreader-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlrpc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlwriter-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xsl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zip-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zlib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zlib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/03/15");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/16");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE15.1", reference:"apache2-mod_php7-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"apache2-mod_php7-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-bcmath-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-bcmath-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-bz2-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-bz2-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-calendar-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-calendar-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-ctype-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-ctype-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-curl-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-curl-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-dba-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-dba-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-debugsource-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-devel-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-dom-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-dom-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-embed-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-embed-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-enchant-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-enchant-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-exif-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-exif-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-fastcgi-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-fastcgi-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-fileinfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-fileinfo-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-firebird-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-firebird-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-fpm-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-fpm-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-ftp-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-ftp-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-gd-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-gd-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-gettext-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-gettext-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-gmp-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-gmp-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-iconv-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-iconv-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-intl-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-intl-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-json-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-json-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-ldap-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-ldap-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-mbstring-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-mbstring-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-mysql-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-mysql-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-odbc-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-odbc-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-opcache-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-opcache-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-openssl-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-openssl-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-pcntl-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-pcntl-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-pdo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-pdo-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-pear-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-pear-Archive_Tar-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-pgsql-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-pgsql-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-phar-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-phar-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-posix-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-posix-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-readline-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-readline-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-shmop-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-shmop-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-snmp-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-snmp-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-soap-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-soap-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-sockets-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-sockets-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-sodium-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-sodium-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-sqlite-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-sqlite-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-sysvmsg-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-sysvmsg-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-sysvsem-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-sysvsem-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-sysvshm-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-sysvshm-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-test-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-tidy-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-tidy-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-tokenizer-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-tokenizer-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-wddx-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-wddx-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-xmlreader-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-xmlreader-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-xmlrpc-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-xmlrpc-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-xmlwriter-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-xmlwriter-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-xsl-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-xsl-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-zip-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-zip-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-zlib-7.2.5-lp151.6.22.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"php7-zlib-debuginfo-7.2.5-lp151.6.22.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2-mod_php7 / apache2-mod_php7-debuginfo / php7 / php7-bcmath / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0397-1.NASL
    descriptionThis update for php72 fixes the following issues : Security issues fixed : CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex (bsc#1162629). CVE-2020-7060: Fixed a global buffer-overflow in mbfl_filt_conv_big5_wchar (bsc#1162632). CVE-2019-20433: Fixed a buffer over-read when processing strings ending with a single
    last seen2020-03-18
    modified2020-02-19
    plugin id133792
    published2020-02-19
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133792
    titleSUSE SLES12 Security Update : php72 (SUSE-SU-2020:0397-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2020:0397-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(133792);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24");
    
      script_cve_id("CVE-2019-20433", "CVE-2020-7059", "CVE-2020-7060");
    
      script_name(english:"SUSE SLES12 Security Update : php72 (SUSE-SU-2020:0397-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for php72 fixes the following issues :
    
    Security issues fixed :
    
    CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex
    (bsc#1162629).
    
    CVE-2020-7060: Fixed a global buffer-overflow in
    mbfl_filt_conv_big5_wchar (bsc#1162632).
    
    CVE-2019-20433: Fixed a buffer over-read when processing strings
    ending with a single '\0' byte with ucs-2 and ucs-4 encoding
    (bsc#1161982).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1161982"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1162629"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1162632"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-20433/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2020-7059/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2020-7060/"
      );
      # https://www.suse.com/support/update/announcement/2020/suse-su-20200397-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a65ede57"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t
    patch SUSE-SLE-SDK-12-SP5-2020-397=1
    
    SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t
    patch SUSE-SLE-SDK-12-SP4-2020-397=1
    
    SUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch
    SUSE-SLE-Module-Web-Scripting-12-2020-397=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php72");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php72-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-bcmath");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-bcmath-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-bz2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-bz2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-calendar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-calendar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-ctype");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-ctype-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-curl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-curl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-dba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-dba-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-dom");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-dom-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-enchant");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-enchant-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-exif");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-exif-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-fastcgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-fastcgi-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-fileinfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-fileinfo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-fpm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-fpm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-ftp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-ftp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-gd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-gd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-gettext");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-gettext-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-gmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-gmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-iconv");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-iconv-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-imap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-imap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-intl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-intl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-json");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-json-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-ldap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-ldap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-mbstring");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-mbstring-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-mysql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-odbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-odbc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-opcache");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-opcache-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-openssl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-openssl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pcntl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pcntl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pdo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pdo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pgsql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pgsql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-phar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-phar-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-posix");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-posix-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pspell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pspell-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-readline");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-readline-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-shmop");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-shmop-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-snmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-snmp-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-soap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-soap-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sockets");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sockets-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sodium");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sodium-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sqlite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sqlite-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sysvmsg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sysvmsg-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sysvsem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sysvsem-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sysvshm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sysvshm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-tidy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-tidy-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-tokenizer");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-tokenizer-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-wddx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-wddx-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xmlreader");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xmlreader-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xmlrpc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xmlrpc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xmlwriter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xmlwriter-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xsl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xsl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-zip-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-zlib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-zlib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/01/27");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/02/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/19");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php72-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php72-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-bcmath-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-bcmath-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-bz2-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-bz2-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-calendar-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-calendar-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-ctype-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-ctype-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-curl-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-curl-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-dba-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-dba-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-debugsource-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-dom-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-dom-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-enchant-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-enchant-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-exif-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-exif-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-fastcgi-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-fastcgi-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-fileinfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-fileinfo-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-fpm-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-fpm-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-ftp-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-ftp-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-gd-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-gd-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-gettext-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-gettext-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-gmp-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-gmp-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-iconv-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-iconv-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-imap-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-imap-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-intl-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-intl-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-json-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-json-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-ldap-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-ldap-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-mbstring-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-mbstring-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-mysql-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-mysql-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-odbc-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-odbc-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-opcache-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-opcache-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-openssl-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-openssl-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pcntl-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pcntl-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pdo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pdo-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pgsql-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pgsql-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-phar-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-phar-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-posix-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-posix-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pspell-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pspell-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-readline-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-readline-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-shmop-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-shmop-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-snmp-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-snmp-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-soap-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-soap-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sockets-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sockets-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sodium-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sodium-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sqlite-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sqlite-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sysvmsg-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sysvmsg-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sysvsem-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sysvsem-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sysvshm-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sysvshm-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-tidy-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-tidy-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-tokenizer-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-tokenizer-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-wddx-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-wddx-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xmlreader-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xmlreader-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xmlrpc-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xmlrpc-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xmlwriter-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xmlwriter-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xsl-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xsl-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-zip-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-zip-debuginfo-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-zlib-7.2.5-1.37.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"php72-zlib-debuginfo-7.2.5-1.37.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php72");
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4279-2.NASL
    descriptionUSN-4279-1 fixed vulnerabilities in PHP. The updated packages caused a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details : It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2015-9253) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-7059) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2020-7060). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-18
    modified2020-02-20
    plugin id133840
    published2020-02-20
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133840
    titleUbuntu 16.04 LTS : php7.0 regression (USN-4279-2)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-4279-2. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(133840);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24");
    
      script_cve_id("CVE-2015-9253", "CVE-2020-7059", "CVE-2020-7060");
      script_xref(name:"USN", value:"4279-2");
    
      script_name(english:"Ubuntu 16.04 LTS : php7.0 regression (USN-4279-2)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "USN-4279-1 fixed vulnerabilities in PHP. The updated packages caused a
    regression. This update fixes the problem.
    
    We apologize for the inconvenience.
    
    Original advisory details :
    
    It was discovered that PHP incorrectly handled certain scripts. An
    attacker could possibly use this issue to cause a denial of service.
    This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu
    16.04 LTS. (CVE-2015-9253)
    
    It was discovered that PHP incorrectly handled certain
    inputs. An attacker could possibly use this issue to expose
    sensitive information. (CVE-2020-7059)
    
    It was discovered that PHP incorrectly handled certain
    inputs. An attacker could possibly use this issue to execute
    arbitrary code. This issue only affected Ubuntu 14.04 ESM,
    Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10.
    (CVE-2020-7060).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/4279-2/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-7060");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-cgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-fpm");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/02/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/02/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/20");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(16\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"16.04", pkgname:"libapache2-mod-php7.0", pkgver:"7.0.33-0ubuntu0.16.04.12")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"php7.0-cgi", pkgver:"7.0.33-0ubuntu0.16.04.12")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"php7.0-cli", pkgver:"7.0.33-0ubuntu0.16.04.12")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"php7.0-fpm", pkgver:"7.0.33-0ubuntu0.16.04.12")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libapache2-mod-php7.0 / php7.0-cgi / php7.0-cli / php7.0-fpm");
    }
    
  • NASL familyCGI abuses
    NASL idPHP_7_4_2.NASL
    descriptionAccording to its banner, the version of PHP running on the remote web server is either 7.2.x prior to 7.2.27, 7.3.x prior to 7.3.14, or 7.4.x prior to 7.4.2. It is, therefore, affected by multiple vulnerabilities: - An buffer overflow on the mbfl_filt_conv_big5_wchar` function. An unauthenticated, remote attacker can exploit this to leading to the disclosure of information within memory locations and possibly allow for the execution of malicious code. (CVE-2020-7060) - An out-of-bounds READ error exists in the php_strip_tags_ex due to an input validation error. An unauthenticated, remote attacker can exploit this, leading to the disclosure of information within some memory locations. (CVE-2020-7059)
    last seen2020-03-18
    modified2020-01-31
    plugin id133400
    published2020-01-31
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133400
    titlePHP 7.2.x < 7.2.27 / PHP 7.3.x < 7.3.14 / 7.4.x < 7.4.2 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include('compat.inc');
    
    if (description)
    {
      script_id(133400);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/28");
    
      script_cve_id("CVE-2020-7059", "CVE-2020-7060");
    
      script_name(english:"PHP 7.2.x < 7.2.27 / PHP 7.3.x < 7.3.14 / 7.4.x < 7.4.2 Multiple Vulnerabilities");
    
      script_set_attribute(attribute:"synopsis", value:
    "The version of PHP running on the remote web server is affected by
    multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "According to its banner, the version of PHP running on the remote web
    server is either 7.2.x prior to 7.2.27, 7.3.x prior to 7.3.14, or 
    7.4.x prior to 7.4.2. It is, therefore, affected by multiple vulnerabilities:
    
      - An buffer overflow on the mbfl_filt_conv_big5_wchar` function. An 
        unauthenticated, remote attacker can exploit this to leading to the 
        disclosure of information within memory locations and possibly allow 
        for the execution of malicious code. (CVE-2020-7060)
    
      - An out-of-bounds READ error exists in the php_strip_tags_ex due to
        an input validation error. An unauthenticated, remote attacker 
        can exploit this, leading to the disclosure of information within 
        some memory locations. (CVE-2020-7059)");
      script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-7.php#7.2.27");
      script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-7.php#7.3.14");
      script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-7.php#7.4.2");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to PHP version 7.2.27, 7.3.14, 7.4.2 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-7060");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/01/23");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/01/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/31");
    
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:php:php");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"CGI abuses");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("php_version.nasl");
      script_require_keys("www/PHP", "installed_sw/PHP", "Settings/ParanoidReport");
      script_require_ports("Services/www", 80);
    
      exit(0);
    }
    include('http.inc');
    include('vcf.inc');
    include('audit.inc');
    
    port = get_http_port(default:80, php:TRUE);
    app_info = vcf::get_app_info(app:'PHP', port:port, webapp:TRUE);
    
    backported = get_kb_item('www/php/' + port + '/' + app_info.version + '/backported');
    
    if ((report_paranoia < 2) && backported) audit(AUDIT_BACKPORT_SERVICE, port, 'PHP ' + app_info.version + ' install');
    
    constraints = [
        {'min_version':'7.2.0alpha1', 'fixed_version':'7.2.27'},
        {'min_version':'7.3.0alpha1', 'fixed_version':'7.3.14'},
        {'min_version':'7.4.0alpha1', 'fixed_version':'7.4.2'}
        ];
    vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);